Release The Kraken: Open Source GSM Cracking Tool Released.

Open source GSM cracking software called “Kraken” has been released into the wild. You may recognize some of the information from back in December when we announced that they had cracked GSM encryption. Well, now you can participate as well. You’ll need a pretty beefy Linux machine and some patience. They say that an easier GUI and support for GPU processing is coming in the near future.

[Thanks Eliot Via Slashdot and PCWorld]

30 thoughts on “Release The Kraken: Open Source GSM Cracking Tool Released.

  1. Not like the old days of mobile telephones is it? All that was needed to listen on the IMTS system was the standard radio scanner. Listening in was fun to do at first, but boring after a while. The only ones that had the phone around here where oil producers ans oilfield service companies. Few others just justify the monthly service charge and aroused a $1 per minute use charge.

  2. I can help out, just tell me what I can do to contribute to the cause!

    I can’t test anything out on a phone or something because I have Verizon… but if you need me to run some code I can certainly do that!

  3. @xorpunk – there’s actually quite a bit of difference. While yes, both involve brute-force of the key space, rainbow tables do that brute-force /once/, and from then on you (approximately, details vary) look up a fragment of the ciphertext in the table, and it gives you a short list of possible keys, rather than simply having you run through the full list. In the extreme case, you’d look up the ciphertext and get exactly the plaintext out, but the rainbow table technique lets you do a time/space tradeoff to tune the search to available hardware. Looks like this guy has it to where a reasonably strong, four-core machine can crack it in a minute and a half – that’s no exhaustive search of the keyspace, and it’s just a strong computer and couple hundred dollars of disk. Time to bump the search space, looks like, or fix the flaws making rainbow attacks applicable.

  4. About 7-8 years ago, I got my first mobile phone. An Ericsson T-somethingorother with Optus Prepaid. One night while at my friend’s house, we called the Optus “Check your balance” number repeatedly (about 10 times a minute). Eventually the system jammed and crashed. When we called again, we could hear one side of a person’s conversation. We were able to do this about half a dozen times until they fixed it.

    GSM cracking? Who needs it? I did the ol’ “buffer overflow” attack and listened to a woman talking about having tomato soup with crackers.

  5. Believe it or not lot of people beyond gov/mil have already axs to such a device for cracking gsm beyond that axs to telcos internal network so cracking doesnt even required.

    This is just another good example for that many technologies which does not available for the open, is available for the people with money. Big deal a kid made a hack what exist since decades for others…
    You should build a new stealth fighter prototype then u just realize lockhead built 10times better back in the 80’s so much about this…

    And yes it gets boring listening others phone conversations for sure not to mention you wont hear anything interesting or make money out of this. Phreaking is D E A D.

  6. I won’t go into details, but I speak from experience, when you streamline communications monitoring you’ll be bored to death. Unless you’re a ‘carder’.

    Yes I’m being a downer, I’m sure soda pop perky degenerates from suburbia will sensationalize all this without even understanding it.

  7. com on now why don’t you guys do a set on the best opensorced mobile phones out there? WEBOS phones such as palm pre and palm pixi? These are multi tasking deamons! Work loke androind I phone and linux server wrapped up in one neet, eficiant package. Hell theywill have web os slates coming up in a few months! Again this phone runs on LINUX! Can be hacked imto almost OutOfTheBox! And all iphone apps (most android and BB apps as wel) can be ported over to it in matter of hours! Hell gameboy andvanced and PsP games can be pirted. It even turns this page into an ap >.<

  8. “2tb isn’t exactly Bittorrent friendly”

    This raises an interesting possibility of using a distributed hash table…of hashes. Individuals store a gig or so of data, which is accessed dynamically by the network. This system could work very well for rainbow tables. The actual data payload is very tiny since users only need 128 bits per hash.

    2TB spread over thousands of computers is next to nothing, and makes tracking and prosecuting users very difficult.

  9. @ vash_sin; you clearly dont understand the point of this software; or for that matter the use of proper grammer and how to spell (or atleast use spell check). And what the hell would Gameboy’s and PSP’s have to do with cellular technology?

    @ Heimer, the reason the Government has access to this technology is because all service providers have to give them access to there networks; they don’t need to crack GSM protocols, and besides the point isn’t so the government can use it its for colleges, research groups,hackers, and tinkerers and you know what if someone designed a stealth plane that actually works I would be damn glad if they posted the designs; then again it’s very likely they would get taken down quickly.

    1. “or for that matter the use of proper grammer and how to spell (or atleast use spell check).”

      Another guy pointed out your misuse of “their” but I’d like to point out how you suggested a spell check while misspelling grammar. it’s pretty funny. loser.

  10. @Mr_Bishop: When hurling insults about grammar be sure to do it right yourself:

    “…access to there networks…”

    IT’S “THEIR”

    This stupid mistake makes me cringe everytime I have to witness it…

    Dammit you native speakers get “there, their, they’re” right! It isn’t too hard, you know!

    ok. WTF are all these comments about “downloading 2GB” and “distribute data over many internet machines”??

    First: The railbow tables are generated by the kraken itself.

    Second: You use raw HDs for key storage because of low latency and fast access. So WTF do you want with a distributed internet table?!

  11. @Marvin: Thank you I always get the there,their,and they’re(s) a bit mixed up; the last is fairly obvious but alas public education failed me; But I wasn’t hurling insults any more then you were (at least I didn’t take it as a insult). I only wish I had the hardware to try this out; I would love to hack into my moms cell (But I think it may be CDMA, its a crappy Kroger prepaid) or one of my brothers, sisters, ect just to play pranks on them; I know its childish but dammit nerdy childish pranks are the only ones worth doing.

  12. @xorpunk: Touché! :)

    Well, when you search google for “railbow tables” the wikipedia article for “rainbow tables” shows up at the top :D

    And this was a typo, not faulty grammar

    @Mr_Bishop: I think it was funny :) Just kidding :)

  13. What this “crack” does is let people listen in on your cell phone conversations. Nothing else.

    You might as well go to a telephone company routing box outside an apartment building, break the locks, and attach a “butt set” at random. (It’ll help if you drive a panel van with a logo, and wear a jumpsuit.)

    The government/police can already listen in (at a telephone company building, not over the air).

    I fail to see any way that this is “excellent.” It’s just plain thuggish spying.

  14. I hope Nokia N900 will be supported at least to use it for snooping the data. Even that old crap nokia 3360 worked. I went through a great trouble to get my hands on one of those plus data cable for it then I lost it lol.

  15. Ok, so this is a n00b question, but I thought this would be a program one can download and use to generate a rainbow table, no? I understand the fella in norway generated the tables himself and the link provides how to, but how can one do this with out the program?

  16. This is remarkably similar to the WPA/WPA2 rainbow tables.
    I wonder if it would be worth making some 3TB drives (easy to get, cheap too at £47 apiece for budget externals) and preloading them with all the goodies for folks to use.
    Obviously with a disclaimer involving the phrase “I solemnly swear that I am up to no good” to unlock the drive :-)

Leave a Reply to DrikCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.