Insinuator


Some outright rants from a bunch of infosec practitioners.

TAG | gsm

May/15

17

How to Get a BaseStation

In our talks in the past we showed what might be possible if an attacker gets access to backhaul and/or core network of a telecommunication provider. In a security analysts perspective this is really disgusting, but provider always will argument that those attack scenarios are not realistic.

(more…)

, , | Post your comment here.

Mar/15

18

GSM@Troopers

Additionally to Wifi, Troopers is also offering a GSM network.
If you want to use it, simply ask your phone to scan for available mobile networks. There you should see the usual T-Mobile D, Vodafone.de, E-Plus, O2-de operators, but also the unusual D 23 or 262 23. Just select this one, and your are done. You also can use the Troopers SIMs which you get on the welcome desk on the ground floor.

(more…)

, , , | Post your comment here.

Oct/12

31

Pytacle alpha1 released!

Finally it’s here!

pytacle is a tool inspired by tentacle. It automates the task of sniffing GSM frames of the air, extracting the key exchange, feeding kraken with the key material and finally decode/decrypt the voice data. All You need is a USRP (or similar) to capture the GSM band and a kraken instance with the berlin tables (only about 2TB 😉 )

I’ve posted a preview before, take a look at the video to see the tool in action.

The tool is early alpha, so it’s working (for me 😉 ), but it’s neither rock stable nor packaged in any way. But still, I’ll be happy to get bug reports.

BTW, talking about Telco security: There will be another TelcoSecDay on 03/12/2013 at next year’s Troopers! We’ve already some quite interesting talks confirmed.

cheers

/daniel

, , , , , , | Post your comment here.

Dec/11

18

pytacle preview

Hi,

today I’ll give a short preview of my newest tool, pytacle. It is simply a little helper program to control gnuradio/airprobe/kraken/some_other_tools, convert their input/output and to find a use able clear/cipher text combination to break A5/1. In the end it should record, crack and decode/play a gsm phone call with ~5 mouse clicks.

Take a look at this video:

The code is not available yet, as its not finished 😉 the recording and cracking part are working, but the decoding doesn’t. I need to put some more time into the code, but there isn’t much spare in that time of the year 😀

cheers

/daniel

, , , , , | Post your comment here.

Contact


Mail | Twitter | Imprint

©2010-2013 ERNW GmbH
To top