You are awesome! Really awesome series i have watched 1-11 in one sitting and that was beautiful. I thank you very much for making this series it was very interesting to watch :)
So you just created a cell tower , Is it possible to communicate with other towers and make comercial towers think , your tower is one of them ..? A fake tower in middle of two real towers (MiTM) And steal routing infos etc
Hej, from Connecticut, USA. Around here, in Waterbury anyway, we have for our city a P-25 trunked system. In the past I was using with my R820T(Xsomething maybe,but it's R820T of some kind) SDR sharp with basically every plugin, the WinUSB driver, also "Virtual Audio Cable" so I could easily feed the two frequencies I'd lock onto into diff virtual mono audio feeds, and DSD plugin in SDR sharp too. At the same time for some reason to get voice I had to use Unitrunker at least as a voice decoder for say Virtual Audio Cable's Line 2 where I'd move around that frequency while keeping the first one locked onto the control channel, or one of them anyway. Long story short, it doesn't work in Win 10 anymore.. Unitrunker won't run. I'll be trying to fix it today, so if you or anyone have advice on this (I understand Windows 10's updates broke it basically) I'd appreciate it.
I haven't played much with trunked radio as it's almost non-existent here whenever I've looked. Emergency services here use an encrypted version of P25 as far as I know. (They just call it something else, but it sounds like encrypted trunked radio over different frequencies. I haven't looked into it that much though as every resource I read about this custom system says that it's almost impossible to sniff without "authorized equipment" on their "closed network".) Anyway, you're right that Windows 10 and various updates break a lot of programs, not just SDR Sharp. I am for example unable to use BladeRF properly with SDR# now. So I switched to SDR Console instead on Windows, as that also works natively with the transverter upgrade. In your case, you could either wait for an updated version of SDR#, plugins, drivers, etc. or you could reinstall the same programs inside a Windows 7 virtual machine for example. These virtual machines, albeit not activated, should work for at least 30 days: developer.microsoft.com/en-us/microsoft-edge/tools/vms/ They're meant to test Internet Explorer, but I've heard of malware analyst using them for malware analysis as well. Alternatively, you could try and move your setup/configuration to Linux instead. I'd recommend Ubuntu as it's has a large user-base and is generally quite well supported, and very easy to setup.
Hi sir , if you do some thing , try to focus screen view more larger because people who are watching this don't understand it . All the command and all the screen play must be larger Sir
Nice Video! i have a question, im using blade rf x40, when i run livemon theres no hex codes show up, then when i use grgsm_scanner i didnt get any data about frequency, or i must use cellphone?. so how can i can get the correct frequency?
I found this problem 2. I Had it up an running from the start. Several months later after not using it in upgraded 2 external antenna. Now the problems started . I uninstalled an reinstalled... it didn't fix the problem. I'm glad you have shown me the fix.. thank you. Where do u think the problems were from??
Maybe watch some of my videos about setting up Kali Linux in VMware and testing Damn Vulnerable Web Application locally inside a virtual machine. Also read some books such as The Web Application Hacker's Handbook. Only test this knowledge locally (that means only your own computer) and understand how the different attacks work. Once you're comfortable, go into the real world and only target bug bounty programs. (There are a lot, see hackerone.com/bug-bounty-programs for example. All those websites and companies allow you to try and hack them legally if you follow their rules.) When you've gained some decent knowledge and experience, maybe try to get a penetration testing job.
thank you for these videos. but i have a quention that, i decoded GSM voice A5/0 but i can not receive all the speech, i can decode only one part, and the size of the audio file speech.au.gsm is about 13Kb. can you tell me what is the reason? many thanks in advance!!!!
It's because channel hopping is enabled and gr-gsm does not handle that by default. You need to capture all of the channels where channel hopping occurs, and then you need to reassemble the packets back together. You can try Bogdan's patch to airprobe, but it may not work. However, you could try asking the gr-gsm developer to make a working tool for channel hopping enabled voice, or patch it yourself if you are skilled with GSM or protocols in general.
Hello friend, I have some questions: -In one comment you write: " To decrypt voice on a real network, you will need multiple RTL-SDRs, HackRF, BladeRF, LimeSDR, USRP, or similar. " . This video-example voice is in local? So I can't decrypt a real network with only a RTL-SDR? It can do IMSI Catcher, but it is of little use. -Can be decrypted also 3G/4G voice calls? -As far as I can see the process is very long and not at all easy .. do you confirm? -Why this, when with a fake towers you can really have ALL? (yeah, completely illegal ..)
On a real network you need multiple RTL-SDRs because of the bandwidth voice uses. RTL-SDR can only receive around 2.4MHz of bandwidth, and if the data channel is very far from the channel hopping data containing voice traffic then it is simply not possible to capture both at the same time with only one radio. The same goes for capturing WiFi data. You can't capture all WiFi channels at the same time with most radio or WiFi receivers. This video is a mix of a real network in the first part, and then a local demonstration because channel hopping decoding was not implemented into the programs I used at the time of this video. I am pretty sure I mentioned this in the video and made it clear I could not decode voice traffic on a real network at the time. There is a blog post on the Internet by "Bogdan" on how to decode channel hopping. I analyzed this method a few years ago when I made this video and it didn't work on my telco network as they use different technology it seems. Some of the channel hopping patterns on my network, at least at the time of testing, were much more complex. You can decrypt some traffic on real networks if: a) You have software that can decode this traffic; and b) You have a good enough radio, or multiple radios. In some cases, one or two RTL-SDRs is enough but you may need to modify the hardware in the RTL-SDRs to use the same crystal. RTL-SDR cannot be used as a real IMSI catcher. What you're referring to is a project that passively sniffs IMSI. Real IMSI catchers are active and are basically small cell towers. They are also a lot more expensive. I am not aware of any software that can decrypt 3G/4G/5G/6G voice calls. The process shown in this video is long and complex. It is meant to teach people how this technology works, not enable them to listen in on other people. If you don't understand how the system works, then you can't identify new types of vulnerabilities that may be unknown, or not very well known. Finally, this knowledge is a key part on how voice transmissions are made on these older 2G networks which are still in use in many countries.
I don't get a clue. The screen is to big to fit in my youtube android app. Never mind... I need your help. I live in an squat in the forest for 8 years till now. But i have to deal with multiple enemies. From neighboards stealing my wood, hunters bringing his dogs inside my garden where my hens are walking free, to cops who has forbiden to walk free to everybody, and i tried to take them to the juzge for that... I'm sufering, my man, but not surrending. Could you help me to rip the data bearing from those drones flying arround my home? Sometimes those are from thiefs, sometimes those are from the hunters and today i think it was from the cops. I have an sdr device there arround.
At the beginning during the voice call you saying "testing testing " at the end of the video when you playing VLC file we can hear "voice call test six" why there's a difference between those??
