# HG changeset patch # User Mychaela Falconia # Date 1716585502 0 # Node ID 98c0881c2af06e9e26d527b4de71fd5482779cc2 # Parent e34029530a800e10f17dd6e1e8d25e9d945bffb1 tfo/find-is-hdr: move here from freecalypso-reveng This little program was developed in freecalypso-reveng Hg repository in 2023-03, when we didn't have a separate repository for network-side reverse eng, but now that we do have separate repositories for FreeCalypso (mobile side) vs network side reverse eng, move TFO RE work to the proper place. diff -r e34029530a80 -r 98c0881c2af0 .hgignore --- a/.hgignore Fri May 24 20:31:50 2024 +0000 +++ b/.hgignore Fri May 24 21:18:22 2024 +0000 @@ -2,6 +2,8 @@ \.[oa]$ +^tfo/find-is-hdr$ + ^trau-decode/trau-extr$ ^trau-decode/trau-parse$ diff -r e34029530a80 -r 98c0881c2af0 Makefile --- a/Makefile Fri May 24 20:31:50 2024 +0000 +++ b/Makefile Fri May 24 21:18:22 2024 +0000 @@ -1,4 +1,4 @@ -SUBDIR= trau-decode trau-files +SUBDIR= tfo trau-decode trau-files all: ${SUBDIR} diff -r e34029530a80 -r 98c0881c2af0 tfo/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tfo/Makefile Fri May 24 21:18:22 2024 +0000 @@ -0,0 +1,14 @@ +CC= gcc +CFLAGS= -O2 +STD= find-is-hdr +PROGS= ${STD} + +all: ${PROGS} + +${STD}: + ${CC} ${CFLAGS} -o $@ $@.c + +find-is-hdr: find-is-hdr.c + +clean: + rm -f ${PROGS} *.o *errs *.out diff -r e34029530a80 -r 98c0881c2af0 tfo/find-is-hdr.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tfo/find-is-hdr.c Fri May 24 21:18:22 2024 +0000 @@ -0,0 +1,82 @@ +/* + * This program reads a binary file containing a G.711 PCM stream capture + * and looks for an IS_Header pattern as defined in ETSI TS 101 504 + * (GSM 08.62) section A.1.2. The objective is to analyze PCM streams + * originating from extant commercial GSM network operators and see if + * they implement in-band TFO. + */ + +#include +#include +#include +#include +#include +#include +#include + +static char *pcmfile; +static size_t pcm_file_size; +static u_char *filemap; + +static const u_char hdr_pattern[20] = {0, 1, 0, 1, 0, 1, 1, 0, 1, 0, + 0, 1, 1, 0, 1, 0, 1, 0, 0, 1}; + +static void +mmap_pcm_file() +{ + int fd; + struct stat st; + + fd = open(pcmfile, O_RDONLY); + if (fd < 0) { + perror(pcmfile); + exit(1); + } + fstat(fd, &st); + if (!S_ISREG(st.st_mode)) { + fprintf(stderr, "error: %s is not a regular file\n", pcmfile); + exit(1); + } + pcm_file_size = st.st_size; + if (pcm_file_size < 320) { + fprintf(stderr, "error: %s is too short\n", pcmfile); + exit(1); + } + filemap = mmap(NULL, pcm_file_size, PROT_READ, MAP_PRIVATE, fd, 0L); + if (filemap == MAP_FAILED) { + perror("mmap"); + exit(1); + } + close(fd); +} + +static void +try_offset(offset) + size_t offset; +{ + unsigned n; + + for (n = 0; n < 20; n++) { + if ((filemap[offset + n * 16] & 1) != hdr_pattern[n]) + return; + } + printf("Found IS_Header at offset %lu (0x%lx)\n", (u_long) offset, + (u_long) offset); +} + +main(argc, argv) + char **argv; +{ + size_t offset, endoff; + + if (argc != 2) { + fprintf(stderr, "usage: %s pcm-capture-file\n", argv[0]); + exit(1); + } + pcmfile = argv[1]; + mmap_pcm_file(); + endoff = pcm_file_size - 320; + for (offset = 0; offset <= endoff; offset++) + try_offset(offset); + exit(0); +}