Kali2.0+64位
更新系统
apt-get update && apt-get dist-upgrade -y
安装必要的软件包依赖
apt-get install build-essential libgmp3-dev libmpfr-dev libx11-6 libx11-dev texinfo flex bison libncurses5 libncurses5-dbg libncurses5-dev libncursesw5 libncursesw5-dbg libncursesw5-dev zlibc zlib1g-dev libmpfr4 libmpc-dev
安装GNU的依赖,因为osmocomBB是依赖于GNU的
aptitude install libtool shtool automake autoconf git-core pkg-config make gcc
新建工作目录,例如osmocombb,然后下载官方提供的一个构建arm编译器预编译环境的shell脚本
mkdir osmocombb
cd osmocombb
wget http://bb.osmocom.org/trac/raw-attachment/wiki/GnuArmToolchain/gnu-arm-build.3.sh
然后在osmocombb目录下新建一个src文件夹,切换进去,下载必要的文件包
mkdir src
cd src
wget http://ftp.gnu.org/gnu/gcc/gcc-4.8.2/gcc-4.8.2.tar.bz2
wget http://ftp.gnu.org/gnu/binutils/binutils-2.21.1a.tar.bz2
wget ftp://sources.redhat.com/pub/newlib/newlib-1.19.0.tar.gz
下载完成之后切换到osmocombb目录,给之前的shell脚本赋予运行权限
cd ..
chmod +x gnu-arm-build.3.sh
之后运行脚本
./gnu-arm-build.3.sh
编译完成后
Build complete! Add /root/osmocombb/install/bin to your PATH to make arm-none-eabi-gcc and friends
accessible directly.
把这个路径添加到环境变量中,这里的路径是根据你当前所生成的目录来的,请自行修改。执行下面的命令来添加环境变量
export PATH=$PATH:/root/osmocombb/install/bin
开始编译osmocomBB固件了。首先需要git下来osmocomBB的源文件。切换到osmocombb目录下面执行下面的命令来克隆osmocombb的源码
git clone git://git.osmocom.org/osmocom-bb.git
切换到osmocom-bb目录执行下面的命令来保持获取到的是最新的代码
cd osmocom-bb
git pull --rebase
需要一个osmocom的库libosmocore,这个库里面包含osmocom很多项目所需要的文件,而不仅仅是BB这个项目,比如还有SIMTRACE以及OpenBSC等
git来克隆libosmocore
git clone git://git.osmocom.org/libosmocore.git
编译libosmocore需要一些软件包的依赖,这里先安装一下依赖,以保证编译能够顺利的进行。执行下面的命令安装
apt-get install build-essential libtool shtool autoconf automake git-core pkg-config make gcc libpcsclite-dev
依赖问题解决后就可以开始编译libosmocore了,切换到libosmocore目录下面执行下面的命令
cd libosmocore
autoreconf -i
./configure
make
make install
cd ..