From what I can recall, I explained in the video that the file I decrypt and play back is from the researchers as channel hopping is enabled in my area. Channel hopping was not implemented well enough into the programs I used when I made this video. The first part of the video I showed what my packet would look like though, except for the channel hopping part. I haven't watched this video for a few years, but it should still work, maybe even gr-gsm has proper channel hopping support now. I did read Bogdan's research paper but his methods did not work for me, so I looked into the specs and quickly realized making a working tool would probably take weeks.
Kali Linux mostly, in some videos Ubuntu because compiling some programs in Kali doesn't work that well, even though Kali is based on Ubuntu. ua-cam.com/play/PLRovDyowOn5GI0Wpw1mJtk2TTDyW_hD67.html
Hi has anyone here seen these dongles you can attach to an android phone so you can send voice and text messages over the ham radio frequencies without a mobile phone network Does anyone know of if you could use these SMS encryption apps to send messages via vhf/uhf and then decode it on another android phone with the same setup
I haven't seen these dongles, but technically speaking it should be possible. Without a mobile phone network, you could set up a "wireless mesh network" over e.g. 2.4GHz and still use the encrypted communication apps like Signal. During recent protests in Turkey, and when the Internet was cut, some groups used a mesh network to communicate with each other, in that case it was either WiFi or Bluetooth. The app that they used was most likely Firechat. To operate on other frequencies though, without trying to "hack" the built-in radios, you would as you say, need a third party device such as a dongle.
A5/0 is no encryption. You don't need any special programs, just follow my tutorials for SMS. There are currently no available programs for proper Voice decoding because of channel hopping, as I've mentioned in my video.
I haven't tried writing my own solution from scratch, because it's probably going to take me at least a month or more. It's a lot of work that I can't afford to do at the moment. I already responded to your questions on Twitter. The default antenna I use typically goes up to like 1km easily. Keep in mind concrete buildings, in particular basements block radio signals quite effectively in many cases.
I tried wideband sniffing with gr-gsm a couple of months ago, and realized there is currently no working code on the Internet that makes decryption of voice possible when channel hopping is enabled. (Unless this has been added to gr-gsm while I've been busy with other stuff.) BladeRF can capture wideband files by itself and its own software, which will need to be converted afterwards to a format gr-gsm understands. The gr-gsm program can be "patched" to allow wideband capturing too, and then you can even use the "wideband splitting" program to split the wideband capture into several files. However, last time I checked, gr-gsm did still not have channel hopping features implemented, despite that a github user named Bogdan made a modified version of Airprobe, which supports channel hopping. (And this was years ago.) The problem with Bogdan's code, is that it doesn't seem to work with all types of GSM networks, as I tried for several days to make it work. Sometime in the future, if I get it to work, I'll probably do a video, but this is something that will take ages, as Bogdan's code probably needs to be patched, and the author of gr-gsm won't add channel hopping or wideband capturing into the python scripts by the looks of it. (Unless he changed his mind.)
Only VMs. I have a lot of VMs for different purposes. When I began learning, I ran it off a Live CD back in the BackTrack 2 (precursor to Kali) days. Eventually I installed a full Linux distribution instead as the Live CD environment wasn't ideal for compiling packages. Nowadays, Kali is more like a tuned and complete OS so you can usually compile most stuff in Kali without a lot of issues.
Then you just need to assemble the channel hopping packets as it's generally enabled by default to improve voice quality. You will most likely have to write your own software patch though. You can start by looking at Bogdan's patch.
Do have a Idea for that output, if I type this...? root@kali:~# grgsm_capture.py -f 944400000 -s 1e6 -g 40 voice1.cfile -T 30 linux; GNU C++ version 6.2.0 20161103; Boost_106200; UHD_003.009.005-0-unknown Usage: grgsm_capture.py [options] grgsm_capture.py: error: Please provide a cfile or a burst file (or both) to save the captured data root@kali:~#
Error: "grgsm_capture.py: error: Please provide a cfile or a burst file (or both) to save the captured data" It's because you're using grgsm_capture.py slightly wrong. Your command: grgsm_capture.py -f 944400000 -s 1e6 -g 40 voice1.cfile -T 30 Correct command: grgsm_capture.py -f 944400000 -s 1e6 -g 40 -c voice1.cfile -T 30 (Notice the "-c" before voice1.cfile.)
I have created an openbts, Can i decrypt the same if my phone is connected to openbts, and one more thing can i decrypt the kc of the sim using iphone?
Yes you can decrypt any signal to/from your phone if you extract the Kc. If you have an OpenBTS you can just use Wireshark on OpenBTS to see the packets. I don't understand what "Decrypt the Kc of the sim using iphone" means, because the Kc is the (temporary) encryption/decryption key which is stored on the sim card (as far as I know), and it has nothing to do with whether you use iphone or not. But my main point is, you want to "decrypt the decryption key"? It doesn't make any sense technically speaking, and in this case I can't even guess what you mean. If you're asking, "Can I also do this with an iPhone?", my answer is, yes but you may have to extract the Kc (encryption/decryption key) from your SIM card.
Crazy Danish Hacker yes that is what i was asking, if can use my iphone to decrypt the kc, and as you said yes, do you know how, or else do you know any software by which i can decrypt the kc(i have a sim card reader) Thanks for the help though
The "Kc" is a symmetric key used for encryption and decryption. You cannot "decrypt" a "decryption key" (Kc). If you're asking, "Can I extract the Kc directly from an iPhone?", then to be honest, I don't know. I think you need to root the iPhone and have SSH access, and even then I am not sure if it's easy. Only way to find out, is to try yourself :-) To extract the Kc directly from the SIM card, you need to look at a specific location in "memory" on the SIM card. I recommend googling "extract kc from sim card" as there are several websites answering this question.
yes i was asking for extraction of the kc, sorry for the wrong choice of words. i will try with the iphone, but do you know any applications based on sim card reader that can extract the kc??
It is possible to call a phone that's connected via USB. Initiating a call over USB to another phone, through the "serial console" (minicom) interface, is also possible in some cases.
I recently saw a video were magician use to calls every one nearby ! so I thought it must be some fake BTS and his assistant is calling every connected person. • ua-cam.com/video/ERwPpjEaqYA/v-deo.html
Magicians work with the power of illusion and deception. I used to do "magic" as well once. Some stuff can be extremely convincing. I don't think he used any technical devices to do this. If they did set up a fake BTS then you could send a call to everyone nearby though, and people would also be able to call each other in the area.
However, people outside this area, would not be able to call people connected to the fake BTS as it technically doesn't exist to the "real" telco networks.
