Skip to main content

OsmocomBB - Hardware and Software Setup - Tutorial (Motorola C118)

OsmocomBB is an Open Source GSM Baseband software implementation. By using the sofware on a compatible phone (e.g. Motorola C118), you are able to make and receive phone calls, send and receive SMS, etc. based on Free Software only.

 

 

 

Hardware

  • PL2303HX USB Serial To RS232 TTL Chip
  • 2.5 mm audio jack
  • Motorola C118 (E88)
This is a typical pin-out of a 2.5 mm audio jack:

L (Left Signal) Tip 1 Green
R (Right Signal) Ring 2 Red
GND (Ground) Sleeve 3 Bare Copper

You need to soldier the 2.5mm audio jack to the USB Serial To RS232 TTL Chip, whereas
  • TxD is at the tip of the plug
  • RxD is at the middle contact
  • GND is the outer contact 
2.5mm audio jack to the USB Serial To RS232 TTL Chip Osmocom

Software

Connect the phone to your PC and check if it is being recognized.
dmesg | grep tty
user@user:~$ dmesg | grep tty
[    0.000000] console [tty0] enabled
[ 6522.143379] usb 3-2: pl2303 converter now attached to ttyUSB0
To make sure everything is working, install cu and connect at 115200 baud. Permissions need to be set correctly, otherwise you will run into this error: "Cannot open /dev/ttyUSB0: Permission denied". 
sudo adduser user dialout
sudo chmod a+rw /dev/ttyUSB0
sudo cu -l /dev/ttyUSB0 -s 115200
Assuming the phone is switched off, press the power button and cu should display fmttool erro, which means you are ready to go!

Compiling OsmocomBB

Compiling GNU ARM toolchain

Ensure you add the path of arm-elf-gcc using export (check in shell: arm-elf-gcc). This is absolutely vital as failure to do so will yield you errors when trying to compile osmocom later on.   
mkdir gnuarm
cd gnuarm
wget  http://bb.osmocom.org/trac/raw-attachment/wiki/GnuArmToolchain/gnu-arm-build.2.sh
chmod +x gnu-arm-build.2.sh

sudo apt-get install build-essential libgmp3-dev libmpfr-dev libx11-6 libx11-dev texinfo flex bison libncurses5 \
 libncurses5-dbg libncurses5-dev libncursesw5 libncursesw5-dbg libpcsclite-dev libncursesw5-dev zlibc zlib1g-dev libmpfr4 libmpc-dev aptitude

sudo aptitude install libtool shtool automake autoconf git-core pkg-config make gcc

mkdir build install src
cd src/
wget http://ftp.gnu.org/gnu/gcc/gcc-4.5.2/gcc-4.5.2.tar.bz2
wget http://ftp.gnu.org/gnu/binutils/binutils-2.21.1a.tar.bz2
wget ftp://sources.redhat.com/pub/newlib/newlib-1.19.0.tar.gz
cd ..
./gnu-arm-build.2.sh

export PATH=$PATH:/home/user/gnuarm/install/bin

Compiling libosmocore

git clone git://git.osmocom.org/libosmocore.git
cd libosmocore/
autoreconf -i
./configure
make
sudo make install

Compiling osmocomBB 

git clone git://git.osmocom.org/osmocom-bb.git
cd osmocom-bb
git pull --rebase
cd src
make

OsmocomBB Hello world! 

Plug everything in, switch phone off, run command and press the phone's power button. 
cd ~/osmocom-bb/src/host/osmocon/
./osmocon -p /dev/ttyUSB0 -m c123xor ../../target/firmware/board/compal_e88/hello_world.compalram.bin
Osmocom Motorola C118

Loading RSSI 

sudo ./osmocon -d tr -p /dev/ttyUSB0 -m c123xor -c ../../target/firmware/board/compal_e88/rssi.highram.bin
OsmocomBB RSSI
Labels:

Comments

  1. Anonymous9 June 2015 at 06:57

    Don't you think to make project more interesting like sniffing_call or sniffing_sms ?

