jimtangshfx / 5g_ciphered_nas_decipher_tool Goto Github PK
View Code? Open in Web Editor NEWA python tool to decipher/decrypt 5G ciphered NAS message and export plain 5G NAS into wireshark pcap file
A python tool to decipher/decrypt 5G ciphered NAS message and export plain 5G NAS into wireshark pcap file
Hi there! First of all, thanks for making this script. It's crucial for debugging purposes.
Long story short, I've install python, all other listed dependencies, compiled CryptoMobile. All looks good, I can see GUI but still can't decode anything. Not sure maybe my pyshark (latest) broken? or simply script needs some modification to work with latest dependencies versions?
Here is what I see in the python terminal output:
2023-08-02 14:48:53,777 - INFO - waiting for pcap filtered by ngap protocol,0 seconds passed.
2023-08-02 14:48:54,778 - INFO - waiting for pcap filtered by ngap protocol,1 seconds passed.
2023-08-02 14:48:54,778 - INFO - filter pcap by ngap protocol finished, now start dectypting!
Exception in thread Thread-1 (main_test):
Traceback (most recent call last):
File "C:\Program Files\Python311\Lib\threading.py", line 1038, in _bootstrap_inner
self.run()
File "C:\Program Files\Python311\Lib\threading.py", line 975, in run
self._target(*self._args, **self._kwargs)
File "C:\User\Downloads\python\5G_NAS_decipher_3gpp_standard.py", line 573, in main_test
self.capture = pyshark.FileCapture(self.filtered_file_name, display_filter='nas-5gs')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Program Files\Python311\Lib\site-packages\pyshark-0.6-py3.11.egg\pyshark\capture\file_capture.py", line 38, in __init__
super(FileCapture, self).__init__(display_filter=display_filter, only_summaries=only_summaries,
File "C:\Program Files\Python311\Lib\site-packages\pyshark-0.6-py3.11.egg\pyshark\capture\capture.py", line 88, in __init__
self._setup_eventloop()
File "C:\Program Files\Python311\Lib\site-packages\pyshark-0.6-py3.11.egg\pyshark\capture\capture.py", line 170, in _setup_eventloop
current_eventloop = asyncio.get_event_loop_policy().get_event_loop()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Program Files\Python311\Lib\asyncio\events.py", line 677, in get_event_loop
raise RuntimeError('There is no current event loop in thread %r.'
RuntimeError: There is no current event loop in thread 'Thread-1 (main_test)'.
Thanks for making this tool available! I haven't decrypted anything with it yet, but I think it will be very useful. There is one small issue I found while pre-testing it with Python 3.8.10. I had to comment out line 539 as below:
538: parameters = [tshark_path, '-r', '"'+file_name+'"', '-2', '-R', 'ngap', '-w', '"'+self.filtered_file_name+'"']
539: #parameters = ' '.join(parameters)
540: tshark_process = subprocess.Popen(parameters)
Otherwise I received this error:
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner
self.run()
File "/usr/lib/python3.8/threading.py", line 870, in run
self._target(*self._args, **self._kwargs)
File "5G_NAS_decipher_3gpp_standard.py", line 556, in main_test
if self.filter_pcap():
File "5G_NAS_decipher_3gpp_standard.py", line 539, in filter_pcap
tshark_process = subprocess.Popen(parameters)
File "/usr/lib/python3.8/subprocess.py", line 858, in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
File "/usr/lib/python3.8/subprocess.py", line 1704, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: '/usr/bin/tshark -r "/home/myhome/Traces/merged.pcap" -2 -R ngap -w "/home/myhome/Traces/merged_filtered.pcap"'
But after commenting out the parameters = ' '.join(parameters)
line, it worked fine.
Thanks!
Does this decryption could be used to read SUPI ? (Old IMSI on previous 3g/4g/etc)
Regards, William
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.