A lot of limitations and not so obvious. Is it possible to track the hopping carrier by simultaneous tuning of RTLSDR? Instead of it, you suppose to capture the whole band, it requires VERY MUCH of computational power and of course SDR with USB3 or gbit lan or even nore. i estimate for whole band something like core i7 or i9 would be needed. Also i noticed that you got the key right from the phone. So, mom's hackers, remember, that this technique is impossible without physical access to SIM card or phone of the "victim"
GSM is vulnerable, on paper. He doesn't do it here on a real network. On a real network is so difficult. The process is very long, the variables, the frequency hopping. To capture the whole band must have 2tb of tables (on hard disk or cloud ?, a lot of time to download and then get to a voice), a lot of computing power. And it is not said to arrive at a result.
@@romanetz55 yeah, but it's not that easy. Where do you put the 2 TB tables? A simple RTL-SDR is not enough to decrypt in live ... even just for the frequency hopping
@@trashislife6463 2TB of fast local storage, say, SSD with M.2 interface - afaik, this is second fast after RAM - is something around ~$1500 now. Also, two simultaneously tuned SDRs are needed (the speech from and the speech to user are spaced by 45 MHz, BTS-to-MS link is higher. But! Especially in a city, the phone highly unlikely uses GSM for calls, mostly 3G or even VoLTE.
@@romanetz55 there are still a lot of feature phones with only 2g-gsm, and even if an Iphone 11 called them it would be obliged to switch in 2g ... but .. but .. is it really worth it? even with two sdr at the same time you are not sure of reaching something concrete. One thing I did not understand, is it possible to decrypt only live, or is it possible to "record" and decrypt at a later time?
101 means basic in hacker terminology, when it comes to learning something new that is. This is the most basic video there is when it comes to decrypting voice calls where channel hopping is not enabled.
Man leger med det i et par uger flere timer om dagen, uden at lave andet og så husker man det indtil man ikke bruger det mere :-) Og i stedet for at huske på den mest komplekse måde man kan forklare det på, finder man den letteste men stadigvæk teknisk korrekte måde at huske og forklare det på. Det skal dog nævnes at der er mange andre udtryk og tekniske ting indenfor GSM som jeg ikke ved særligt meget om stadigvæk, da jeg kun fokuserede på SMS og Voice decryption og cracking.
why you connect the phone to the pc???....if we want to know the calls of someone then we should ask him to connect his mobile to our pc for listening the calls???
Watch the entire video again, maybe the whole series. This specific video is about learning how to decrypt your own voice calls. You connect the phone to your computer, to extract the temporary encryption key (from your SIM card). In another video that I also made, I showed how to crack the encryption key when A5/1 encryption is in use. In that case (when A5/1 encryption is in use), you don't need to connect your phone to the computer. You only need to be in the (physical) vicinity of the target. This video series is meant for educational purposes (and for beginners), and as such, you need to be able to understand the basics, before you go right into cracking. For professionals that already have some or a lot of experience, I generally create content to them through other channels such as well-known conferences like Black Hat.
To decrypt voice on a real network, you will need multiple RTL-SDRs, HackRF, BladeRF, LimeSDR, USRP, or similar. You will also need software to decode channel hopping. (I don't have it.)
Pode se usar 4 softwares encontrados na net rodando ao mesmo tempo sincronizados cada um fazendo sua parte gerando um banco de dados residuais resultante bem interessante sob um HackRF em gsm
can you do anything else with phone modem other than read TIMSI and KC? (call someone or send SMS?) PS: is it posible to conenct to a provider without SIM Card? PPS: Did you try TopGuw?: github.com/bastienjalbert/topguw (V2 is here: github.com/bastienjalbert/topguw2) PPPS: Which SDR did you buy?
Good questions. To answer your first question, yes you can call someone or send SMS, but you need direct access to the USB modem. A friend of mine found out a way to switch to 2G only mode on a Huawei 3G dongle (AT^SYSCFG=13,1,3FFFFFFF,2,4, do not run this command unless you know what you're doing), via the USB modem and then send an SMS to himself (AT+CMGW=$MSISDN (returns int), sms msg, \032, AT+CMSS=int, also via the USB modem. Do not run those commands exactly as I wrote them. They just show the "approximate workflow" on how to send SMS in a simplified and not 100% accurate way.) Concerning your second question, generally not. Here's why: Your SIM card has a number on it, this is called the IMSI (International Mobile Subscriber Identity). In order to connect to a mobile network provider, your IMSI has to be in a "whitelist" of approved IMSI's as far as I know on a 2G network. For 3G and 4G (I'm not an expert on how authentication works for these), there is something called Mutual Authentication (MA), between the UE (User Equipment, such as your mobile phone), and the BTS (Base Transceiver Station, which is basically the cell tower + computing equipment that routes traffic back to the provider). Mutual Authentication means that your SIM card has a special authentication key (not in relation to the one you use to encrypt traffic during SMS, voice, GPRS, etc.) which is used to authenticate with the mobile network provider. The key that you use for Mutual Authentication, is apparently derived from a master key and potentially locked to your IMSI (I may be wrong here, but as far as I know it is derived from a master key only the provider has), so even if you manage to extract this key, it won't work as a "general purpose master key" to the mobile network provider.
To answer your third question about topguw: Yes I tried that and I'm not sure if it works. It's a topic for a future video about cracking A5/1. Version 2 does not work. Version 1 "works", but the source code is a bit confusing because it's adding 101 to the frame count by the looks of it (I could be wrong, Java source code is not super easy for me to understand), instead of 102. If it's doing that, then it's intentionally adding a wrong number of frames. On top of that, topguw does not seem to understand that when you XOR the first burst of an unencrypted frame (C1), it needs to be XOR'd with the first burst of an encrypted frame (C1), and then the second with the second, third with the third, and fourth with the fourth burst. Concerning your fourth question, I bought a BladeRF and two quad band GSM antennas. With that, I can sniff 28MHz at a time, more than enough to cover frequencies from channel 82 (951.4 MHz), to channel 117 (958.4 MHz) = 7MHz total. Another reason why I bought a BladeRF is because it features full duplex (transmit and receive at the same time), and everything is designed to be "in sync", meaning it's a lot cheaper than buying a USRP B200 where you have to buy a GPSDO (TCXO) module that doubles the price if you want it "in sync", which is important in my case. There are many other SDRs that could probably work, but I wanted something that's not "too expensive" for what I want (full duplex high quality transmission). If I was not going to transmit anything and use full duplex, then I would've definitely bought a HackRF as the frequency range on that is much larger. I also wanted something that has very good driver support, which HackRF, BladeRF and USRP all do. In case you're looking to buy an SDR, check out the round up on RTL-SDR: www.rtl-sdr.com/roundup-software-defined-radios/ I wouldn't recommend buying anything more expensive than the USRP B200, as that's generally just a waste of your money.
well I bought a HackRF and Airspy as BladeRF doesn't cover FM and AM Band without its transcverter board and it doesn't have 32mW TX Power (I think) PS: Do you think you could create a video about creating GSM BaseStation with BladeRF and YateBTS as BladeRF is full duplex and I always wanted to know how you acually conect to it (as I can't connect to HR VIP even if I can recieve it well if I am connected to my main carrier (Telekom Slovenija)
Hmm, yeah by default it looks like BladeRF has a transmit power of +6 dBm, which converted is 7.94mW. (I'm using this calculator: www.rapidtables.com/convert/power/dBm_to_mW.htm) With the amplifier upgrade on 2.4GHz it has a transmit power of around +32dBm (based on the amplifier upgrade specs unless I misunderstood them), which is 1584mW or 1.58 Watts. As you also mentioned, I'll need the transverter board to see frequencies below 300MHz. But as I'm mainly focused on GSM and maybe WiFi for now, it'll do. It's definitely on my todo list, i.e. to create a video about setting up your own BTS and confirming it works. Obviously it'll be a low to very low transmit power configuration, and only accept the IMSI's of my own mobile phones to avoid any issues.
