Skip to content

Instantly share code, notes, and snippets.

View mrlnc's full-sized avatar

Merlin Chlosta mrlnc

95 followers · 47 following
View GitHub Profile
@mrlnc
mrlnc / .md
Created December 14, 2023 16:44
SIMtrace2 Serial Output

SIMtrace2 has a serial debug interface. It requires a serial-over-audio-jack cable that sysmocom sells in their webshop.

The serial output looks like this:

=============================================================================
SIMtrace2 firmware 0.8.1.66-e6e7, BOARD=simtrace, APP=trace
(C) 2010-2019 by Harald Welte, 2018-2019 by Kevin Redon
=============================================================================
-I- Chip ID: 0x28900960 (Ext 0x00000000)
@mrlnc
mrlnc / its-g5-sniffer.sh
Created May 9, 2023 19:04
ITS-G5-Sniffer
#!/bin/bash
DRIVER_DIR="/home/merlin/src-for-11p/linux/drivers/net/wireless/ath/"
INTERFACE="wlp2s0"
MONITOR_INTERFACE=$INTERFACE-monitor
FILE="v2x_%F_%H:%M:%S.pcap"
OUTPUT_DIR="/home/merlin/PCAPs/"
echo "Unloading modules. Some errors might occur if the modules are not actually loaded."
@mrlnc
mrlnc / gist:d7fc7d6fd037b3688fbfa00110a0c377
Created December 25, 2022 11:49
`iw list` for RPI4 on Kali
$ iw phy
Wiphy phy0
wiphy index: 0
max # scan SSIDs: 10
max scan IEs length: 2048 bytes
max # sched scan SSIDs: 16
max # match sets: 16
Retry short limit: 7
Retry long limit: 4
@mrlnc
mrlnc / carrier.plist
Created September 21, 2022 09:48
CountryBundle Germany, iOS 16.1 beta 2
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CellBroadcast</key>
<dict>
<key>AlertConfigurations</key>
<dict>
<key>Configuration_de</key>
<dict>
@mrlnc
mrlnc / ipsw-file-extraction.md
Created August 9, 2022 07:40
IPSW file extraction

I'd like to look at files from the iOS 16 filesystem. It's super easy, so easy that everybody except me seems to just know.

tl;dr: unzip the ipsw-file and double-click on the biggest dmg file to mount the iOS file system.

Unzip the ipsw:

$ unzip iPhone14,4_16.0_20A5339d_Restore.ipsw
@mrlnc
mrlnc / EF.CBMIR.md
Last active October 13, 2022 16:45
ets

Vodafone CallYa Germany (26202)

EF.CBMIR:

pySIM-shell (MF/ADF.USIM/EF.CBMIR)> read_binary_decoded 
{"type": "cmd", "cmd": "00a40004026f50", "rsp": "6129"}
{"type": "cmd", "cmd": "00c0000029", "rsp": "62278202412183026f50a50f800171c0010091047f206f509201008a01058b036f06048002001488009000"}
{"type": "cmd", "cmd": "00b0000014", "rsp": "00000001110011021112111b111f1127ffffffff9000"}
[
    [
        {
@mrlnc
mrlnc / gist:a2a37398b07b43f337a6f7579511c31b
Created July 26, 2022 21:09
plutil extract to JSON

Trying to convert a plist file to JSON but plutil is giving you a hard time?

I want the CellBroadcast as JSON:

plutil -extract CellBroadcast json -o - test.plist

That fails despite it should not:

test.plist: invalid object in plist for destination format
@mrlnc
mrlnc / gist:1ebaaeac5d7b3951f6a7bfa2a0abc468
Created June 30, 2022 08:30
Github Action: run python script & commit results
name: fetch website and commit results
on:
schedule:
- cron: "30 * * * *"
jobs:
build:
runs-on: ubuntu-latest
@mrlnc
mrlnc / carrier.xml
Created June 8, 2022 21:57
iOS FR-ALERT Configuration
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CellBroadcast</key>
<dict>
<key>AlertTypes</key>
<dict>
<key>SevereAlerts(Level3)</key>
<dict>
@mrlnc
mrlnc / Info.plist
Last active June 3, 2022 11:42
iOS Country Bundles 2022-06-03
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleShortVersionString</key>
<string>50.1.0</string>
<key>CFBundleDeviceFamily</key>
<string>iPhone</string>
<key>CFBundleIdentifier</key>
<string>com.apple.Ukraine</string>