Rodan framework is provided so that you can test your systems against threats, understand the nature of these threats, and protect your own systems from similar attacks. Do not attempt to violate the law using Rodan. If this is your intention, then LEAVE NOW!
Any actions and/or activities related to the the uses of Rodan is solely your responsibility. The misuse of Rodan can result in criminal charges brought against the persons in question. The authors and Etisalat Egypt will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
Rodan is a telecom signaling exploitation framework created and maintained by Etisalat Egypt Research Labs (E-Labs). This framework includes a suite of modules that enable users to exploit vulnerabilities in the signaling protocols used by mobile operators. Rodan currently supports SS7 and Diameter protocols with plans to support GTP and SIP.
- Network and Subscriber Information Diclosure.
- Location Tracking.
- SMS Interception.
- Call Redirection.
- Fraud.
- GT/Host Brute Forcing.
- Advanced Filtering Bypass:
- E.214 Numbering Plan
- Malfrmed ACN.
- Substitution of Operation Code Tag.
- Double MAP.
- Calling Party/Origin Host Spoofing.
- SS7 Simulation Network.
Rodan has a look and feel similar to the Metasploit Framework, reducing the learning curve for leveraging the framework.
NOTE: Knowlege of SS7 and Diameter signaling protocols is required to use Rodan framework
- Linux OS
$ unzip rodan-master
$ cd rodan-master
NOTE: Instead of downloading the compressed source, you may instead want to clone the GitHub
repository: git clone https://github.com/Etisalat-Egypt/Rodan.git
The easiest way to build Rodan is using provided Docker build container, and use it with the included simulation network.
$ cd build/scripts
$ ./build-docker.sh
To create the latest development build from this source repository:
$ sudo apt install lksctp-tools
Disable Maven's default http removing or commenting out maven-default-http-blocker element in settings.xml.
<mirror>
<id>maven-default-http-blocker</id>
<mirrorOf>external:http:*</mirrorOf>
<name>Pseudo repository to mirror external repositories initially using HTTP.</name>
<url>http://0.0.0.0/</url>
<blocked>true</blocked>
</mirror>
</mirrors>
$ cd build/scripts
$ ./build-standalone.sh
$ cd build/scripts
$ ./start-docker.sh
$ cd build/scripts
$ ./start-standalone.sh