I looked into 2G/3G/4G authentication a bit yesterday, and found out that as we all know by now 2G generally has no authentication with the network or user equipment, while 3G user equipment has the ability to authenticate the network (to make it a lot harder for impostors to set up rogue networks, I need to test how this works in practice), and 4G has mutual authentication where the user equipment authenticates the network, and the network authenticates the user equipment. :-)
I hate linux. Always causes problems. Even with tasks as simple as reading an audio file. Installing ides, libraries, compilers, finding software to make other software work. All these tasks that would take minutes to complete on a windows computer takes shtload of time with linux. You need to take care of infinite issues if you're using linux and not an expert of linux and it is vert frustrating to quit your primary task and deal with your computer to make it work properly. I mean all windows distros except vista works like a charm. Linux is like an obsessive compulsive bipolar schizoid nymphomaniac narcissist heroin addict sociopath colleague. Too many issues to draw you back. Can windows do anything linux does? Or is linux absolutely necessary for those who are into hacking things? I like learning programming and have been learning Operating systems and multithreading recently. All good resources and references involve using linux. Pity.
I guess you haven't tried Windows Millennium Edition (ME) then :P About Linux, if you're going to be a professional hacker, then in most cases you need to be comfortable using the console, and in some cases that is all the access you will have when you pivot. Some programs can be installed on Windows, or in emulated environments, but it is recommended. In my case as I also need full Windows support, I prefer using Windows as the Host Operating System, and then Linux inside virtual machines with VMware. You can also use VirtualBox, but it doesn't have as good USB support. On Linux, there are a lot of things which are easier, and you generally have a lot more control over what's happening. Most of the Internet is running Linux or Unix because it's also much more stable and generally more efficient when it comes to resource usage. For example, with a virtual lab, I can easily run 4-5 virtual Linux machines and Windows 10 as the Host OS. If I only ran Windows 10 including virtual machines, then I would run out of resources very fast and the overall experience/lag would be worse. For every day use though, Windows is fine for most people as audio and video playback is often more smooth on Windows by default, and if you play computer games, you'll generally get more out of your computer on Windows, despite you can run Linux applications like Cedega, Wine, etc. I've tried running both Windows and Linux as my main OS, and in my case I need several programs that are Windows only, and inside virtual machines they typically can't utilize my resources properly, yet. One of the reasons why people choose Linux, besides it's open source and doesn't have a lot of tracking enabled, is because you have full control over everything. You can modify the kernel if you want to. You can also read and change source code of almost any program you run there too. In relation to installing programs on Linux, this can typically be done in the background, and instead of downloading a 300-500mb single file, you download the necessary libraries including the compiled code. So after you've used your installation for a while, you generally don't install a lot of new libraries unless you need something specific. If I want to install NMAP or Wireshark on Windows vs Linux, then Linux will generally finish much faster than Windows because of all the extra steps required. With that said, I do have NMAP and Wireshark installed on both Linux and Windows. Being a professional hacker is about using the right tools for the job, and for web app hacking, you can typically get away with Firefox or Chrome and Burp Suite Pro (multi-platform), along with some online resources or a few Linux tools. These could be ported to Windows though. But I pretty much always have a Linux virtual machine open just for hacking, and in case I am on a computer where I can't easily install a virtual machine (or dual-boot which I generally never do anymore), then I install WSL (Windows Subsystem for Linux). It doesn't have all the tools you need, but you'll get at least some Linux capability in the Windows command line just by typing "bash". Once you get used to using Linux just for hacking or hosting your own services, and not for "every day use" like watching videos, playing computer games, etc., then it's generally a very smooth experience.
have no idea what is going on, but it looks amazing
im about 50% aware whats going on and that hurts even more
I'm with you brother ..
It is obvious this UA-cam video is meant for those who have a working knowledge of the topic to even keep up with what he is doing or saying.
I don't know anything about radios, but I must say, your knowledge on this was impressive. Awesome job.
You are awesome! Really awesome series i have watched 1-11 in one sitting and that was beautiful. I thank you very much for making this series it was very interesting to watch :)
really congratulations on your knowledge on the mobile phone, in this domain you are the best
Wow dude amazing! you broke it down like a pro thanks.
Hi, You have got new Blade Rf. Now can you please show in some video. how to record frequency hopping?
So you just created a cell tower ,
Is it possible to communicate with other towers and make comercial towers think , your tower is one of them ..?
A fake tower in middle of two real towers (MiTM)
And steal routing infos etc
Hej, from Connecticut, USA. Around here, in Waterbury anyway, we have for our city a P-25 trunked system. In the past I was using with my R820T(Xsomething maybe,but it's R820T of some kind) SDR sharp with basically every plugin, the WinUSB driver, also "Virtual Audio Cable" so I could easily feed the two frequencies I'd lock onto into diff virtual mono audio feeds, and DSD plugin in SDR sharp too. At the same time for some reason to get voice I had to use Unitrunker at least as a voice decoder for say Virtual Audio Cable's Line 2 where I'd move around that frequency while keeping the first one locked onto the control channel, or one of them anyway. Long story short, it doesn't work in Win 10 anymore.. Unitrunker won't run. I'll be trying to fix it today, so if you or anyone have advice on this (I understand Windows 10's updates broke it basically) I'd appreciate it.
I haven't played much with trunked radio as it's almost non-existent here whenever I've looked. Emergency services here use an encrypted version of P25 as far as I know. (They just call it something else, but it sounds like encrypted trunked radio over different frequencies. I haven't looked into it that much though as every resource I read about this custom system says that it's almost impossible to sniff without "authorized equipment" on their "closed network".)
Anyway, you're right that Windows 10 and various updates break a lot of programs, not just SDR Sharp. I am for example unable to use BladeRF properly with SDR# now. So I switched to SDR Console instead on Windows, as that also works natively with the transverter upgrade.
In your case, you could either wait for an updated version of SDR#, plugins, drivers, etc. or you could reinstall the same programs inside a Windows 7 virtual machine for example. These virtual machines, albeit not activated, should work for at least 30 days: developer.microsoft.com/en-us/microsoft-edge/tools/vms/
They're meant to test Internet Explorer, but I've heard of malware analyst using them for malware analysis as well.
