Unknown log type for Qualcomm 9205

[mgronst]

Hi!

I have successfully used this tool for Quectel modules based on Qualcomm 9206, and it is really valuable.

However some of the Quectel modules are based on Qualcomm 9205, and qcsuper doesnt seem to be able to parse the debug output.

` .\qcsuper.py --usb-modem COM27 --info

[+] Compilation date: Mar 13 2021 15:33:48 [+] Release date: Mar 06 2021 23:00:00 [+] Version directory: 9205.lte

[+] Common air interface information: [+] Station classmark: 0 [+] Common air interface revision: 0 [+] Mobile model: 255 [+] Mobile firmware revision: 100 [+] Slot cycle index: 0 [+] Hardware revision: 0x107 (1.7)

[+] Mobile model ID: 0x100c [+] Chip version: 0 [+] Firmware build ID: BG95M1LAR02A04

[+] Diag version: 8 `

` .\qcsuper.py --usb-modem COM27 --decrypt-nas --pcap-dump 9205.pcap

[+] Enabled logging for: 1X (1), DTV (10), APPS/LTE/WIMAX (11), TDSCDMA (13)

Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C: 153 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C: 3 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C: 105 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C: 32 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C: 34 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C: 89 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C: 100 ^C `

I have an elf-dump that I can provide on a separate email.

Anyway I can support on updating the tool to parse this debug output as well?

[Melon08P4]

Can you look at this also ?

[<] Received response 152 of length 62: b'\x01\x00\x00\x01\x00\x00\x00\x10\x003\x003\x00/A\t\x89\xbfq;"\xf3\x00\x84(\x1f\x00z\x0bC\x00P\x8e _\x00\x98\x00\xc2\xa8\x11!\x91!\x010 8\xb8\x08\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01' [<] Received response 152 of length 62: b'\x01\x00\x00\x01\x00\x00\x00\x10\x003\x003\x00/A\x0ce\xcfq;"\xf3\x00\x84(\x1f\x00z\x0bC\x00P\xa6Q\x93D3\x00\x0f\x10\xc0-\xb64\x00\x86\x11(\x16F\x1e\xe1\xd0\x00\x00\x00\x00\x00\x00\x00\x00\x00' [<] Received response 152 of length 51: b'\x01\x00\x00\x01\x00\x00\x00\x10\x00(\x00(\x00/A\x0c\xb9\xd1q;"\xf3\x00\x80\x00\x14\x00z\x0bC\x00\xfe7\xfc\x16\x08\xc0?\xeb\xdb\xd0\x00\x01@\x01\x00<\xd0\xa8\xe0' [<] Received response 152 of length 62: b'\x01\x00\x00\x01\x00\x00\x00\x10\x003\x003\x00/A\x0e}\xdfq;"\xf3\x00\x84(\x1f\x00z\x0bC\x00P\xc2\xb1\x80\x19h\x98\x02!\xd0\x84;\xa2\x08WF\x11n\x90&\xad(B:\x89t\xe1\x0b*\x02' [<] Received response 152 of length 48: b'\x01\x00\x00\x01\x00\x00\x00\x10\x00%\x00%\x00/A\x19\r=r;"\xf3\x00\x83\x01\x11\x00z\x0bC\x00\xdcb\xbe\x13\x08\xf7\xc0B\x00\x00\x02\x00\x03\xc3\xd1\x92\x80' [<] Received response 152 of length 38: b'\x01\x00\x00\x01\x00\x00\x00\x10\x00\x1b\x00\x1b\x00/A\x1e\x9dar;"\xf3\x00\x81\x02\x07\x00z\x0bC\x00\x93Ba\x05\xa2@\x80'

[p1-mmr]

This should have been addressed by the changes introduced in pull request #57. Thank you for your help in troubleshooting this!

[mgronst]

Hi! I still seem to have trouble decoding RRC Level packets, NAS packets are identified and decoded to pcap.

` [+] Enabled logging for: 1X (1), DTV (10), APPS/LTE/WIMAX (11), TDSCDMA (13)

Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 69 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 105 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 112 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 21 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 103 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 137 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 144 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 89 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 96 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 69 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 168 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 201 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 73 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 80 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 149 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 44 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 16 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 213 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 132 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 73 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 80 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 64 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 89 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 96 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 178 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 153 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 160 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 24 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 24 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 169 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 176 ^C`

[p1-mmr]

@mgronst Thank you for your feedback. It seems that the .DLF file that you sent through e-mail a few days ago doesn't contain Diag OTA/RRC log packets.

Please note that you should perform the same actions (switching between 2G/3G/4G, doing some smartphone usage, etc.) / wait as long as when you generate a PCAP file that produce the concerned faulty messages in order to generate a DLF file that will yield the same errors.

