IQTLabs / Daedalus

Exploring various defensive response options for effectively securing a 5G core-network
Apache License 2.0
39 stars 12 forks source link

How to get started #281

Closed iamapentester closed 2 years ago

iamapentester commented 2 years ago

I attended your talk at Defcon and wanted to try this. I were hoping to just download some dockers and start the 5g but it turned out to be much harder. I never got it to work.

Could you update your guide to help getting started ?

I run Kali and have both a vmware, virtualbox and docker + BladeRF x40 would that be possible to get up and running with this ?

rashley-iqt commented 2 years ago

@iamapentester we know that we need to update our docs. It would be helpful if you could give us some details on the problems that you had in trying to use the tool. A few questions:

  1. What version of Kali are you running?
  2. Are you running dadalus in a virtual machine? This is possible, but USB can be tricky in these cases.
  3. Is this the unit you are using?
  4. Were there any errors or relevant log snippets that you can share to help diagnose?

I suspect that the problem is Firmware related. All of our testing was with the BladeRF 2.0 micro A4 and My first guess is that your firmware needs are different.

keldnorman commented 2 years ago

Hi Ryan Just a quick feedback - sorry for missing details - i am traveling at the moment.

Here goes:

  1. What version of Kali are you running? Most people running Kali uses the latest version with roling updates ( currently called kali-rolling with kernel 5.18.0-kali5-amd64). That will not work because your scripts detects the version the OS is running and that string is not "on the detection list".

  2. Are you running dadalus in a virtual machine? This is possible, but USB can be tricky in these cases. I installed Ubuntu 20.4 LTS in a VM and got it to work with just running "apt-get install python3-pip docker-io docker curl bladerf uhd-host " and then "pip install daedalus-5g" but not more than just seeing the script run - the script then ask me a question about what services i wanted to run ( just pressed ok to the default 4G / not 5G selection) and here i would like to have had some comment to every service guiding me to what it is ( srsRAN enodeB or NSA gnodeB etc.. :) . I added the BladeRF. The VM worked fine when using VirtualBox but i did not ensure the USB is ok, fast enough etc - i never got that far to seeing things work (yet). I got some extra questions about what Physical Resource Blocks i wanted ? ( just selected default 50 ) and EARFCN code for DL i wanted (again no clue yet about what it is but selected the default 3400 value (also defaults for the rest of the questions about RX/TX gain values). The startup did not show any usefull errors (other than some DB_USER and DB_PASS values missing - but not where other that it should be set as a variable before starting the script ).

  3. Is this the unit you are using? The link you added for the Blade-RF is the exact model i use / have.

  4. Were there any errors or relevant log snippets that you can share to help diagnose? yes a lot - i will copy paste them in here but were thinking a guide to proper startup and pre config of the hardware / network etc should be made first before i paste trivial setup errors reported in the logs ?

What i were hoping to see here is a short guide where a Kali ( my OS ) is installed, apt-get install and pip commands were run, a blade-rf or alike were attached ( firmware stuff in another section ) and then "run"

The red and blue part you have build confuced me a little mostly because the red section looked empty.

(i know you are doing this in your spare time and i know how much work is put in to sharing knowledge and code - so i also just wanted to say a big thanks for you doing this and responding :)

emmair commented 2 years ago

@iamapentester , @keldnorman thank you both for the valuable feedback, its very useful! We will be updating our web page this week to include some of the items you are asking for. Specifically, the getting started guide for v0.10.0 of daedalus on Ubuntu 20.04 and a quick video to get the Ettus B200-mini running are attached, hopefully this can address some of the immediate issues you are seeing. You can substitute bladeRF for Ettus in the menu option and keep everything else the same to use the blade radio. Presently we do not support Kali linux, but we could look into it for the future. As far as the menu options go, 50 PRBs is usually good for the Ettus and BladeRF radios. The EARFCN depends on the bands that your phone supports - we usually use 900 (Band 2) for most of our phones. Don't worry about the DB errors at startup, that should not impact operation at all.

https://user-images.githubusercontent.com/57673850/188695639-2cb39fe2-faad-47df-ad4d-b6b6f6cb57f8.mp4

Daedalus-Ubuntu-20.04-Bare-Metal-Guide-Final.txt

emmair commented 2 years ago

@iamapentester , @keldnorman also as I mentioned at the talk, you need to provision your own USIM cards (i.e. your commercial carrier sims like AT&T and T-Mobile for example, will not work). I will also be posting detailed instructions on this shortly.

github-actions[bot] commented 2 years ago

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] commented 2 years ago

This issue was closed because it has been stalled for 5 days with no activity.