HackDig : Dig high-quality web security articles for hacker

Hacking GSM A5 crypto algorithm by using commodity hardware

Researchers demonstrated how to crack GSM A5/1 Stream Cipher using a general-purpose graphics processing unit computer with 3 NVIDIA GeForce GTX690 cards. A group of security researchers from the Agency for Science, Technology and Research (A*STAR), demonstrated that the crypto scheme used in the GSM mobile phone data can be easily hacked within seconds. Act
Publish At:2016-10-25 05:20 | Read:2311 | Comments:0 | Tags:Breaking News Hacking A5 encryption GSM rainbow table attack

Notes on Hijacking GSM/GPRS Connections

As shown in previous blogposts we regularly work with GSM/GPRS basestations for testing devices with cellular uplinks or to simply run a private network during TROOPERS. Here the core difference between a random TROOPERS attendee and a device we want to hack is the will to join our network, or not! While at the conference we hand out own SIM cards which acce
Publish At:2016-07-17 22:05 | Read:2886 | Comments:0 | Tags:Insecurity Security Uncategorized cellular gprs gsm hardware

The ULIN Story

Some of you might have noticed the articles, or the leaked manual itself, about a tool called ULIN. ULIN is a “bleeding-edge spy tool” for mobile communication networks. According to the manual, it is aimed to be a surveillance software for agencies (or others with enough money) for tracking and intercepting the Voice Calls and SMS of arbitrary p
Publish At:2016-06-03 17:40 | Read:3175 | Comments:0 | Tags:Insecurity gsm ss7 surveillance

Some Notes on Utilizing Telco Networks for Penetration Tests

After a couple of years in pentesting Telco Networks, I’d like to give you some insight into our pentesting methodology and setup we are using for testing “Mobile and Telecommunication Devices”. I am not talking about pentesting professional providers’ equipment (as in previous blogposts), it is about pentesting of devices that have a
Publish At:2016-05-25 14:40 | Read:3240 | Comments:0 | Tags:Security Tools 2G gsm IoT pentest sms Telco

How to use old GSM protocols/encodings to know if a user is Online on the GSM Network AKA PingSMS 2.0

In the last few months I’ve been playing with Android’s low level GSM API, a few years ago the (in)famous sendRawPdu API was available, allowing a developer to manually encode a SMS message at a very low level before sending it to the GSM baseband itself and quite a few applications sending all kind of weird SMS ( flash sms, silent sms, etc ) were born ( for
Publish At:2015-07-27 19:55 | Read:3093 | Comments:0 | Tags:sms gsm mms wap wap push wap push notifications delivery rep

Samy Kamkar’s ProxyGambit Picks Up for Defunct ProxyHam

Without fail in the weeks leading up to Black Hat and DEF CON, there are inevitably talks that are either pulled by organizers, cancelled by presenters, or strong suggestions are made that the talks don’t happen. This year’s first casualty, Ben Caudill’s scheduled DEF CON demonstration of ProxyHam, has already fanned some seriously speculat
Publish At:2015-07-17 10:35 | Read:3185 | Comments:0 | Tags:Hacks Mobile Security Privacy Web Security anonymity Ben Cau

Detecting GSM Vulnerability (concept)

IntroductionThe GSM vulnerability detector is custom hardware built on open source software and low cost hardware that detects malicious activity on GSM networks. This device is intended to counter the rise of attacks on GSM such as voice, data, or message interception.HardwareReceiverThe cheap DVB with Elonics E4000 could be used as a receiver, since
Publish At:2015-06-18 19:00 | Read:3102 | Comments:0 | Tags:General Security Networking Wireless Security general securi

Regin backdoor used to compromise the GSM Networks

Security experts at Kaspersky Lab issued a detailed paper on the analysis of the backdoor Regin focusing on the attacker’s activity against the GSM networks. The day after the disclosure of the Regin Backdoor by Symantec, which provided the details the new sophisticated cyber espionage tool,the principal security firms p
Publish At:2014-11-25 20:00 | Read:2828 | Comments:0 | Tags:Cyber warfare Intelligence Malware Backdoor Regin cyber espi

Regin: Nation-state ownage of GSM networks

Motto: "Beware of Regin, the master! His heart is poisoned. He would be thy bane..." "The Story of Siegfried" by James Baldwin   Introduction, history Download our full Regin paper (PDF). In the spring of 2012, following a Kaspersky Lab presentation on the unusual facts surrounding the Duqu malware, a security researcher contacted us and mentioned
Publish At:2014-11-24 15:35 | Read:4948 | Comments:0 | Tags:Blog Featured Incidents Research APT GSM Mobile Attacks Nati

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud