Friday, March 21, 2014

RF-hacking.... Yes Radio Frequency SPECIFICALLY, GSM

So do I start with explaining every single bit? because this is one hell of a lengthy topic.

OK lets start here:

GSM:
Most common network/protocol in the mobile industry (around 75% of mobile users)
Established around 1999
Very common
(was/is) Very Expensive Debugging devices
(had) Very little Documentation

Equipment:

MS-----------Mobile Station=Mobile Equipment + Sim Card
BTS----------Base Transmission Station
BSC----------Base Station Controller

here is a basic illustration of the GSM network



So with this we have a huge playing field, I know this is rather new to many people and since GSM was a very hushed on project it means the documentation available is either too heavy for people to indulge in or too un-detailed, so starting of from the really simple works out there i will try to bridge this lines the best way i can.

so my next post will explain how to do "DEBUGGING" on this network with very simple easy to afford tools (note afford not get)

Here are the things that we can achieve as of now.

Access the air interface between the phone and BTS
Access HLR via SS7 hacks and pay services (later on)

So what will we learn from all this:

  1. HOW IN/SECURE GSM NETWORKS REALLY ARE
  2. HOW TO BREAK THIS SECURITY
  3. HOW TO DO MAN IN THE MIDDLE ATTACKS ON THIS NETWORKS
  4. HOW TO INTERCEPT DATA ON THIS NETWORKS
  5. HOW TO SETUP BASE TRANSMISSION STATIONS
  6. HOW TO ACCESS SIM APPLICATIONS\
  7. HOW TO CLONE/HACK SIM CARDS
  8. HOW TO CREATE OUR OWN GSM NETWORKS COMPLETE WITH :


  • Personalised simcards
  • sim applications
  • secure network rules and protocols
  • effective services 
  • really cheap call rates (i know i will probably be killed for this so if you dont hear from me... ahem)


So with that... why dont we dive in..... start from the next post about the debugging devices.

1 comment:

cheap paper writing service said...

I do understand the structure of the network and the options you have placed to hack in to the system but there is need of a strong attack to get it done. By the way it was good to learn about it.

Post a Comment

Dynamic Binary Instrumentation (pt2)

Quick how to: After install of Frida on your machine, you will need to install your server agent on your (use case is phone) iphone/andro...