OSMOCOM, Application Test Audit

Hello All,

I have already installed osmocom-nitb on the ubuntu. Now, i am trying to show the subscriber information (retrieving authentication info and the MSISDN for a known IMSI Depending on the details of the OSMOCOM implementation and more in-depth possible attacks) out of the HLR (core network vulnerability). Could you please provide me information about how to proceed further !?

If you mean ascertaining the Ki, you would have to know what this is for a SIM card in order to provision it in the HLR. You cannot simply have an MS attach and then use the Osmocom stack to find the Ki when you did not previously know this.

Ki also takes places during the MS authentication you are right, but in parallel SRES is calculated on the HLR, which is the result of the Ki and RAND using A 1 to 5 encryption.
I have virtualised the HLR, MSC, STP and BSC and also created a subscriber on the HLR. The aim of my work is to disclose network information on wireshark.

This question is not SDR specific and probably best directed to the Osmocom mailing list.