1. SMS PDU的格式
1.1. 引子
在如下link中,有一组SMS PDU数据,作者咨询这个数据如何解析:
https://osqa-ask.wireshark.or...
3045840891150009880132008208917535f150f239f2042f3d000a9132695403000011411090513032002074747a0e4acf416110bd3ca783ccf2771b44479741d120885e0eb7431.2. 协议
3GPP TS 23.040定义了SMS TPDU,SMS-DELIVER TPDU见如下章节:
9 Protocols and protocol architecture
9.2.2.1 SMS-DELIVER type
如下协议定义说明直接使用SMS TPDU,wireshark没有办法区分这个是SMS-SUBMIT还是SMS‑SUBMIT‑REPORT,所以一般建议用SMS RPDU来解析数据:
9.2.3.1 TP‑Message‑Type‑Indicator (TP‑MTI)
The TP-Message-Type-Indicator is a 2-bit field, located within bits no 0 and 1 of the first octet of all PDUs which can be given the following values:
bit1 bit0 Message type
0 0 SMS‑DELIVER (in the direction SC to MS)
0 0 SMS‑DELIVER REPORT (in the direction MS to SC)
1 0 SMS‑STATUS‑REPORT (in the direction SC to MS)
1 0 SMS‑COMMAND (in the direction MS to SC)
0 1 SMS‑SUBMIT (in the direction MS to SC)
0 1 SMS‑SUBMIT‑REPORT (in the direction SC to MS)
1 1 Reserved3GPP TS 24.011定义了SMS RPDU,RP-DATA message的格式见如下章节:
7 Message functional definitions and content
7.3 Messages for short message and notification transfer on
SM-RL
7.3.1.1 RP-DATA (Network to Mobile Station)
2. 解析工具
2.1. PDUspy
该工具可以从如下网站下载:
http://www.nobbi.com/download...
使用方法:在Manual页面,输入SMS PDU的16进制数据,然后配置好是Incoming还是Outgoing,是否带SMSC。点decode就可以在Decode页面看到解析结果。
2.2. tgppdecoder
2.2.1 工具使用
tppdocoder工具在如下网站下载:
https://segmentfault.com/a/11...
使用方法:SMS RP-DATA请使用gsm_a_rp解析;SMS TPDU请使用gsm_sms解析。
2.2.2 相关tshark命令
"C:\Program Files\Wireshark\text2pcap.exe" -l 147 sms.txt sms.pcap
"C:\Program Files\Wireshark\tshark.exe" -V -o "uat:user_dlts:\"User 0 (DLT=147)\",\"gsm_sms\",\"0\",\"\",\"0\",\"\"" -r sms.pcap2.3. 测试数据
使用前面的数据,因为之前的数据格式有误,调整并说明各种格式数据的解析方法如下:
Wireshark->gsm_a_rp:
PDUspy->Manual(Incoming, a SMSC header, 3GPP 27.005):
PDUspy->Manual(Incoming, no SMSC header, 3GPP 23.040) or Wireshark->gsm_sms:
01840791150009880132002e000a9132695403000011411090513032002074747a0e4acf416110bd3ca783ccf2771b44479741d120885e0eb743
0791150009880132 000a9132695403000011411090513032002074747a0e4acf416110bd3ca783ccf2771b44479741d120885e0eb743
000a9132695403000011411090513032002074747a0e4acf416110bd3ca783ccf2771b44479741d120885e0eb743
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。