Trace Provided: MIB already hit my 5G capable Phone, but not attracted or initiate RRCConnectionRequest

[arifkyi]

Known:

• i use Redmi Noe 13 Pro 5G
  https://www.gsmarena.com/xiaomi_redmi_note_13_pro-12581.php
  Qualcomm SM7435-AB Snapdragon 7s Gen 2 (4 nm)
• I use USRP B210
• I use my testing simcard (MCC 901, MNC 70) i have Ki, Opc, IMSI (was able to connect to my srslab/enb/epc)
  but i dont register this imsi in 5Ghoul IMSI config
  because i want to run the exploit case "mac_sch_rrc_setup_crash_var" so since the exploitation for this case is prior to authentication, we dont need to register the Ki, Opc, IMSI .

Case: run the :

 1. sudo ./bin/5g_fuzzer --exploit=mac_sch_rrc_setup_crash_var --MCC=901 --MNC=70 --GlobalTimeout=false --EnableMutation=true
 also
 2.sudo bin/5g_fuzzer --MCC=901 --MNC=70 --EnableMutation=true

expected:

1. My Redmi/UE initiate connection

actual behaviour:

1. My UE not attracted
2. I use search manual for the network, but also not found the list of that network

I provide three traces/logs which actually same trace, one from PCAP that i conver to text and the other from Celluler PRO

1. Convert from PCAP

frommyPCAP.txt

2. From Celluler PRO

SIB.txt

3. from SCAT screen

screenscat5g.txt

Looking forward for your resolution, thank you so much.

Br,
Rifky

[arifkyi]

Forgot to mentioned, but actually stated in the title of the Issue that MIB is hit to my REDMI,
you can see from the trace that i attached above

Also allow me to attach the config

5gnr_gnb_config.json

global_config.json

although what i already changed is:

Change true to false in 5ghoul/configs/5gnr_gnb_config.json to stop looking for the adb device that you're likely not using.
"Monitor": {
"Enable": false,


5ghoul-5g-nr-attacks/configs/global_config.json

Lines 319 to 320 in 3e61d51
 "UEModemManager": {
     "Enable": true,

Thank you very much in advance