Alternatively, you could try and move your setup/configuration to Linux instead. I'd recommend Ubuntu as it's has a large user-base and is generally quite well supported, and very easy to setup.
Interesting but I was waiting for a real voice decoding : hearing GSM people conversation in clear or am I stupid ?
Hi sir , if you do some thing , try to focus screen view more larger because people who are watching this don't understand it .
All the command and all the screen play must be larger Sir
Nice Video! i have a question, im using blade rf x40, when i run livemon theres no hex codes show up, then when i use grgsm_scanner i didnt get any data about frequency, or i must use cellphone?. so how can i can get the correct frequency?
I found this problem 2. I Had it up an running from the start. Several months later after not using it in upgraded 2 external antenna. Now the problems started . I uninstalled an reinstalled... it didn't fix the problem. I'm glad you have shown me the fix.. thank you. Where do u think the problems were from??
Please Any idea of amazing work i can do in my uni (with rtl-sdr and hacrf one) that's project worthy?
are you seeing sun that we are not ?
Hi Mr.Danish I'm a beginner and would like to know where to start from scratch and what steps i should follow Thanks Allot.
Maybe watch some of my videos about setting up Kali Linux in VMware and testing Damn Vulnerable Web Application locally inside a virtual machine. Also read some books such as The Web Application Hacker's Handbook. Only test this knowledge locally (that means only your own computer) and understand how the different attacks work. Once you're comfortable, go into the real world and only target bug bounty programs. (There are a lot, see hackerone.com/bug-bounty-programs for example. All those websites and companies allow you to try and hack them legally if you follow their rules.) When you've gained some decent knowledge and experience, maybe try to get a penetration testing job.
Hi there so if I have a gsm data receiver Rs232 to be exact how could I possibly decode the data I receive into clear text could u help
thank you for these videos. but i have a quention that, i decoded GSM voice A5/0 but i can not receive all the speech, i can decode only one part, and the size of the audio file speech.au.gsm is about 13Kb. can you tell me what is the reason? many thanks in advance!!!!
It's because channel hopping is enabled and gr-gsm does not handle that by default. You need to capture all of the channels where channel hopping occurs, and then you need to reassemble the packets back together. You can try Bogdan's patch to airprobe, but it may not work. However, you could try asking the gr-gsm developer to make a working tool for channel hopping enabled voice, or patch it yourself if you are skilled with GSM or protocols in general.
@@CrazyDanishHacker thank you!
How to sniff sms and voice if encryption is set to a5/0.does it requires a kc
Amazing 25 bucks defeats a millions in security
but this is for 2G case, in 3G and 4G is a little bit more complicated
I fell asleep, great video
I recommend watching this video then :P ua-cam.com/video/PExa5sC4sbE/v-deo.html
mosyo.. HOW can i listen gsm arround me easlly.. İ wanna listen my neibours... :)))) is there any easy way OR device...??? PLEASE HELP me
Hello friend, I have some questions:
-In one comment you write: " To decrypt voice on a real network, you will need multiple RTL-SDRs, HackRF, BladeRF, LimeSDR, USRP, or similar. " . This video-example voice is in local? So I can't decrypt a real network with only a RTL-SDR? It can do IMSI Catcher, but it is of little use.
-Can be decrypted also 3G/4G voice calls?
-As far as I can see the process is very long and not at all easy .. do you confirm?
-Why this, when with a fake towers you can really have ALL? (yeah, completely illegal ..)
On a real network you need multiple RTL-SDRs because of the bandwidth voice uses. RTL-SDR can only receive around 2.4MHz of bandwidth, and if the data channel is very far from the channel hopping data containing voice traffic then it is simply not possible to capture both at the same time with only one radio. The same goes for capturing WiFi data. You can't capture all WiFi channels at the same time with most radio or WiFi receivers.
This video is a mix of a real network in the first part, and then a local demonstration because channel hopping decoding was not implemented into the programs I used at the time of this video. I am pretty sure I mentioned this in the video and made it clear I could not decode voice traffic on a real network at the time.
There is a blog post on the Internet by "Bogdan" on how to decode channel hopping. I analyzed this method a few years ago when I made this video and it didn't work on my telco network as they use different technology it seems. Some of the channel hopping patterns on my network, at least at the time of testing, were much more complex.
You can decrypt some traffic on real networks if:
a) You have software that can decode this traffic; and
b) You have a good enough radio, or multiple radios. In some cases, one or two RTL-SDRs is enough but you may need to modify the hardware in the RTL-SDRs to use the same crystal.
RTL-SDR cannot be used as a real IMSI catcher. What you're referring to is a project that passively sniffs IMSI. Real IMSI catchers are active and are basically small cell towers. They are also a lot more expensive.
I am not aware of any software that can decrypt 3G/4G/5G/6G voice calls.
The process shown in this video is long and complex. It is meant to teach people how this technology works, not enable them to listen in on other people.
If you don't understand how the system works, then you can't identify new types of vulnerabilities that may be unknown, or not very well known. Finally, this knowledge is a key part on how voice transmissions are made on these older 2G networks which are still in use in many countries.
@@CrazyDanishHacker Fantastic explanation, thanks man, have a good day !!
hello you managed to decrypt the calls on the real network
I don't get a clue. The screen is to big to fit in my youtube android app. Never mind... I need your help. I live in an squat in the forest for 8 years till now. But i have to deal with multiple enemies. From neighboards stealing my wood, hunters bringing his dogs inside my garden where my hens are walking free, to cops who has forbiden to walk free to everybody, and i tried to take them to the juzge for that... I'm sufering, my man, but not surrending. Could you help me to rip the data bearing from those drones flying arround my home? Sometimes those are from thiefs, sometimes those are from the hunters and today i think it was from the cops. I have an sdr device there arround.
Please could you do TEA1 voice decryption?
cool! great video
At the beginning during the voice call you saying "testing testing " at the end of the video when you playing VLC file we can hear "voice call test six" why there's a difference between those??
From what I can recall, I explained in the video that the file I decrypt and play back is from the researchers as channel hopping is enabled in my area. Channel hopping was not implemented well enough into the programs I used when I made this video. The first part of the video I showed what my packet would look like though, except for the channel hopping part. I haven't watched this video for a few years, but it should still work, maybe even gr-gsm has proper channel hopping support now. I did read Bogdan's research paper but his methods did not work for me, so I looked into the specs and quickly realized making a working tool would probably take weeks.
what linux distro are you using? you have a tutorial video?