    ReplyDelete
  2. Anonymous9 June 2015 at 06:59

    is not possible to have all number phone near you with osmocomBB?

    ReplyDelete
  3. Anonymous2 April 2016 at 14:04

    It's not possible for having number but for the sniffing , it's possible.

    ReplyDelete
  4. Bastien3 October 2016 at 06:16

    https://bastienbaranoff.wordpress.com/2016/02/08/gsm-base-station-with-two-osmocom-bb-compatible-phones-on-kali-rolling/ see my blog to download a virtual machine osmo imsi-catcher working on vmware/virtualbox or install tips

    ReplyDelete
  5. Unknown24 January 2017 at 09:17

    Thanks for your tutorial about this, but unfortunately for me I get stuck at loading the Hello World or the RSSI to the phone. I just get a few lines like this:

    got 1 bytes from modem, data looks like: 81 .
    got 1 bytes from modem, data looks like: 1b .
    got 5 bytes from modem, data looks like: 74 6d 74 6f 6f tmtoo
    got 1 bytes from modem, data looks like: 65 e
    got 1 bytes from modem, data looks like: 72 r

    Maybe you know where I've gone wrong?

    ReplyDelete
  6. Anonymous13 June 2017 at 13:36

    Hallo
    Würden sie mir bei Osmocom 123 helfen kommen nicht weiter bin Anfänger.
    MFG

    ReplyDelete
  7. felangga21 November 2017 at 23:04

    Is it safe to boot into osmocombb ? Do I really need to backup my original firmware? how to do backup original firmware?

    ReplyDelete
  8. Unknown29 May 2019 at 20:39

    does the phone have to remain connected to PC in order to use this,
    or is the phone flashed and can boot stand alone?

    ReplyDelete

Post a Comment

Popular posts from this blog

Scid vs PC installation guide - Ubuntu (Mint, Debian etc.)

Scid vs PC Scid vs PC is definitely the best and most comprehensive chess software for Linux.  Unfortunately I struggled quite a bit to get it up and running. Before I start: You might prefer to watch the video. Otherwise keep on reading. Open a terminal and execute the following commands sudo apt-get install auto-apt build-essential sudo auto-apt update-local sudo auto-apt update sudo auto-apt updatedb Now make sure you got both tcl8.5-dev and tk8.5-dev installed sudo apt-get install tcl8.5-dev tcl8.5 sudo apt-get install tk8.5-dev tk8.5 Some users are reporting problems on Ubuntu 14.04. sudo apt-get install tcl8.6-dev tcl8.6 sudo apt-get install tk8.6-dev tk8.6 libgcj15-dev The 'x' refers to the current release: e.g. 4.9.tgz download scid vs pc: http://sourceforge.net/projects/scidvspc/files/source/scid_vs_pc-4.9.tgz/download tar -xzf scid_vs_pc-4.xx.tgz cd scid_vs_pc-4.x sudo auto-apt run ./configure sudo auto-apt run make sudo auto-apt run make install
36 comments
Read more

Automatically Reconnect WIFI (Debian, Ubuntu etc.)

The Problem For several reason I do not have access to LAN and thus have to rely on WIFI for my mining rigs. It is fine for most of the time, but the shit hits the fan, when the connection drops for one reason or another. The Solution #!/bin/bash wlan=`/sbin/ifconfig wlan1 | grep inet\ addr | wc -l` if [ $wlan -eq 0 ]; then service network-manager restart else echo WIFI IS UP fi Note: It's either wlan0 or wlan1. Check with sudo ifconfig . Save the script and make it executable. sudo chmod +x filename.sh Now there are several ways of making sure that our script is being executed every x minutes. The easiest way of accomplishing that I think is by using the command watch . sudo su watch -n 600 sh filename.sh What it does is execute our filename.sh script every 600 seconds. Or you implement a so called cron job   sudo crontab -e Add the following PATH=/usr/sbin:/usr/bin:/sbin:/bin */5 * * * * sh /home/username/filename.sh */5 * * * * means that
2 comments
Read more