Insinuator


Some outright rants from a bunch of infosec practitioners.

TAG | 2G

May/15

17

How to Get a BaseStation

In our talks in the past we showed what might be possible if an attacker gets access to backhaul and/or core network of a telecommunication provider. In a security analysts perspective this is really disgusting, but provider always will argument that those attack scenarios are not realistic.

(more…)

, , | Post your comment here.

Oct/12

31

Pytacle alpha1 released!

Finally it’s here!

pytacle is a tool inspired by tentacle. It automates the task of sniffing GSM frames of the air, extracting the key exchange, feeding kraken with the key material and finally decode/decrypt the voice data. All You need is a USRP (or similar) to capture the GSM band and a kraken instance with the berlin tables (only about 2TB 😉 )

I’ve posted a preview before, take a look at the video to see the tool in action.

The tool is early alpha, so it’s working (for me 😉 ), but it’s neither rock stable nor packaged in any way. But still, I’ll be happy to get bug reports.

BTW, talking about Telco security: There will be another TelcoSecDay on 03/12/2013 at next year’s Troopers! We’ve already some quite interesting talks confirmed.

cheers

/daniel

, , , , , , | Post your comment here.

Contact


Mail | Twitter | Imprint

©2010-2013 ERNW GmbH
To top