How to build a rogue GSM BTS

With a Raspberry Pi and some other stuff


A great article by Simone Margaritelli about the building of portable GSM BTS: a DIY version of commercial solutions like Stingray or Wintego CatchApp.

In this blog post I’m going to explain how to create a portable GSM BTS which can be used either to create a private ( and vendor free! ) GSM network or for GSM active tapping/interception/hijacking … yes, with some (relatively) cheap electronic equipment you can basically build something very similar to what the governments are using from years to perform GSM interception.

Worthy of interest the primary purpose of the post:

I’m not writing this post to help script kiddies breaking the law, my point is that GSM is broken by design and it’s about time vendors do something about it considering how much we’re paying for their services.

Is interesting (and at the same time worrying!) that this kind of device can be implemented with a low expense and with easily available material and softwares:

In order to build your BTS you’ll need the following hardware:

– A bladeRF x40

– Two Quad-band Cellular Duck Antennas SMA.

– A Raspberry Pi 3 ( model 2 and below are too slow ).

– An USB battery pack ( I’m using a 26800mAh Anker Astro E7 ).

– A microsd for the RPI >= 8GB.

and the following software:


For technical details and project implementation, please refer to the original post:

https://evilsocket.net/2016/03/31/how-to-build-your-own-rogue-gsm-bts-for-fun-and-profit/


References

Comments