diff --git a/doc/heuristics.md b/doc/heuristics.md index 9b0ad8b..a3a2a9f 100644 --- a/doc/heuristics.md +++ b/doc/heuristics.md @@ -10,6 +10,4 @@ Rayhunter includes several analyzers to detect potential IMSI catcher activity. makes sense in the US, European users may want to disable it. - **LTE SIB6/7 Downgrade**: Tests for LTE cells broadcasting a SIB type 6 and 7 which include 2G/3G frequencies with higher priorities -- **Null Cipher** (disabled by default): Tests whether the cell suggests using a null cipher (EEA0). - This is currently disabled by default due to a parsing bug triggering false - positives. +- **Null Cipher**: Tests whether the cell suggests using a null cipher (EEA0). diff --git a/lib/src/analysis/analyzer.rs b/lib/src/analysis/analyzer.rs index 390d7aa..54caecb 100644 --- a/lib/src/analysis/analyzer.rs +++ b/lib/src/analysis/analyzer.rs @@ -26,10 +26,7 @@ impl Default for AnalyzerConfig { imsi_requested: true, connection_redirect_2g_downgrade: true, lte_sib6_and_7_downgrade: true, - // FIXME: our RRC parser is reporting false positives for this due to an - // upstream hampi bug (https://github.com/ystero-dev/hampi/issues/133). - // once that's fixed, we should regenerate our parser and re-enable this - null_cipher: false, + null_cipher: true, } } } diff --git a/telcom-parser/Cargo.toml b/telcom-parser/Cargo.toml index 04f2192..2d73a8b 100644 --- a/telcom-parser/Cargo.toml +++ b/telcom-parser/Cargo.toml @@ -6,6 +6,7 @@ edition = "2021" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] +# FIXME: When this branch is merged into main point this at the release version of hampi again asn1-compiler = { git = "https://github.com/ystero-dev/hampi", rev = "67f3283764eda20022d190c3d3d6edd1a88047e0" } asn1-codecs = { git = "https://github.com/ystero-dev/hampi", rev = "67f3283764eda20022d190c3d3d6edd1a88047e0" } asn1_codecs_derive = { git = "https://github.com/ystero-dev/hampi", rev = "67f3283764eda20022d190c3d3d6edd1a88047e0" }