We are performing network analysis using UE ( rooted Android phone). We have no problems getting information from Pcap one of the providers who use SIP without IPsec encryption. However the response from EE (UK) uses IPsec with an encryption algorithm. We have found in some papers, such as 'Breaking and Fixing VoLTE: Exploiting Hidden Data Channels and Mis-implementations ' by H Kim. that it's possible to
change the encryption algorithm of IPsec from AES to Null by modifying configuration file for SIP in the UE side.
We've been looking for a SIP configuration file on a rooted Android phone without success. Does anyone here know how to achieve this?
I have found an answer so I am going to post it here to help others.
IMS settings can be accessed using adb tools as below:
adb shell
am start -n com.samsung.advp.imssettings/.ImsSettingsLauncherActivity
Initially, I did it from the app called ShortcutMaster ( available in Google Play Store). In the app you can use Search option, enter 'imssettings' and launch one of the top results. In there, you can access IMS Profile where the encryption setting is. When I tried modying the SQLite database saved on the device the settings were ignored by the network provider.