ldconfig
ldconfig命令一定不要忘记执行,否则osmocomBB编译后运行时会出现找不到libosmocore.so.4的错误
切换到osmocombb/osmocom-bb/src目录下面,执行下面命令
cd osmocombb/osmocom-bb/src
make
lsusb命令查看USB设备
开始刷机
cd /dev //查看USB编号
cd osmocombb/osmocom-bb/src/host/osmocon
./osmocon -p /dev/ttyUSB0 -m c123xor ../../target/firmware/board/compal_e88/layer1.compalram.bin
接下来GC,sniffer
三个窗口:
窗口一~扫描可用基站:
cd ~/osmocom-bb/src/host/layer23/src/misc/
./cell_log -O
cd ~/osmocom-bb/src/host/layer23/src/misc/
./ccch_scan -i 127.0.0.1 -a 基站编号
窗口3:[抓包分析]
wireshark -k -i lo -f ‘port 4729‘
1.在运行脚本的时候会出现编译错误,这个卡了我两天时间
In file included from /root/armtoolchain/src/gcc-4.8.2/gcc/cp/except.c:1005:0:
cfns.gperf: In function ‘const char* libc_name_p(const char*, unsigned int)’:
cfns.gperf:101:1: error: ‘const char* libc_name_p(const char*, unsigned int)’ redeclared inline with ‘gnu_inline’ attribute
cfns.gperf:26:14: note: ‘const char* libc_name_p(const char*, unsigned int)’ previously declared here
cfns.gperf: At global scope:
cfns.gperf:26:14: warning: inline function ‘const char* libc_name_p(const char*, unsigned int)’ used but never defined
Makefile:1058: recipe for target ‘cp/except.o‘ failed
make[1]: *** [cp/except.o] Error 1
make[1]: Leaving directory ‘/root/armtoolchain/build/gcc-4.8.2/gcc‘
Makefile:3903: recipe for target ‘all-gcc‘ failed
make: *** [all-gcc] Error 2
出现这种情况应该是因为Kali本身安装了gcc-7.2.0,与sh中自行定义下载的gcc-4.8冲突,可以编辑sh文件将gcc改成我们的Kali自身的版本
GCC_SRC=gcc-7.2.0.tar.gz
GCC_VERSION=7.2.0
2.编译libosmocore时会出现错误 "No package ‘talloc‘ found"
去https://www.samba.org/ftp/talloc/ 下载最新版的安装就行了
wget https://www.samba.org/ftp/talloc/talloc-2.1.10.tar.gz
tar -zxvf talloc-2.1.10.tar.gz
cd talloc-2.1.10
./configure
make
make install
3.编译osmocom-bb时报错
/root/armtoolchain/osmocom-bb/src/target/firmware/include/endian.h:5:10: fatal error: sys/_types.h: 没有那个文件或目录
#include <sys/_types.h>
^~~~~~~~~~~~~~
compilation terminated.
Makefile:488: recipe for target ‘timer.lo‘ failed
make[4]: *** [timer.lo] Error 1
make[4]: Leaving directory ‘/root/armtoolchain/osmocom-bb/src/shared/libosmocore/build-target/src‘
Makefile:366: recipe for target ‘all‘ failed
make[3]: *** [all] Error 2
make[3]: Leaving directory ‘/root/armtoolchain/osmocom-bb/src/shared/libosmocore/build-target/src‘
Makefile:507: recipe for target ‘all-recursive‘ failed
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory ‘/root/armtoolchain/osmocom-bb/src/shared/libosmocore/build-target‘
Makefile:379: recipe for target ‘all‘ failed
make[1]: *** [all] Error 2
make[1]: Leaving directory ‘/root/armtoolchain/osmocom-bb/src/shared/libosmocore/build-target‘
Makefile:34: recipe for target ‘shared/libosmocore/build-target/src/.libs/libosmocore.a‘ failed
make: *** [shared/libosmocore/build-target/src/.libs/libosmocore.a] Error 2
4.刷机时报fmtools error(具体报的忘了)
c123xor改为c123
报错原因应该是虚拟机供电原因
5.基站扫描时出现
<000e> cell_log.c:443 Measure from 0 to 124
<000e> cell_log.c:443 Measure from 512 to 885
<000e> cell_log.c:443 Measure from 955 to 1023
<000e> cell_log.c:434 Measurement done就不动
vi osmocom-bb/src/target/firmware/board/compal/highram.lds
vi osmocom-bb/src/target/firmware/board/compal/ram.lds
vi osmocom-bb/src/target/firmware/board/compal_e88/flash.lds
vi osmocom-bb/src/target/firmware/board/compal_e88/loader.lds
vi osmocom-bb/src/target/firmware/board/mediatek/ram.lds
找到里面的这一串代码
KEEP(*(SORT(.ctors)))
在下面加入
KEEP(*(SORT(.init_array)))
保存即可,全部修改好,在进入osmocom-bb/src重新编译一下
$ make -e CROSS_TOOL_PREFIX=arm-none-eabi-
原文:http://www.cnblogs.com/vincebye/p/7538800.html