Open source GSM cracking software called “Kraken” has been released into the wild. You may recognize some of the information from back in December when we announced that they had cracked GSM encryption. Well, now you can participate as well. You’ll need a pretty beefy Linux machine and some patience. They say that an easier GUI and support for GPU processing is coming in the near future.
30 thoughts on “Release The Kraken: Open Source GSM Cracking Tool Released.”
Leave a Reply
Please be kind and respectful to help make the comments section excellent. (Comment Policy)
Excelent news, I’ll try to give my contribute to the cause !
It’s brute forcing..still
Not like the old days of mobile telephones is it? All that was needed to listen on the IMTS system was the standard radio scanner. Listening in was fun to do at first, but boring after a while. The only ones that had the phone around here where oil producers ans oilfield service companies. Few others just justify the monthly service charge and aroused a $1 per minute use charge.
I can help out, just tell me what I can do to contribute to the cause!
I can’t test anything out on a phone or something because I have Verizon… but if you need me to run some code I can certainly do that!
xorpunk, not brute force, rainbow tables.
that being said the talk that Chris Paget is going to be going on GSM decryption through a MitM vector looks to be quite interesting.
2TB of disk space? I assume that’s for the rainbow table storage?
at the risk of sounding stupid, what can you do with this?
http://lists.lists.reflextor.com/pipermail/a51/2010-June/000657.html
2tb isnt exactly Bittorrent friendly, so if you want the tables, you have to physically copy them. anyone headed to norway?
@redbeard: very little difference..one is a database based on key-space and the other is sequentially generated data both go through the same protocol.
@xorpunk – there’s actually quite a bit of difference. While yes, both involve brute-force of the key space, rainbow tables do that brute-force /once/, and from then on you (approximately, details vary) look up a fragment of the ciphertext in the table, and it gives you a short list of possible keys, rather than simply having you run through the full list. In the extreme case, you’d look up the ciphertext and get exactly the plaintext out, but the rainbow table technique lets you do a time/space tradeoff to tune the search to available hardware. Looks like this guy has it to where a reasonably strong, four-core machine can crack it in a minute and a half – that’s no exhaustive search of the keyspace, and it’s just a strong computer and couple hundred dollars of disk. Time to bump the search space, looks like, or fix the flaws making rainbow attacks applicable.
Gotto agree with the brute force comment. But it’s still very exciting news! I can see this popping up at the next hackers conf.
About 7-8 years ago, I got my first mobile phone. An Ericsson T-somethingorother with Optus Prepaid. One night while at my friend’s house, we called the Optus “Check your balance” number repeatedly (about 10 times a minute). Eventually the system jammed and crashed. When we called again, we could hear one side of a person’s conversation. We were able to do this about half a dozen times until they fixed it.
GSM cracking? Who needs it? I did the ol’ “buffer overflow” attack and listened to a woman talking about having tomato soup with crackers.
Believe it or not lot of people beyond gov/mil have already axs to such a device for cracking gsm beyond that axs to telcos internal network so cracking doesnt even required.
This is just another good example for that many technologies which does not available for the open, is available for the people with money. Big deal a kid made a hack what exist since decades for others…
You should build a new stealth fighter prototype then u just realize lockhead built 10times better back in the 80’s so much about this…
And yes it gets boring listening others phone conversations for sure not to mention you wont hear anything interesting or make money out of this. Phreaking is D E A D.
I won’t go into details, but I speak from experience, when you streamline communications monitoring you’ll be bored to death. Unless you’re a ‘carder’.
Yes I’m being a downer, I’m sure soda pop perky degenerates from suburbia will sensationalize all this without even understanding it.
