Dectmon¶
dectmon
is a DECT protocol decoder. It can decode DECT MAC, DLC and NWK layer messages and display them in a human readable format.
# sh autogen.sh # sh configure # makeUsage
Configure the cluster in PP monitor mode:
# dect-cluster-add --name cluster0 --emc 0x12f5 --fpn 0x0be9f --mode PP # dect-cell-add --name cell0 --cluster cluster0 --flags monitor # dect-transceiver-bind --transceiver trx0 --cell cell0
Then start the dectmon
application. By default only NWK layer messages are displayed, use --dump-mac/-m=yes
to dump MAC layer messages and--dump-dlc/-d=yes
to dump DLC layer messages. To specify the PIN to use for calculating user authentication keys, use --auth-pin/-p=PIN
.
Deciphering¶
If dectmon is able to track the initial pairing of a phone, it calculates the resulting user authentication key, which is used to derive cipher keys
during authentication. dectmon calculates the cipher key and uses it to decipher encrypted connections. The user authentication key is permanently
stored in $HOME/dectmon.keys
and read from that file when a phone is first seen after a restart.
Updated by laforge over 2 years ago · 1 revisions