Layer 3 ( network layer) is where all the interesting stuff is.In 3G/4G, the layer 2 is split up in two headers called RLC and MAC (which are typically < 10 bytes). tells whether what follows is encrypted and not.acknowledgment (“do you have received my important data? yes I have”).“this chunk of radio waves is not big enough for the bytes I’ll want to put into, I’ll use another later”), Layer 2 ( link layer, think like Ethernet header) is the network protocol that handles, in 3G/4G:.Layer 1 ( physical layer) is the way your phone schedules how radio waves are sent over the air (and it is a complex dance, as some neat tricks are required to optimize the usage of the radio spectrum).What QCSuper provides to you is layer 3 and above packets. This capture was realized on a Sony Xperia Z, switching manually between the 2G, 3G and 4G, generating SMS, calls and some data traffic.
You could just run the tool and try to make sense of the displayed information, but for the sake of pedagogy, let’s first analyze some traffic together!ĭownload the example 2G/3G/4G capture (.pcap) You can see radio frames unfolding on your screen, and you are like Neo.
Let’s say that you have a rooted Android phone (this is required for reading /dev/diag on the system), plugged in USB to your computer, and that you have downloaded QCSuper (and installed dependencies, everything is explained here). Today, we are proud to present QCSuper, an open-source tool that will enable you to passively capture raw 2G/3G/4G frames produced by your rooted Qualcomm-based Android phone or dongle, and produce a PCAP analyzable using Wireshark (in addition to a couple other input/output formats). I have discovered that most USB dongles with a Qualcomm processor exposed a special diagnostic protocol, called Diag (or DM, or QCDM – for Qualcomm Diagnostic monitor).But I have also discovered that this proprietary protocol was also present inside Android phones (through a device called /dev/diag) and it allowed a couple good things, such as obtaining raw captures of network air traffic or, in older models, reading/writing at arbitrary offsets of the radio chip’s memory (!). Lately, I have been playing with a 3G dongle – a small USB device enabling to connect to the mobile Internet.
This helps a wider audience understand these underlying technologies and experiment first hand with these networks. Please note that this article is written to simplify and abstract many complex technical aspects.
0 kommentar(er)
