view tfo/find-is-hdr.c @ 14:98c0881c2af0

tfo/find-is-hdr: move here from freecalypso-reveng This little program was developed in freecalypso-reveng Hg repository in 2023-03, when we didn't have a separate repository for network-side reverse eng, but now that we do have separate repositories for FreeCalypso (mobile side) vs network side reverse eng, move TFO RE work to the proper place.
author Mychaela Falconia <falcon@freecalypso.org>
date Fri, 24 May 2024 21:18:22 +0000
parents
children
line wrap: on
line source

/*
 * This program reads a binary file containing a G.711 PCM stream capture
 * and looks for an IS_Header pattern as defined in ETSI TS 101 504
 * (GSM 08.62) section A.1.2.  The objective is to analyze PCM streams
 * originating from extant commercial GSM network operators and see if
 * they implement in-band TFO.
 */

#include <sys/types.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

static char *pcmfile;
static size_t pcm_file_size;
static u_char *filemap;

static const u_char hdr_pattern[20] =	{0, 1, 0, 1, 0, 1, 1, 0, 1, 0,
					 0, 1, 1, 0, 1, 0, 1, 0, 0, 1};

static void
mmap_pcm_file()
{
	int fd;
	struct stat st;

	fd = open(pcmfile, O_RDONLY);
	if (fd < 0) {
		perror(pcmfile);
		exit(1);
	}
	fstat(fd, &st);
	if (!S_ISREG(st.st_mode)) {
		fprintf(stderr, "error: %s is not a regular file\n", pcmfile);
		exit(1);
	}
	pcm_file_size = st.st_size;
	if (pcm_file_size < 320) {
		fprintf(stderr, "error: %s is too short\n", pcmfile);
		exit(1);
	}
	filemap = mmap(NULL, pcm_file_size, PROT_READ, MAP_PRIVATE, fd, 0L);
	if (filemap == MAP_FAILED) {
		perror("mmap");
		exit(1);
	}
	close(fd);
}

static void
try_offset(offset)
	size_t offset;
{
	unsigned n;

	for (n = 0; n < 20; n++) {
		if ((filemap[offset + n * 16] & 1) != hdr_pattern[n])
			return;
	}
	printf("Found IS_Header at offset %lu (0x%lx)\n", (u_long) offset,
		(u_long) offset);
}

main(argc, argv)
	char **argv;
{
	size_t offset, endoff;

	if (argc != 2) {
		fprintf(stderr, "usage: %s pcm-capture-file\n", argv[0]);
		exit(1);
	}
	pcmfile = argv[1];
	mmap_pcm_file();
	endoff = pcm_file_size - 320;
	for (offset = 0; offset <= endoff; offset++)
		try_offset(offset);
	exit(0);
}