Working with text messages / SMS in one core part of testing cellular devices. Running an own network, there are different approaches for sending text messages. This page shows a few.
Manually, via Phone
The most obvious approach for sending text messages will be using a simple phone. When the phone is connected to the cellular network it can simply send text messages to other devices.
openBSC has a control interface listening on port 4242 / TCP which supports sending text messages.
subscriber id 1 sms sender id 3 send test
This line will send a text message to the subscriber with the id 1 from the subscriber with the id 3 containing “test”.
subscriber extension 1234 sms sender extension 5678 send test
This line will send a text message to the subscriber with the extension 1234 to the subscriber with the extension 5678 containing “test”.
As source/target openBSC is able to work with id, extension, imsi and tmsi.
As this interface can be accessed via telnet, it is also possible to simply automate sending messages in a simply python script as shown below.
import telnetlib import time Host="127.0.0.1" Port="4242" tn = telnetlib.Telnet(Host,Port) tn.write("subscriber id 1 sms sender id 1 send starting test\n") pins=["%04d" % x for x in range(10000)] for pin in pins: cmd = "subscriber id 2 sms sender id 1 send " + pin + "\n" print cmd tn.write(cmd) time.sleep(1) tn.write("exit") tn.write("exit")
This script will send text messages to the subscriber with the id 2 from the subscriber with the id 1. The content of the text message is iterated by the for loop from “0000” to “9999”. As such this also is the quickest way of implementing a bruteforcer.
SMPP or Short Message Peer to Peer is a protocol used for transporting text messages / SMS within backend systems or between different SMSCs. openBSC offers an SMPP interface which can easily be access with a simple Python script.
You will need smpplib for python
pip install smpplib
import smpplib ip="127.0.0.1" port=2775 user="admin" password="admin" source="909099992" destination="909099991" message="test" print user print password print "kekse" client = None try: client = smpplib.client.Client(ip, port) client.connect() try: client.bind_transmitter(system_id=user, password=password) client.send_message(source_addr_ton=smpplib.command.SMPP_TON_INTL, source_addr_npi=smpplib.command.SMPP_NPI_ISDN, source_addr=source, dest_addr_ton=smpplib.command.SMPP_TON_INTL, dest_addr_npi=smpplib.command.SMPP_NPI_ISDN, destination_addr=destination, short_message=message, esm_class=smpplib.command.SMPP_MSGMODE_FORWARD, ) finally: if client.state in [smpplib.client.SMPP_CLIENT_STATE_BOUND_TX]: try: client.unbind() except smpplib.exceptions.UnknownCommandError as ex: #https://github.com/podshumok/python-smpplib/issues/2 try: client.unbind() except smpplib.exceptions.PDUError as ex: pass finally: if client: client.disconnect()