Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/exfil0/5g-network-slicing-vulnerability

Below is a complete Python script that implements a single-node or distributed 5G slicing lab wizard.
https://github.com/exfil0/5g-network-slicing-vulnerability

5g-core-network 5g-simulation 5gvulnerability dos-attack fuzzing location-tracking poc slicing

Last synced: about 1 month ago
JSON representation

Below is a complete Python script that implements a single-node or distributed 5G slicing lab wizard.

Awesome Lists containing this project

README 

          
# 5G NETWORK SLICING VULNERABILITY (PoC) - RESEARCH IN PROGRESS...



## 5G Lab Setup & Wizard Script (Single-Node or Distributed)



## Overview

This script sets up a 5G slicing lab with the following features:



- **Dependency Installation**: Automatically installs required packages and updates the system.

- **Builds Components**: Compiles and installs open5GS (5G Core) and srsRAN (RAN simulator).

- **Wizard Interface**: Provides interactive menus for single-node or distributed testing scenarios.

- **Pentesting Tools**: Includes basic scanning, location tracking demos, and DoS simulations.



### **Important Notes**

- Designed for **Ubuntu/Debian-based systems** (e.g., Ubuntu 20.04, 22.04).

- Must be run as **root** or via **sudo**.

- For distributed deployments, ensure **SSH connectivity** and `paramiko` are configured.

- Intended for **lab or demonstration purposes only**. Do not use on production systems.



---



## Script Details



### Script Description

```python

#!/usr/bin/env python3

"""

5G Lab Setup & Wizard Script (Single-Node or Distributed)

Author: ScaryByte



Description:

  - Installs and upgrades necessary packages.

  - Builds open5GS (5G Core) and srsRAN (RAN simulator) from source.

  - Provides a wizard for single or distributed scenarios.

  - Allows basic pentesting tasks (Nmap, Hydra, log checks, DoS scripts).



Usage:

  sudo ./LAB-PoC.py



Disclaimer:

  This script is intended for demonstration in an isolated lab environment only.

  Unauthorized testing on production systems is illegal and unethical.

"""

```



For the complete script, refer to the [source code](./LAB-PoC.py).



---



## Usage Instructions



### Make the Script Executable

```bash

chmod +x LAB-PoC.py

```



### Run the Script

```bash

sudo ./LAB-PoC.py

```



### Select Scenario



#### **Option 1: Single-Node Setup**

- Installs open5GS and srsRAN locally.

- Configures and starts open5GS services.

- Launches a wizard for:

  - Basic Nmap scans

  - Hydra brute force demos

  - Location tracking (log search)

  - Sample DoS attach flood simulation



#### **Option 2: Distributed Setup**

- Prompts for remote host details (IP, username, password/key, role).

- Builds open5GS or srsRAN on remote hosts based on roles.

- Configures distributed environments.

- Launches a wizard for:

  - Remote scanning

  - Remote log searches

  - Distributed DoS demonstrations



---



## Wizard Features



### Single-Node Wizard

1. Perform basic Nmap scan on localhost.

2. Launch Wireshark.

3. Hydra brute force example on local orchestrator.

4. Location tracking demo (log search).

5. DoS attach flood simulation.



### Distributed Wizard

1. Nmap scan orchestrator/core node.

2. Launch Wireshark locally.

3. Hydra brute force on remote orchestrator.

4. Remote location tracking log search on core node.

5. Local DoS script demonstration.



---



## Notes



1. For the fake attach flood (`fake_attach.py`), ensure you provide your own script in `~/fake_attach.py`.

2. Proper IP addressing, routing, and SCTP ports must be configured between AMF/SMF/UPF and the RAN node in distributed setups.

3. This script forcibly updates and upgrades packages, which may alter your system. Use a clean lab environment.

4. Missing dependencies (e.g., `paramiko`) are installed automatically during execution.



---



## Disclaimer

This script is intended for research and educational purposes only. Unauthorized use on production systems is both illegal and unethical. Always use in a controlled lab environment.