Bold Statements
We have the next set of selected talks being announced here. I am super excited about the variety of applications we had this year. Here are some of the talks we will have.
Title: From LoRa technology to deployment within Orange affiliates
Continue reading “TelcoSecDay 2018 – Talks Part2”
Continue readingWe have a short update from the TelcoSecDay 2018 Agenda. But before that, a short reminder. The CFP for TelcoSecDay 2018 is still open. If you are into telco research, and if you have something interesting to talk, please make a submission here. The deadline is 17th February 2018.
Continue reading “TelcoSecDay 2018 – CFP and First talks”
Continue readingHere is a short blog post that explains how you can make your own Man-in-the-Middle (MitM) setup for sniffing the traffic between a SIM card and the backend server. This is NOT a new research but I hope this will help anyone who doesn’t have a telco background to get started to play with mobile data sniffing and fake base stations. This is applicable to many scenarios today as we have so many IoT devices with SIM cards in it that connects to the backend.
In this particular case, I am explaining the simplest scenario where the SIM card is working with 2G and GPRS. You can probably expect me with more articles with 3G, 4G MitM in future. But lets stick to 2G and GPRS for now.
Continue reading “Hacking 101 to mobile data”
Continue readingAs shown in previous blogposts we regularly work with GSM/GPRS basestations for testing devices with cellular uplinks or to simply run a private network during TROOPERS. Here the core difference between a random TROOPERS attendee and a device we want to hack is the will to join our network, or not! While at the conference we hand out own SIM cards which accept the TROOERPS GSM network as their “home network” some device need to be pushed a little bit.
Continue reading “Notes on Hijacking GSM/GPRS Connections”
After a couple of years in pentesting Telco Networks, I’d like to give you some insight into our pentesting methodology and setup we are using for testing “Mobile and Telecommunication Devices”. I am not talking about pentesting professional providers’ equipment (as in previous blogposts), it is about pentesting of devices that have a modem in place like a lot of IoT devices (you know about the fridge having a GSM Modem, right?) do.
Continue reading “Some Notes on Utilizing Telco Networks for Penetration Tests”
I am very happy to announce the second round of talks for the TelcoSecDay 2016. As mentioned in my previous post it will take place on March 15th. All invitations should be out by now; if you think you can contribute to the group and you are willing to join us – please let me know (hschmidt@ernw.de).
Still, not all talks are confirmed but the newly published talks will provide an idea about TSD 2016 and its discussions.
Continue reading “TelcoSecDay 2016 – Second Round of Talks”
Dear all,
This year the TelcoSecDay will take place on March 15th. For those of you who does not know about: the TelcoSecDay it is a sub-event of Troopers bringing together researchers, vendors and practitioners from the telecommunication / mobile security field.
Continue reading “TelcoSecDay – First Round of Talks”
Welcome to Brazil!
“Welcome to Brazil”, I think, turned to being the most used statement during the past Hackers to Hackers Conference in Sao Paulo. It was used as the main reaction to every speech taking moment, and there were a lot of those! To honor the moments and give you a quick insight into was what going on in Sao Paulo, here is a quick summary of the overall event and our own contribution.
Continue reading “Welcome to Brazil!”
Continue readingIn our talks in the past we showed what might be possible if an attacker gets access to backhaul and/or core network of a telecommunication provider. In a security analysts perspective this is really disgusting, but provider always will argument that those attack scenarios are not realistic.
Continue reading “How to Get a BaseStation”
Continue readingAdditionally to Wifi, Troopers is also offering a GSM network.
If you want to use it, simply ask your phone to scan for available mobile networks. There you should see the usual T-Mobile D, Vodafone.de, E-Plus, O2-de operators, but also the unusual D 23 or 262 23. Just select this one, and your are done. You also can use the Troopers SIMs which you get on the welcome desk on the ground floor.
Continue reading “GSM@Troopers”
Continue reading