Mirror/rayhunter
1
0
Fork 0
mirror of https://github.com/EFForg/rayhunter.git synced 2026-06-10 23:03:31 -07:00
Code Issues Packages Projects Releases Wiki Activity
696 Commits 10 Branches 32 Tags
f9b621bde91fbf2a55cb9bdb20afef0913a304a8
Commit Graph

80 Commits

Author SHA1 Message Date
Cooper Quintin f9b621bde9 Update lib/src/analysis/nas_null_cipher.rs 
Co-authored-by: Will Greenberg <willg@eff.org>
 2025-07-16 15:25:11 -07:00
Cooper Quintin a4cb9454bd add version 2025-07-16 15:25:11 -07:00
Cooper Quintin b923d9d5a6 cargo fmt 2025-07-16 15:25:11 -07:00
Cooper Quintin 790c0963cd add nas null cipher analyzer 2025-07-16 15:25:11 -07:00
Will Greenberg 1a4deb7524 appease clippy 2025-07-16 13:20:14 -07:00
Will Greenberg 0585e0f996 run cargo fmt 2025-07-16 13:20:14 -07:00
Will Greenberg c783831e78 check: support pcaps 
rayhunter-check will now analyze any PCAP files it finds in addition to
QMDL
 2025-07-16 13:20:14 -07:00
Will Greenberg 83f246e9af lib: bump the analysis report version 2025-07-16 13:20:14 -07:00
Will Greenberg 0915103ede Flattens analysis structure a bit 
Instead of mirroring the QMDL container format exactly, let our analysis
files just be flat lists of packet analysis. Also removes the dummy
analyzer and adds version numbers to analysis reports and Analyzers
 2025-07-16 13:20:14 -07:00
Markus Unterwaditzer e320874854 Remove PartialEq, Clone, Serialize from LTE RRC parser 
Compiling telecom-parser takes 2 minutes on my machine. After removing
those derives it takes 1:15. I suspect it's mostly serde though.
 2025-07-15 15:21:02 -07:00
Simon Fondrie-Teitler 5019f2a9d1 Bump Rust edition to 2024 
Includes new cargo fmt changes
 2025-06-28 00:13:15 +02:00
Simon Fondrie-Teitler ed3072eb8e also run formatter 2025-06-27 23:23:27 +02:00
Simon Fondrie-Teitler 94289dcad5 Fix clippy complaints 2025-06-27 23:23:27 +02:00
Cooper Quintin 23a0f72c2f cargo fmt 2025-06-24 12:52:33 -07:00
Will Greenberg efae6203a9 rm unneeded comment 2025-06-24 12:52:33 -07:00
Will Greenberg 2e4de4a2df lib: Use pycrate-rs NAS parser 2025-06-24 12:52:33 -07:00
Markus Unterwaditzer be6f29dcf1 Add exponential backoff 2025-06-23 22:47:34 +02:00
Markus Unterwaditzer d166dfc13d get config and set config 2025-06-20 11:47:40 +02:00
Markus Unterwaditzer 9b759e6b42 add basic restart endpoint 2025-06-20 11:47:40 +02:00
Cooper Quintin 2634271715 re-enable null cipher and update docs 2025-06-17 16:30:22 -07:00
Markus Unterwaditzer 86e08f9a85 Allow enabling/disabling analyzers from config file (#382) 
Co-authored-by: Will Greenberg <willg@eff.org>
 2025-06-10 21:37:38 +02:00
Markus Unterwaditzer 2915dea9e9 Remove dead code and default features 2025-05-30 10:21:30 -07:00
Markus Unterwaditzer 6941bc57b6 Fix issues on TP-Link v9 
* Fix autostart by adding another port trigger for rayhunter-daemon
* Use Orbic's IOCTL params as fallback
* Fix sdcard path and make it configurable
* Update docs to indicate support
* Add uninstalling instructions for TP-Link
 2025-05-30 10:14:51 -07:00
Cooper Quintin c569101c36 Merge branch 'main' into frontend-rework 2025-04-28 17:19:28 -07:00
Markus Unterwaditzer 32b67df55d Fix clippy lints and upgrade deku 
Old version of deku was throwing clippy lints in generated code
 2025-04-25 11:57:33 -07:00
oopsbagel e04b78f0e0 ci: use rust-lld for all release targets 
Removes dependency on gcc-based cross-compilation toolchain.
 2025-04-25 11:55:23 -07:00
Will Greenberg b95ff90e5e cargo fmt 2025-04-24 13:23:29 -07:00
Will Greenberg 057c9acb40 wip 2025-04-14 11:59:54 -07:00
oopsbagel 9fe75ac961 chore: cargo fmt 2025-04-14 11:49:24 -07:00
Cooper Quintin 1b29cf0dee Merge branch 'main' into build-features 2025-04-11 10:38:49 -07:00
oopsbagel 01e762a3d6 fix(lib): enable building for windows targets 
- conditionally build diag_device.rs only for unix
- use build time target for runtime metadata on unix
 2025-04-11 10:07:02 -07:00
Markus Unterwaditzer 3dc373f0d3 add code comment 2025-04-08 21:21:20 +02:00
Markus Unterwaditzer 499b86aca6 Add build features for multiple device types 
The bin crate now has two features, one for each supported device.

