Darshak
version: 2.0

Last update of the program in the header:28.05.2015



For the operation of the program requires root user rights.

Short description:
Program pomogat detect "silent" sms signs wiretapping phone, no encryption communication.

Description:
Darshak application designed for two main purposes -
* Detection of suspicious activity in the background, in the likeness of Silent SMS
* Evaluation of the safety system of your mobile operator

Key features in GSM and 3G networks -
* Detection and notification when you get a silent SMS
* Activity in the background during any SMS or call
* Shows which authentication was used by the operator and the number RAND
* Display encryption method your operator at some point (ciphering algorithms) GSM (A5 / 1, A5 / 2, A5 / 3) and 3G (UEA0 or UEA1). Lack of encryption can be a sign of wiretapping of your phone.

The program is written and has been tried on the Samsung Galaxy S3 (GT I9300).
Sources in the public domain, which makes it possible to introduce support dvuhsimochnik.
The program is unique in the fact that no modern phone or program does not display the encryption communication method.


Android required: 4.1 and above
Russian interface: Not

Developer: Aalto University
Homepage: https://github.com/darshakframework/darshak
Google Play: https://play.google.com/store/apps/details?id=com.darshak



Download: version: 2.0
com.darshak.apk(387.18 KB)




Post has been editedGridzilla - 31.05.15, 14:55

And you can tell more in detail what the difference between this program from:
GSM Spy Finder
Android IMSI-Catcher Detector
?
It can detect all types of SMS: Silent, Stealth, Ping?

But even the developers do not plan?

okouser
The main difference as for me - shows the presence of encryption on the network. This shows no other program. And this program is not so qualitatively detects the presence of eavesdropping and interception.
I proposed to introduce in GSM Spy Finder information about how to encrypt the network, Odaka I think that even in the long term it is not implemented.

Android IMSI-Catcher Detector
Implementation duhsimochnikov not plan.

Why is that, especially if the source code of the program are open, where it is implemented?

Posted on 29/05/2015, 10:25


How are qualitatively different algorithms in GSM Spy Finder and Android IMSI-Catcher Detector?

Post has been editedokouser - 29.05.15, 10:26

okouser
I think you better ask the author GSM Spy Finder program in the next topic. Although I have on this subject have an opinion, I will not articulate.
Implemented encryption display just as Darshak, for what I did and posted ....

I think that on 1%, they do not differ in GSM Spy Finder and Android IMSI-Catcher Detector. Even Android IMSI-Catcher Detector better. But I do not understand why you are asking about the topic Darshak program, and not in a relevant subject.

It seems that while the program works only on

I do not agree. SnoopSnitch of children from SRLabs shows including the encryption method. Last, as for me, actually the only serious program in the area (given that Darshak I try and could not, did not start). AIMSICD has caught not a single one of silent sms but Type: 0.
But another said there a program I do not want to discuss

You just forget about a few "buts".
SnoopSnitch gruit entire Old on their server and processes it there and only works on Qualcomm.

okouser,
And again, I do not agree. With the chipset you are right, in fact, need a debug module in the kernel, which is usually not in the custom bikes.
But by default, all information is processed on locally, internet connection monitor mode does not need to. Just have the opportunity to send to the server network test results or log activity for analysis

If so, we would like to wait for Version MTK.

Unfortunately, in the short term it is not realistic because of the absence of the alleged interface to the diag-module or the module in the firmware for MTK

dis100,

I agree with you that the most important thing - is to check on the network encryption and capture the hidden WAP-Push.

Of course - those who have these functions are implemented, and those work programs.

For example Nokia phones (old) showed the decrypted channel that signaled the audition. (The witness of how it works and what results !!!)

However, there is one but ... I read once at a forum on the topic xda.dev similar program - and so they said that there should be predumotrena corresponding function at the hardware level, because android software may not have access to data the processing of which has actually passed in GSM-modem. Those. even if such a program is implemented, it can only work with certain chips, where the developer initially provided an opportunity to gather information about encryption.

okouser,
If so to argue that virtually all programs can be simply "phony." Well type as earlier released some "Internet boosters" and other debris.

Then the only phones that have shown that listening on - remain until Nokia with its "open snaps."

Yah?!
In fact, that's why there is the empirical method.
The fact that it represents virtually any application store, did not say, probably just lazy. Dummy, Trojans, and the like etc.
Therefore did so: experimental verification is often the best way.


You specifically talking about?

Post has been editedokouser - 13.10.15, 16:39

okouser,
On the S40 Nokia "open padlock" indicates the absence of network encryption. Up to the model of the Nokia 515.
Witnessed how, after the appearance of the icons on my phone a couple of minutes "maskishou" taking "merchant". In all likelihood - listened to his phone.

Here is such as in the photo. } -)

PS Unfortunately it is an empirical method, and do not own))) bad memory: rofl:



Post has been editedFilosof_00 - 13.10.15, 17:18

By the way from me so programmers "business project" - create a "phone accelerator" for Android. Business idea - completely free of charge)): rofl: And sell. And that code is not fixed - speeds through distributed computing on their servers. } -): thank_you:: rofl: And that is something the phone from slows me down;)

PS Smart people understand the hope of some programmers, I am talking about - let's not call them names and nicknames aloud. : Yes2:

Post has been editedFilosof_00 - 13.10.15, 20:32

Heh. It's not just models.
The fact is that for some time now, the topic of the standardGSM 02.07 , with reference to GSM 11.11 explicitly regulates manufacturers of terminals to ask the SIM card "is it possible to show the user that the encryption is dropped in A5 / 0 . And manufacturers of SIM cards, set the default bit in the "no show".

According to some reports (quite arbitrary), 2012y year on such cards in Europe was 85%, in Russia - 60%
Too lazy to look, but one of senyor-programmers to Google Android, Android Development Group responded to numerous requests to enter the analogue of this padlock around in the way that it just came to nothing lead, and ask the need not only to producers of firmware, but also operators.

Consequently, there is what? Analyze remains on the radio interface protocol / SIM interface, ignoring the preset. And this is a very trivial task.
Fully it can be done (for now) only Osmocom-phones. With some difficulty - in the chipsets / firmware with a diagnostic driver.
What can and what conditions Darshak - I could not understand because I do not have the necessary machines and closed code. Above I mentioned alternative projects with them the situation is more or less moving.



Out of it, they are not the worst, they can be simple and RAW-PDU filter to catch. But PID: 0x7f / DCS: 0xf6, that "Binary message" / "Data Download" - it is unpleasant (more google Fake SIM OTA Update, if interested)

dis100,
I'm just working encryption. I would immediately introduce a definition of the availability of encryption, only thing was not so obvious. The fact that wiretapping is conducted basically is now encrypted, and turn it off as soon as it makes no sense for listening. And all because the "villains :)" were simply lower the level and slip "necessary keys" encrypted, thanks to modern means of wiretapping.
However, I was able to understand the principle of how to distinguish "their keys" from the encryption operator.
And it's all thanks to your criticism, I realized and came to this.
In the new version, I hope to reduce the degree of your doubts.
C \ y GSM Spy Finder Author.

okouser,
If you remember the Session Initiation scheme in GSM, you certainly understand what is written above the nonsense about "to distinguish the keys" (in which the air is naturally not passed) as always demonstrates the competence of the author.
Well, either he likes to keep people for idiots.
But I have to ask - do not succumb to provocations and discuss its crafts and more in this topic.