Detection of 5G Signals Using Software-Controlled Radio Technology
Qualcomm Phones Repurposed as Affordable 5G Sniffers
In a groundbreaking development, researchers have found a way to transform Qualcomm phones into 5G sniffers, offering an affordable and portable solution for analyzing 5G protocols, network troubleshooting, and security research.
The process involves leveraging specialized software hacks that repurpose the phone's cellular modem, originally designed for communication, to capture and analyze 5G radio signals. Qualcomm chipsets offer internal diagnostic modes and exposed interfaces that allow capturing raw radio data for sniffing purposes.
To achieve this, users need to access the Qualcomm modem’s debug or diagnostic interface to extract Layer 1/Layer 2 5G data. This is done using custom or open-source tools that can communicate with the modem via Qualcomm's diagnostic protocols (often based on QXDM or QCAT tools originally made for debugging). Linux or Android-based environments on the phone are required to handle these low-level modem communications and process the raw 5G signals.
The 5G sniffer, developed by the ASSET Research Group, uses two Universal Software Radio Peripheral (USRP) software-defined radios (SDRs) for real-time sniffing. However, most users may not have the supported USRP hardware, and the project's complexity makes it a challenging prospect for home hackers and researchers.
The 5G sniffer has been tested with the n78 and n41 bands, and the data captured can be filtered using Wireshark. The ASSET Research Group has also provided a sample capture file for anyone to analyze.
It's important to note that the exploitation of these vulnerabilities can lead to downgrading the connection to 4G and device fingerprinting. Moreover, the exploitation framework can turn an SDR into a malicious 5G base station.
The 5Ghull attack method, part of the exploitation framework, can cause device failure, requiring the removal of the SIM Card. This project includes an exploitation framework with numerous attack vectors, offering a unique look inside the inner workings of 5G.
Despite the challenges, this innovative hack provides an accessible way for researchers and enthusiasts to delve into the world of 5G, without the need for expensive dedicated hardware.