And I thought CDMA was a bad idea.
com on now why don’t you guys do a set on the best opensorced mobile phones out there? WEBOS phones such as palm pre and palm pixi? These are multi tasking deamons! Work loke androind I phone and linux server wrapped up in one neet, eficiant package. Hell theywill have web os slates coming up in a few months! Again this phone runs on LINUX! Can be hacked imto almost OutOfTheBox! And all iphone apps (most android and BB apps as wel) can be ported over to it in matter of hours! Hell gameboy andvanced and PsP games can be pirted. It even turns this page into an ap >.<
“2tb isn’t exactly Bittorrent friendly”
This raises an interesting possibility of using a distributed hash table…of hashes. Individuals store a gig or so of data, which is accessed dynamically by the network. This system could work very well for rainbow tables. The actual data payload is very tiny since users only need 128 bits per hash.
2TB spread over thousands of computers is next to nothing, and makes tracking and prosecuting users very difficult.
@ vash_sin; you clearly dont understand the point of this software; or for that matter the use of proper grammer and how to spell (or atleast use spell check). And what the hell would Gameboy’s and PSP’s have to do with cellular technology?
@ Heimer, the reason the Government has access to this technology is because all service providers have to give them access to there networks; they don’t need to crack GSM protocols, and besides the point isn’t so the government can use it its for colleges, research groups,hackers, and tinkerers and you know what if someone designed a stealth plane that actually works I would be damn glad if they posted the designs; then again it’s very likely they would get taken down quickly.
“or for that matter the use of proper grammer and how to spell (or atleast use spell check).”
Another guy pointed out your misuse of “their” but I’d like to point out how you suggested a spell check while misspelling grammar. it’s pretty funny. loser.
@Mr_Bishop: When hurling insults about grammar be sure to do it right yourself:
“…access to there networks…”
IT’S “THEIR”
This stupid mistake makes me cringe everytime I have to witness it…
Dammit you native speakers get “there, their, they’re” right! It isn’t too hard, you know!
ok. WTF are all these comments about “downloading 2GB” and “distribute data over many internet machines”??
First: The railbow tables are generated by the kraken itself.
Second: You use raw HDs for key storage because of low latency and fast access. So WTF do you want with a distributed internet table?!
@marvin:can you post links to some papers on “railbow” tables?
Maybe I’m more interested in seeing what the speed up is after porting to OpenCL???
@Marvin: Thank you I always get the there,their,and they’re(s) a bit mixed up; the last is fairly obvious but alas public education failed me; But I wasn’t hurling insults any more then you were (at least I didn’t take it as a insult). I only wish I had the hardware to try this out; I would love to hack into my moms cell (But I think it may be CDMA, its a crappy Kroger prepaid) or one of my brothers, sisters, ect just to play pranks on them; I know its childish but dammit nerdy childish pranks are the only ones worth doing.
“; But I wasn’t hurling insults any more then you were (at least I didn’t take it as a insult)”
than*
haha
wow how dare you act a grammar nazi? jeez you’re douche.
@xorpunk: Touché! :)
Well, when you search google for “railbow tables” the wikipedia article for “rainbow tables” shows up at the top :D
And this was a typo, not faulty grammar
@Mr_Bishop: I think it was funny :) Just kidding :)
What this “crack” does is let people listen in on your cell phone conversations. Nothing else.
You might as well go to a telephone company routing box outside an apartment building, break the locks, and attach a “butt set” at random. (It’ll help if you drive a panel van with a logo, and wear a jumpsuit.)
The government/police can already listen in (at a telephone company building, not over the air).
I fail to see any way that this is “excellent.” It’s just plain thuggish spying.
Hi people, what about airprobe:
https://svn.berlin.ccc.de/projects/airprobe/
It has been in the net for a while.
I hope Nokia N900 will be supported at least to use it for snooping the data. Even that old crap nokia 3360 worked. I went through a great trouble to get my hands on one of those plus data cable for it then I lost it lol.
Ok, so this is a n00b question, but I thought this would be a program one can download and use to generate a rainbow table, no? I understand the fella in norway generated the tables himself and the link provides how to, but how can one do this with out the program?
This is remarkably similar to the WPA/WPA2 rainbow tables.
I wonder if it would be worth making some 3TB drives (easy to get, cheap too at £47 apiece for budget externals) and preloading them with all the goodies for folks to use.
Obviously with a disclaimer involving the phrase “I solemnly swear that I am up to no good” to unlock the drive :-)