Network Survey Plus Android App
What is it?
Network Survey+ is the Rooted version of the Network Survey Android App.
Why?
Why do we need a rooted version of the Network Survey Android app? Well, the unrooted version can only get access to a limited set of cellular details. With root access on certain devices with the right Qualcomm chipset, this app can get access to detailed cellular network messages via Qualcomm Diagnostic Monitor (QCDM).
This app logs several messages coming from QCDM to a pcap file for follow on processing.
Supported Devices
In theory, any Android device with a Qualcomm chip should work, but it seems that only certain devices work as expected. The following is a list of devices that have been confirmed to work with this Network Survey+ app.
| Device | Comments |
|---|---|
| Nexus 5X | |
| Pixel 3a |
Build and development instructions
Basic Instructions
To build and install the project follow the steps below:
1) Clone the repo.
2) Open Android Studio, and then open the root directory of the cloned repo.
3) Connect an Android Phone (make sure debugging is enabled on the device).
4) Install and run the app by clicking the "Play" button in Android Studio.Detailed Instructions
This app included a native application written in C (called Diag Revealer) that is used to initialize the /dev/diag QCDM device on the phone, and stream the output from the /dev/diag device to the a FIFO named pipe. The Java portion of this app reads from that FIFO queue and consumes the QCDM messages.
The Diag Revealer application source code was pulled from the MobileInsight Android app source code.
To make things easy, the full compiled binary of the Diag Revealer app is included in this repo. Eventually, we will make the gradle build script compile the Diag Revealer binary, but for now it is included in the repo. If you want to make changes to the Diag Revealer C application, you can do so and then compile it using the following steps:
1) cd app
1) ndk-build
1) Add the .so extension to the output file (probably something like libs/arm64-v8a/diag_revealer to libs/arm64-v8a/libdiag_revealer.so)
The reason the file needs to have the .so extension is that Android only unpacks the native application if it is a
shared library instead of just a regular executable. At some point it would be nice to investigate if we can get around
this and leave off the .so extension since it is misleading.
Prerequisites
Install Android Studio to work on this code.
Related Projects
This project is not alone in trying to leverage QCDM to get access to low level cellular messages. Following are a list of other projects that might be of interest to you.
Changelog
0.5.0 - 2021-09-11
- MQTT streaming now sends the entire pcap record in the JSON message.
- Switched to send the MQTT messages to the
cellular_ota_messagetopic. - Added support for streaming UMTS and GSM messages over MQTT.
0.4.0 - 2021-08-04
- Added support for logging GSM RR Signaling messages to pcap records.
- Added the version number to the home screen.
0.3.0 - 2021-07-12
- Added support for logging UMTS NAS and WCDMA RRC messages to pcap records.
0.2.0 - 2021-01-29
- Added support for streaming LTE OTA messages over an MQTT connection.
- LTE NAS messages are now logged to the pcap file and streamed over MQTT.
0.1.2 - 2020-11-02
- Fixed a bug where the diag_revealer.so file was not being unpacked.
0.1.0 - 2020-10-28
- Initial Release of Network Survey Plus.
Contact
- Christian Rowlands - Craxiom