* The IOCTL change from #142 is compiled in conditionally.
* Tp-link display is supported & tested for HW rev 3 and HW rev 5.

The release tarballs now contain two rayhunter-daemon binaries, for
orbic and tplink. An installer for tplink is not yet included.

Co-authored-by: m0veax <m0veax@chaospott.de>
 2025-04-07 21:15:32 +02:00
Sashanoraa 04652d2097 Add implement Default on types with ::new 
This fixes a clippy lint warning
 2025-03-27 11:57:01 -07:00
Sashanoraa 034e0632e4 Box some of the larger information element enum variants 
An enum is always the size needed to store its largest variant. Some of
the variants of the InformationElement and LteInformationElement are
substantially larger than the rest. Boxing the larger variants reduces
the size of the enum, in some cases by several kilobytes.

Since Rust does not currently support destructing a Box via pattern
matching, some code that destructures these enums had to be modified.
 2025-03-27 11:57:01 -07:00
Sashanoraa 4edf001ca4 Fix small clippy warnings 2025-03-27 11:57:01 -07:00
Sashanoraa b0a1b14160 Remove unused import due to e79dc4a 
The referenced commit disabled the null-cipher but did not remove the
now unused import.
 2025-03-26 10:41:05 -07:00
Will Greenberg e79dc4a8f0 lib: diable null-cipher heuristic due to false positives 
Due to an upstream hampi bug (https://github.com/ystero-dev/hampi/issues/133),
our RRC parser is reporting false-positives for the null cipher
heuristic.
 2025-03-25 15:13:36 -07:00
Sashanoraa d0d01089dd Fix various clippy warnings 
This commit fixes various clippy warnings that do not affect the
function of the code and aren't stylistic in nature.
 2025-03-24 13:47:20 -07:00
oopsbagel 0b3c0de481 fix(lib/util): use better names for runtime metadata 
- document RuntimeMetadata fields
- rename RayhunterMetadata to RuntimeMetadata
- rename RuntimeMetadata.os to RuntimeMetadata.system_os
- remove unpopulated hardware field
- remove unnecessary duplication of datastructure in analyzer harness
 2025-03-19 11:48:54 -07:00
oopsbagel f2b5aa2743 feat: show rayhunter version/os/arch in pcap, ndjson, qmdl manifest 
Create a util mod to provide information about the rayhunter binary and
system.
 2025-03-19 11:48:54 -07:00
oopsbagel 09d35ccec7 feat(pcap): add operating system kernel name and release 
Display the uname sysname and release as the OS option in the pcap Section
Header Block, falling back on just the std::env::consts::OS name ("linux") in
the case of runtime errors.

Co-authored-by: Nat Budin <natbudin@gmail.com>
 2025-03-19 11:48:54 -07:00
oopsbagel 5ae186bc73 feat(pcap): add rayhunter name and version to metadata 
Add the compile-time name and version to the pcap's Section Header Block
as the shb_userappl option, the canonical place for storing the name of
the application used to create the pcap.[0]

[0] https://ietf-opsawg-wg.github.io/draft-ietf-opsawg-pcap/draft-ietf-opsawg-pcapng.html#section-4.1-10
 2025-03-19 11:48:54 -07:00
Will Greenberg 5a084f1abb lib: set uplink flag for NAS 2025-01-30 11:33:14 -08:00
Will Greenberg 34d87d1fd7 this macro isn't public, so docstrings won't work 2025-01-28 11:02:19 -08:00
Will Greenberg da4952e70f fix docstring code 2025-01-28 11:02:19 -08:00
Will Greenberg 30323b8329 Keep old 2G downgrade analyzer 2025-01-28 11:02:19 -08:00
Will Greenberg 28b0f409db fix attribution 2025-01-28 11:02:19 -08:00
Will Greenberg 12640cc878 Rewrite our 2G downgrade analyzer 2025-01-28 11:02:19 -08:00
Will Greenberg 26eda5904f Better wording on IMSI requested warning 2025-01-28 11:02:19 -08:00