Kali Linux mostly, in some videos Ubuntu because compiling some programs in Kali doesn't work that well, even though Kali is based on Ubuntu. ua-cam.com/play/PLRovDyowOn5GI0Wpw1mJtk2TTDyW_hD67.html
20:29 time create file is note same with 20:44 . correct if i'm wrong
Hi has anyone here seen these dongles you can attach to an android phone so you can send voice and text messages over the ham radio frequencies without a mobile phone network
Does anyone know of if you could use these SMS encryption apps to send messages via vhf/uhf and then decode it on another android phone with the same setup
I haven't seen these dongles, but technically speaking it should be possible. Without a mobile phone network, you could set up a "wireless mesh network" over e.g. 2.4GHz and still use the encrypted communication apps like Signal.
During recent protests in Turkey, and when the Internet was cut, some groups used a mesh network to communicate with each other, in that case it was either WiFi or Bluetooth. The app that they used was most likely Firechat.
To operate on other frequencies though, without trying to "hack" the built-in radios, you would as you say, need a third party device such as a dongle.
Of course there are lol, but don’t get caught sending encrypted anything over vhf/uhf lol
any solution for A5/3?
if one wants to sniff the traffic he needs the Kc for that sim... good luck with that.
can you tell me how about A5/0. you can write the command lines to decode a voice call with A5/0. many thanks!
A5/0 is no encryption. You don't need any special programs, just follow my tutorials for SMS. There are currently no available programs for proper Voice decoding because of channel hopping, as I've mentioned in my video.
I love u man........
can a hackrf capture that range ?
I think sox is included with Kali, no?
padsp play
The padsp command exists, but "padsp play" will return a not found error.
10:10 The equipment at the cell site is probably thinking um this activity looks suspicious im going to shut this activity down
i red this doesnt work anymore since key is not sent in same package
Without checking, I guarantee that this almost certainly works just like it did last year. The only issue is still channel/frequency hopping.
Crazy Danish Hacker . Can you get around that? Also,what would it take for have a range of like 100 m? Or at least 50m
I haven't tried writing my own solution from scratch, because it's probably going to take me at least a month or more. It's a lot of work that I can't afford to do at the moment.
I already responded to your questions on Twitter. The default antenna I use typically goes up to like 1km easily. Keep in mind concrete buildings, in particular basements block radio signals quite effectively in many cases.
Hi, have you try gsm wideband sniffing with gr-gsm...??? Could you please share the video...???
I tried wideband sniffing with gr-gsm a couple of months ago, and realized there is currently no working code on the Internet that makes decryption of voice possible when channel hopping is enabled. (Unless this has been added to gr-gsm while I've been busy with other stuff.)
BladeRF can capture wideband files by itself and its own software, which will need to be converted afterwards to a format gr-gsm understands. The gr-gsm program can be "patched" to allow wideband capturing too, and then you can even use the "wideband splitting" program to split the wideband capture into several files.
However, last time I checked, gr-gsm did still not have channel hopping features implemented, despite that a github user named Bogdan made a modified version of Airprobe, which supports channel hopping. (And this was years ago.)
The problem with Bogdan's code, is that it doesn't seem to work with all types of GSM networks, as I tried for several days to make it work.
Sometime in the future, if I get it to work, I'll probably do a video, but this is something that will take ages, as Bogdan's code probably needs to be patched, and the author of gr-gsm won't add channel hopping or wideband capturing into the python scripts by the looks of it. (Unless he changed his mind.)
Do you run Kali as Live or under a VM? Good stuff.
Only VMs. I have a lot of VMs for different purposes. When I began learning, I ran it off a Live CD back in the BackTrack 2 (precursor to Kali) days. Eventually I installed a full Linux distribution instead as the Live CD environment wasn't ideal for compiling packages. Nowadays, Kali is more like a tuned and complete OS so you can usually compile most stuff in Kali without a lot of issues.
Nice tutorial, but I have a question, how to sniff when encryption is set to a5/0 no encryption
Then you just need to assemble the channel hopping packets as it's generally enabled by default to improve voice quality. You will most likely have to write your own software patch though. You can start by looking at Bogdan's patch.
@@CrazyDanishHacker hello bro make videos on how to crack a5/2 and a5/3 encryption
Do have a Idea for that output, if I type this...?
root@kali:~# grgsm_capture.py -f 944400000 -s 1e6 -g 40 voice1.cfile -T 30
linux; GNU C++ version 6.2.0 20161103; Boost_106200; UHD_003.009.005-0-unknown
Usage: grgsm_capture.py [options]
grgsm_capture.py: error: Please provide a cfile or a burst file (or both) to save the captured data
root@kali:~#
Error: "grgsm_capture.py: error: Please provide a cfile or a burst file (or both) to save the captured data"
It's because you're using grgsm_capture.py slightly wrong.
Your command:
grgsm_capture.py -f 944400000 -s 1e6 -g 40 voice1.cfile -T 30
Correct command:
grgsm_capture.py -f 944400000 -s 1e6 -g 40 -c voice1.cfile -T 30
(Notice the "-c" before voice1.cfile.)
What equipment do you use?
It's in the video description. I'm using an RTL-SDR, in this case an E4000, even though R820T and R820T2 will work on 900MHz as well.
How to use sdr live voice conversation listen
Are u using rtl-sdr ?
I think is HackRF One
why are you wearing sunglasses in front of your computer?
Branding and privacy mostly.
In some of the newer videos I had a studio light pointing almost directly in my face.
hahah, thats clear! Thank you for your videos, youre doing it very very well.
sir kindly decoding sms on rtlsdr on kali linux
I have created an openbts, Can i decrypt the same if my phone is connected to openbts, and one more thing can i decrypt the kc of the sim using iphone?
Yes you can decrypt any signal to/from your phone if you extract the Kc. If you have an OpenBTS you can just use Wireshark on OpenBTS to see the packets. I don't understand what "Decrypt the Kc of the sim using iphone" means, because the Kc is the (temporary) encryption/decryption key which is stored on the sim card (as far as I know), and it has nothing to do with whether you use iphone or not. But my main point is, you want to "decrypt the decryption key"? It doesn't make any sense technically speaking, and in this case I can't even guess what you mean. If you're asking, "Can I also do this with an iPhone?", my answer is, yes but you may have to extract the Kc (encryption/decryption key) from your SIM card.
Crazy Danish Hacker yes that is what i was asking, if can use my iphone to decrypt the kc, and as you said yes, do you know how, or else do you know any software by which i can decrypt the kc(i have a sim card reader)
Thanks for the help though
The "Kc" is a symmetric key used for encryption and decryption. You cannot "decrypt" a "decryption key" (Kc). If you're asking, "Can I extract the Kc directly from an iPhone?", then to be honest, I don't know. I think you need to root the iPhone and have SSH access, and even then I am not sure if it's easy. Only way to find out, is to try yourself :-)
To extract the Kc directly from the SIM card, you need to look at a specific location in "memory" on the SIM card. I recommend googling "extract kc from sim card" as there are several websites answering this question.
yes i was asking for extraction of the kc, sorry for the wrong choice of words. i will try with the iphone, but do you know any applications based on sim card reader that can extract the kc??
