From OnnoWiki
Jump to: navigation, search

Welcome to AirProbe

AirProbe is the new home of the former GSM-Sniffer project. The goal is to build an air-interface analysis tool for the GSM (and possible later 3G) mobile phone standard. The prime motivation is to learn the details of the technology, help people who develop other open GSM technology (like OpenBTS, OpenMoko?, BS11/OpenBSC and others) and demonstrate the insecurity of the current standard.

General information about the project can be found in the Wiki. Source code is in the git. Get it using

 $ git clone git://

The project mailing lists can be found here: MailingLists

Take a look at the Roadmap for current Milestones that need your contribution. Feel free to generate tickets for these Milestones and work on them. Structure

AirProbe is divided into three main subprojects: Acquisition, Demodulation and Analysis.

Acquisition The Acquisition module is hardware dependent and contains everything that has to do with receiving and digitizing the air interface. This is the part that needs to be rewritten for different receiver hardware, so it should be kept small and limited to the necessary functions. Most parts should be inherited from GNURadio, to keep workload limited.

DeModulation The Demodulation module contains all necessary code to make bits out of the signal captured by Acquisition. It is in principle hardware independent, but should be open to use DSPs is desired.

Analysis This module contains all the protocol parsing and decoding. Wireshark can be used to handle parts of the visualisation and UI tasks. An important part of the Analysis module is non-realtime A5 DeCryption based on a generic fast CPU. Realtime or near-realtime A5 dercyption is not a goal of the project. For purposes of protocol analysis and demonstration of insecurities, non-realtime decryption is sufficient. Work in Progress

   A5 Tables Hardware 

Info pages

   Some hardware description
   Working With the USRP
   GSM decoding with Nokia 3310/3390 phone
   Presentations and papers on the project topics
   Some basics about SIM cards and how to build and use SIM Card Reader
   Over-the-Air (OTA) attack
   Beginners howto 

On Fri, Mar 2, 2012 at 5:46 PM, Deddi Hariprawira <> wrote: > CMIIW, > > my command is like follow : > -f 1960.8M --samp-rate 52000000 > what is supposed to be value for sampling rate for GSM ?. is it refer to GSM > Clock standard ?. > Do you have an idea what is the correct value of using ?.

The default Airprobe setting based on the old USRP1 driver was 112 decimation with a 64MHz clock. That's a sample rate of 571428.571429.


Lebih Detail


Pranala Menarik



OpenBTS 2.6

OpenBTS 2.8

Multi OpenBTS 2.8

OpenBTS 3.1.x

Ettus E110

Ettus N210



Briker OpenBTS


Power Amplifier

Lain Lain

Catatan Legal dan Pendukung

Catatan Sejarah

Dokumentasi Video

Perjuangan OpenBTS