add test analyzer

2026-04-26 15:39:59 -07:00 · 2025-08-20 12:01:25 -07:00
parent 33e4fbc544
commit ffdad4aed8
5 changed files with 80 additions and 0 deletions
--- a/lib/src/analysis/analyzer.rs
+++ b/lib/src/analysis/analyzer.rs
@@ -12,6 +12,7 @@ use super::{
    imsi_requested::ImsiRequestedAnalyzer, incomplete_sib::IncompleteSibAnalyzer,
    information_element::InformationElement, nas_null_cipher::NasNullCipherAnalyzer,
    null_cipher::NullCipherAnalyzer, priority_2g_downgrade::LteSib6And7DowngradeAnalyzer,
+    test_analyzer::TestAnalyzer,
 };

 #[derive(Debug, Clone, Deserialize, Serialize)]
@@ -23,6 +24,7 @@ pub struct AnalyzerConfig {
    pub null_cipher: bool,
    pub nas_null_cipher: bool,
    pub incomplete_sib: bool,
+    pub test_analyzer: bool,
 }

 impl Default for AnalyzerConfig {
@@ -34,6 +36,7 @@ impl Default for AnalyzerConfig {
            null_cipher: true,
            nas_null_cipher: true,
            incomplete_sib: true,
+            test_analyzer: false,
        }
    }
 }
@@ -175,6 +178,10 @@ impl Harness {
            harness.add_analyzer(Box::new(IncompleteSibAnalyzer::new()))
        }

+        if analyzer_config.incomplete_sib {
+            harness.add_analyzer(Box::new(TestAnalyzer::new()))
+        }
+
        harness
    }

--- a/lib/src/analysis/mod.rs
+++ b/lib/src/analysis/mod.rs
@@ -6,4 +6,5 @@ pub mod information_element;
 pub mod nas_null_cipher;
 pub mod null_cipher;
 pub mod priority_2g_downgrade;
+pub mod test_analyzer;
 pub mod util;
--- a/lib/src/analysis/test_analyzer.rs
+++ b/lib/src/analysis/test_analyzer.rs
@@ -0,0 +1,59 @@
+use std::borrow::Cow;
+
+use telcom_parser::lte_rrc::{BCCH_DL_SCH_MessageType, BCCH_DL_SCH_MessageType_c1};
+
+use super::analyzer::{Analyzer, Event, EventType, Severity};
+use super::information_element::{InformationElement, LteInformationElement};
+
+pub struct TestAnalyzer {
+    packet_num: usize,
+}
+
+impl Default for TestAnalyzer {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
+impl TestAnalyzer {
+    pub fn new() -> Self {
+        Self { packet_num: 0 }
+    }
+}
+
+impl Analyzer for TestAnalyzer {
+    fn get_name(&self) -> Cow<'_, str> {
+        Cow::from("Test Analyzer")
+    }
+
+    fn get_description(&self) -> Cow<'_, str> {
+        Cow::from("This is an analyzer which can be used to test that your rayhunter is working. It will generate an alert for every SIB1 message (a beacon from the cell tower) that it sees. Do not leave this on when you are hunting or it will be very noisy.")
+    }
+
+    fn get_version(&self) -> u32 {
+        1
+    }
+
+    fn analyze_information_element(&mut self, ie: &InformationElement) -> Option<Event> {
+        self.packet_num += 1;
+
+        if let InformationElement::LTE(lte_ie) = ie
+            && let LteInformationElement::BcchDlSch(sch_msg) = &**lte_ie
+            && let BCCH_DL_SCH_MessageType::C1(c1) = &sch_msg.message
+            && let BCCH_DL_SCH_MessageType_c1::SystemInformationBlockType1(sib1) = c1
+        {
+            return Some(Event {
+                event_type: EventType::QualitativeWarning {
+                    severity: Severity::Low,
+                },
+                message: format!(
+                    "SIB1 received (packet {}) CID: {}, PLMN: {:?}",
+                    self.packet_num,
+                    sib1.cell_access_related_info.cell_identity.0,
+                    sib1.cell_access_related_info.plmn_identity_list.0
+                ),
+            });
+        }
+        None
+    }
+}