You can use ./qcsuper.py --dlf-read YOUR_DLF_FILE.dlf --pcap-dump /tmp/OUTPUT_PCAP_FILE.pcap in order to attempt to convert a DLF file to PCAP (this should yield the same errors to the terminal as if you produced a PCAP directly, etc.). (you may also be able to use flags such as --dlf-dump / --pcap-dump / --wireshark-live concurrently in the same command IIRC.)

Could you please send a .DLF file that triggers the same errors in order to help troubleshooting the issue?

Thank you!

[p1-mmr]

I have also pushed a commit d1d9c47 to the Git repository that may solve your issue (use git pull to update).

[mgronst]

Hi!

See attached a dlf file for test with the Qualcomm 9205. This particular chipset supports only LTE/LTE-M, so you`ll only see attach attempts for 4G. Converting to PCAP with QCSuper, gives me this output:

Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 64 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 128 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 129 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 166 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 89 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 233 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 240 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 165 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 39 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 40 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 73 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 0 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 80 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 89 Unknown log type received for LOG_LTE_RRC_OTA_MSG_LOG_C version 25: 96

BR Markus

On Wed, May 19, 2021 at 10:30 AM Marin @.***> wrote:

I have also pushed a commit d1d9c47 https://github.com/P1sec/QCSuper/commit/d1d9c479e5b8dddd1824c8da82a01ef5c8beab79 to the Git repository that may solve your issue (use git pull to update).

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/P1sec/QCSuper/issues/56#issuecomment-843873970, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARMQRJVPP7EEX5WW4IUIQJTTONZMDANCNFSM44RIBXLQ .

[p1-mmr]

Hello,

Thank you, but Github's issue system didn't retransmit the file that you attached to your message. Can you please send it directly aｔ mmr at p1sec ｄｏｔ com?

Thanks!

[p1-mmr]

Ok, I should have added correct support in commit 51a6ee0. You can re-download the last version of QCSuper (or use git pull in the folder of the repository if you downloaded it using git) for correct decoding of the LTE messages.

[mgronst]

Thanks! I dont see any error messages now for unknown log types. I see some of the RRC messages are marked as Malformed Packets in Wireshark. Could it be some decoding issues of the actual message? See screenshot below.

[image: image.png]

-Markus

On Fri, May 21, 2021 at 8:02 PM Marin @.***> wrote:

Ok, I should have added correct support in commit 51a6ee0 https://github.com/P1sec/QCSuper/commit/51a6ee0fd7beac62a55c75106f033b346e6a0fa6. You can re-download the last version of QCSuper (or use git pull in the folder of the repository if you downloaded it using git) for correct decoding of the LTE messages.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/P1sec/QCSuper/issues/56#issuecomment-846139893, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARMQRJUIHOTZ7WSQL22SYRLTO2N4HANCNFSM44RIBXLQ .

[p1-mmr]

Thank you for the feedback. Your image was not retranscribed in the Github issue ticket (https://github.com/P1sec/QCSuper/issues/56), you may want to send it (or preferably the PCAP capture or corresponding DLF file) either by e-mail or directly in the ticket but through the web interface.

[mgronst]

Hi!

See attached DLF and PCAP.

-Markus

On Fri, May 21, 2021 at 9:53 PM Marin @.***> wrote:

Thank you for the feedback. Your image was not retranscribed in the Github issue ticket (#56 https://github.com/P1sec/QCSuper/issues/56), you may want to send it (or preferably the PCAP capture or corresponding DLF file) either by e-mail or directly in the ticket but through the web interface.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/P1sec/QCSuper/issues/56#issuecomment-846218841, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARMQRJS6RWRHKBCT3DNY2FDTO225FANCNFSM44RIBXLQ .

[p1-mmr]

You still e-mailed the Github ticketing system, neither files nor images are transmitted when doing this :)

[p1-mmr]

Ok, I have pushed a modification in commit f658b9e, does re-downloading QCSuper (or updating the source using git pull if you're using Git) and retrying solve the issue?

[mgronst]

Thanks a lot! I see now issues anymore from further testing today. Really appreciate your effort and work.

-Markus

On Sat, May 22, 2021 at 3:32 PM Marin @.***> wrote:

Ok, I have pushed a modification in commit f658b9e https://github.com/P1sec/QCSuper/commit/f658b9ef55fb791bb009dbae2eb4cf1dcb326682, does re-downloading QCSuper (or updating the source using git pull if you're using Git) and retrying solve the issue?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/P1sec/QCSuper/issues/56#issuecomment-846409070, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARMQRJWQFC5ECPIUS6JJ5XDTO6XAPANCNFSM44RIBXLQ .