Lab Active
Threat Model Security Guide
Security Tools:
Wireshark
tcpdump
OpenSSL
Python
scapy
hashcat
Security Lab Terminal - root@5g-security-lab
Quick Commands (click to copy)
Command copied to clipboard

Security Commands

5G-AKA Authentication

python3 /opt/security-labs/5g-aka-demo.py
Run 5G-AKA authentication demo
python3 /opt/security-labs/kdf-demo.py
Key Derivation Function demo
python3 /opt/security-labs/milenage.py
Milenage algorithm implementation
openssl rand -hex 16
Generate 128-bit random key (K)
openssl rand -hex 16 | tr a-z A-Z
Generate OPc key (uppercase)

SUPI/SUCI Privacy

python3 /opt/security-labs/supi-suci.py
SUPI to SUCI encryption demo
python3 /opt/security-labs/ecies-demo.py
ECIES Profile A/B encryption
openssl ecparam -name secp256r1 -genkey -out private.pem
Generate ECIES key pair (Profile A)
openssl ecparam -name X25519 -genkey -out x25519.pem
Generate X25519 key (Profile B)

NAS Security

tshark -i any -Y nas-5gs
Capture 5G NAS messages
tshark -i any -Y "nas-5gs.mm.message_type == 0x56"
Filter Registration Request
tshark -i any -Y "nas-5gs.mm.message_type == 0x57"
Filter Authentication Request
tshark -i any -Y "nas-5gs.mm.message_type == 0x5d"
Filter Security Mode Command
python3 /opt/security-labs/nas-parser.py /tmp/capture.pcap
Parse NAS messages from pcap

Encryption Algorithms (NEA)

python3 /opt/security-labs/nea-demo.py
NEA1/NEA2/NEA3 encryption demo
openssl enc -aes-128-ctr -in plain.txt -out cipher.bin
AES-CTR encryption (NEA2 basis)
python3 /opt/security-labs/snow3g.py
SNOW 3G stream cipher (NEA1)
python3 /opt/security-labs/zuc.py
ZUC stream cipher (NEA3)

Integrity Algorithms (NIA)

python3 /opt/security-labs/integrity-demo.py
NIA1/NIA2/NIA3 integrity demo
openssl dgst -mac cmac -macopt cipher:aes-128-cbc
AES-CMAC (NIA2 basis)
python3 /opt/security-labs/mac-verify.py
Verify NAS MAC

Attack Detection & Defense

python3 /opt/security-labs/imsi-catcher-detect.py
Detect fake base stations
python3 /opt/security-labs/downgrade-attack.py
Downgrade attack simulation
python3 /opt/security-labs/replay-attack.py
Replay attack demo
python3 /opt/security-labs/dos-detection.py
DoS attack detection
python3 /opt/security-labs/rogue-gnb-detect.py
Rogue gNB detection

Packet Capture & Analysis

sudo tcpdump -i any sctp -w /tmp/5g-security.pcap
Capture SCTP (NGAP) traffic
tshark -i any -f sctp -Y ngap
Live decode NGAP
tshark -r /tmp/capture.pcap -T fields -e nas-5gs.mm.message_type
Extract NAS message types
wireshark -k -i any -f sctp &
Start Wireshark GUI

Certificates & TLS

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem
Generate self-signed certificate
openssl s_client -connect localhost:443 -tls1_3
Test TLS 1.3 connection
openssl x509 -in cert.pem -text -noout
View certificate details