No I don't know any iPhone or SIM card reader applications, that's why I recommend googling "extract kc from sim card" :-)
Do we have any books about this stuff
The only book I'm aware of that demonstrates attack methods is the "Inside Radio: An Attack and Defense Guide".
Hi, is it possible to send a call to connected devices?
It is possible to call a phone that's connected via USB. Initiating a call over USB to another phone, through the "serial console" (minicom) interface, is also possible in some cases.
I recently saw a video were magician use to calls every one nearby ! so I thought it must be some fake BTS and his assistant is calling every connected person. • ua-cam.com/video/ERwPpjEaqYA/v-deo.html
Magicians work with the power of illusion and deception. I used to do "magic" as well once. Some stuff can be extremely convincing. I don't think he used any technical devices to do this. If they did set up a fake BTS then you could send a call to everyone nearby though, and people would also be able to call each other in the area.
However, people outside this area, would not be able to call people connected to the fake BTS as it technically doesn't exist to the "real" telco networks.
A lot of limitations and not so obvious. Is it possible to track the hopping carrier by simultaneous tuning of RTLSDR? Instead of it, you suppose to capture the whole band, it requires VERY MUCH of computational power and of course SDR with USB3 or gbit lan or even nore. i estimate for whole band something like core i7 or i9 would be needed. Also i noticed that you got the key right from the phone. So, mom's hackers, remember, that this technique is impossible without physical access to SIM card or phone of the "victim"
GSM is vulnerable, on paper. He doesn't do it here on a real network. On a real network is so difficult.
The process is very long, the variables, the frequency hopping.
To capture the whole band must have 2tb of tables (on hard disk or cloud ?, a lot of time to download and then get to a voice), a lot of computing power.
And it is not said to arrive at a result.
@@trashislife6463 now, he captures a real data from the nearest cell tower, that's why he blurs LAC of current cell, it discloses his exact position.
@@romanetz55
yeah, but it's not that easy. Where do you put the 2 TB tables?
A simple RTL-SDR is not enough to decrypt in live ... even just for the frequency hopping
@@trashislife6463 2TB of fast local storage, say, SSD with M.2 interface - afaik, this is second fast after RAM - is something around ~$1500 now. Also, two simultaneously tuned SDRs are needed (the speech from and the speech to user are spaced by 45 MHz, BTS-to-MS link is higher. But!
Especially in a city, the phone highly unlikely uses GSM for calls, mostly 3G or even VoLTE.
@@romanetz55 there are still a lot of feature phones with only 2g-gsm, and even if an Iphone 11 called them it would be obliged to switch in 2g ... but .. but .. is it really worth it?
even with two sdr at the same time you are not sure of reaching something concrete.
One thing I did not understand, is it possible to decrypt only live, or is it possible to "record" and decrypt at a later time?
What is SDR?
😷 SDR = “ SCUMBAG DEMOCRATS RAPE”
Not very useful video, if you don't already know this stuff.
Not exactly 101 is it?
101 means basic in hacker terminology, when it comes to learning something new that is. This is the most basic video there is when it comes to decrypting voice calls where channel hopping is not enabled.
uh, please help me
Hvordan kan du huske alt det der?
Man leger med det i et par uger flere timer om dagen, uden at lave andet og så husker man det indtil man ikke bruger det mere :-) Og i stedet for at huske på den mest komplekse måde man kan forklare det på, finder man den letteste men stadigvæk teknisk korrekte måde at huske og forklare det på.
Det skal dog nævnes at der er mange andre udtryk og tekniske ting indenfor GSM som jeg ikke ved særligt meget om stadigvæk, da jeg kun fokuserede på SMS og Voice decryption og cracking.
desuden lærer du ekstremt meget ved at lære det fra dig.. :)
Præcis, plus at jeg kommer sikkert til at glemme det her engang, og så kan jeg jo kigge på mine videoer igen xD
why you connect the phone to the pc???....if we want to know the calls of someone then we should ask him to connect his mobile to our pc for listening the calls???
Watch the entire video again, maybe the whole series. This specific video is about learning how to decrypt your own voice calls. You connect the phone to your computer, to extract the temporary encryption key (from your SIM card). In another video that I also made, I showed how to crack the encryption key when A5/1 encryption is in use.
In that case (when A5/1 encryption is in use), you don't need to connect your phone to the computer. You only need to be in the (physical) vicinity of the target.
This video series is meant for educational purposes (and for beginners), and as such, you need to be able to understand the basics, before you go right into cracking.
For professionals that already have some or a lot of experience, I generally create content to them through other channels such as well-known conferences like Black Hat.
Are this need hackrf ??
To decrypt voice on a real network, you will need multiple RTL-SDRs, HackRF, BladeRF, LimeSDR, USRP, or similar.
You will also need software to decode channel hopping. (I don't have it.)
In order to understand how complex this is, you will probably need to watch this video first.
thank u soo mush but were is the video are u talk about this video or an other one ❤️
Hello
Pode se usar 4 softwares encontrados na net rodando ao mesmo tempo sincronizados cada um fazendo sua parte gerando um banco de dados residuais resultante bem interessante sob um HackRF em gsm
What???? this is 101? Dude really?
زلم تشرح بالتفصيل
can you do anything else with phone modem other than read TIMSI and KC? (call someone or send SMS?)
PS: is it posible to conenct to a provider without SIM Card?
PPS: Did you try TopGuw?: github.com/bastienjalbert/topguw (V2 is here: github.com/bastienjalbert/topguw2)
PPPS: Which SDR did you buy?
Good questions.
To answer your first question, yes you can call someone or send SMS, but you need direct access to the USB modem.
A friend of mine found out a way to switch to 2G only mode on a Huawei 3G dongle (AT^SYSCFG=13,1,3FFFFFFF,2,4, do not run this command unless you know what you're doing), via the USB modem and then send an SMS to himself (AT+CMGW=$MSISDN (returns int), sms msg, \032, AT+CMSS=int, also via the USB modem. Do not run those commands exactly as I wrote them. They just show the "approximate workflow" on how to send SMS in a simplified and not 100% accurate way.)
Concerning your second question, generally not. Here's why:
Your SIM card has a number on it, this is called the IMSI (International Mobile Subscriber Identity).
In order to connect to a mobile network provider, your IMSI has to be in a "whitelist" of approved IMSI's as far as I know on a 2G network.
For 3G and 4G (I'm not an expert on how authentication works for these), there is something called Mutual Authentication (MA), between the UE (User Equipment, such as your mobile phone), and the BTS (Base Transceiver Station, which is basically the cell tower + computing equipment that routes traffic back to the provider).
Mutual Authentication means that your SIM card has a special authentication key (not in relation to the one you use to encrypt traffic during SMS, voice, GPRS, etc.) which is used to authenticate with the mobile network provider.
The key that you use for Mutual Authentication, is apparently derived from a master key and potentially locked to your IMSI (I may be wrong here, but as far as I know it is derived from a master key only the provider has), so even if you manage to extract this key, it won't work as a "general purpose master key" to the mobile network provider.
To answer your third question about topguw:
Yes I tried that and I'm not sure if it works. It's a topic for a future video about cracking A5/1.
Version 2 does not work. Version 1 "works", but the source code is a bit confusing because it's adding 101 to the frame count by the looks of it (I could be wrong, Java source code is not super easy for me to understand), instead of 102. If it's doing that, then it's intentionally adding a wrong number of frames. On top of that, topguw does not seem to understand that when you XOR the first burst of an unencrypted frame (C1), it needs to be XOR'd with the first burst of an encrypted frame (C1), and then the second with the second, third with the third, and fourth with the fourth burst.
Concerning your fourth question, I bought a BladeRF and two quad band GSM antennas. With that, I can sniff 28MHz at a time, more than enough to cover frequencies from channel 82 (951.4 MHz), to channel 117 (958.4 MHz) = 7MHz total. Another reason why I bought a BladeRF is because it features full duplex (transmit and receive at the same time), and everything is designed to be "in sync", meaning it's a lot cheaper than buying a USRP B200 where you have to buy a GPSDO (TCXO) module that doubles the price if you want it "in sync", which is important in my case.
There are many other SDRs that could probably work, but I wanted something that's not "too expensive" for what I want (full duplex high quality transmission). If I was not going to transmit anything and use full duplex, then I would've definitely bought a HackRF as the frequency range on that is much larger. I also wanted something that has very good driver support, which HackRF, BladeRF and USRP all do.
In case you're looking to buy an SDR, check out the round up on RTL-SDR: www.rtl-sdr.com/roundup-software-defined-radios/
I wouldn't recommend buying anything more expensive than the USRP B200, as that's generally just a waste of your money.
well I bought a HackRF and Airspy as BladeRF doesn't cover FM and AM Band without its transcverter board and it doesn't have 32mW TX Power (I think)
PS: Do you think you could create a video about creating GSM BaseStation with BladeRF and YateBTS as BladeRF is full duplex and I always wanted to know how you acually conect to it (as I can't connect to HR VIP even if I can recieve it well if I am connected to my main carrier (Telekom Slovenija)
Hmm, yeah by default it looks like BladeRF has a transmit power of +6 dBm, which converted is 7.94mW. (I'm using this calculator: www.rapidtables.com/convert/power/dBm_to_mW.htm)
With the amplifier upgrade on 2.4GHz it has a transmit power of around +32dBm (based on the amplifier upgrade specs unless I misunderstood them), which is 1584mW or 1.58 Watts. As you also mentioned, I'll need the transverter board to see frequencies below 300MHz. But as I'm mainly focused on GSM and maybe WiFi for now, it'll do.
It's definitely on my todo list, i.e. to create a video about setting up your own BTS and confirming it works. Obviously it'll be a low to very low transmit power configuration, and only accept the IMSI's of my own mobile phones to avoid any issues.
I looked into 2G/3G/4G authentication a bit yesterday, and found out that as we all know by now 2G generally has no authentication with the network or user equipment, while 3G user equipment has the ability to authenticate the network (to make it a lot harder for impostors to set up rogue networks, I need to test how this works in practice), and 4G has mutual authentication where the user equipment authenticates the network, and the network authenticates the user equipment. :-)
Ho messo non mi piace perché ci vuole la lente di ingrandimento x capirci qualcosa
Thats a creepy looking chick
If that's what a chick looks like to you then your mother is not a very good reference point.
Sunglasses, really?
Did you even watch the content in the video? :-)
Non si capisce un Cazzo
I hate linux. Always causes problems. Even with tasks as simple as reading an audio file. Installing ides, libraries, compilers, finding software to make other software work. All these tasks that would take minutes to complete on a windows computer takes shtload of time with linux. You need to take care of infinite issues if you're using linux and not an expert of linux and it is vert frustrating to quit your primary task and deal with your computer to make it work properly. I mean all windows distros except vista works like a charm. Linux is like an obsessive compulsive bipolar schizoid nymphomaniac narcissist heroin addict sociopath colleague. Too many issues to draw you back. Can windows do anything linux does? Or is linux absolutely necessary for those who are into hacking things? I like learning programming and have been learning Operating systems and multithreading recently. All good resources and references involve using linux. Pity.
I guess you haven't tried Windows Millennium Edition (ME) then :P About Linux, if you're going to be a professional hacker, then in most cases you need to be comfortable using the console, and in some cases that is all the access you will have when you pivot. Some programs can be installed on Windows, or in emulated environments, but it is recommended. In my case as I also need full Windows support, I prefer using Windows as the Host Operating System, and then Linux inside virtual machines with VMware. You can also use VirtualBox, but it doesn't have as good USB support.
On Linux, there are a lot of things which are easier, and you generally have a lot more control over what's happening. Most of the Internet is running Linux or Unix because it's also much more stable and generally more efficient when it comes to resource usage. For example, with a virtual lab, I can easily run 4-5 virtual Linux machines and Windows 10 as the Host OS. If I only ran Windows 10 including virtual machines, then I would run out of resources very fast and the overall experience/lag would be worse.
For every day use though, Windows is fine for most people as audio and video playback is often more smooth on Windows by default, and if you play computer games, you'll generally get more out of your computer on Windows, despite you can run Linux applications like Cedega, Wine, etc.
I've tried running both Windows and Linux as my main OS, and in my case I need several programs that are Windows only, and inside virtual machines they typically can't utilize my resources properly, yet.
One of the reasons why people choose Linux, besides it's open source and doesn't have a lot of tracking enabled, is because you have full control over everything. You can modify the kernel if you want to. You can also read and change source code of almost any program you run there too.
In relation to installing programs on Linux, this can typically be done in the background, and instead of downloading a 300-500mb single file, you download the necessary libraries including the compiled code. So after you've used your installation for a while, you generally don't install a lot of new libraries unless you need something specific.
If I want to install NMAP or Wireshark on Windows vs Linux, then Linux will generally finish much faster than Windows because of all the extra steps required. With that said, I do have NMAP and Wireshark installed on both Linux and Windows.
Being a professional hacker is about using the right tools for the job, and for web app hacking, you can typically get away with Firefox or Chrome and Burp Suite Pro (multi-platform), along with some online resources or a few Linux tools. These could be ported to Windows though. But I pretty much always have a Linux virtual machine open just for hacking, and in case I am on a computer where I can't easily install a virtual machine (or dual-boot which I generally never do anymore), then I install WSL (Windows Subsystem for Linux). It doesn't have all the tools you need, but you'll get at least some Linux capability in the Windows command line just by typing "bash".
Once you get used to using Linux just for hacking or hosting your own services, and not for "every day use" like watching videos, playing computer games, etc., then it's generally a very smooth experience.