So now that you hopefully have at least a basic understanding of how gsm operates, let’s talk about the fun stuff. The first trick I will discuss is an activity that is becoming quite prevalant, SIM cloning. If you have paid attention to any cell phone related tutorials in the past, then you may remember cloning being made popular by certain public figures like Kevin Mitnick in order to place calls on the bill of another subscriber. Well, even with GSM this trick still holds relevant. How could such a flaw exist in a system that is obviously concentrated on preventing such fraudulant use? The flaw is within the COMP128 authentication algorithm used as an instantiation of A3/A8 widely used by gsm providers. Unfortunately for these providers, the COMP128 algorithm is just not strong enough to prevent fraud. We attack the algorithm by using a chosen-challenge attack, which works by forming a number of specially-chosen challenges and querying the SIM card for each one. Then by analyzing the responses from these queries, we are able to determine the value of the secret key that is used for authentication. So how do we perform this attack?
Posts Tagged ‘gsm’
Exploiting GSM Phones
Tuesday, June 23rd, 2009Step by step Sim Clone Guide by Gsm Solutions Ltd
Sunday, June 21st, 2009original source : http://www.freewebs.com/simcloneinfo/
I have shown how parties with physical access to a victim’s GSM cellphone can “clone” the phone and fraudulently place calls billed to the victim’s account. This shows that the GSM fraud-prevention framework fails to live up to expectations, and casts doubt on its foundation (as well as the design process). However, we should be clear that this is only a partial flaw, not a total failure of the authentication framework: our experiments have been limited to showing that GSM phones can be cloned if the attacker has physical access to the target phone. (In US analog cellphones, one can clone the cellphones with only some radio reception equipment, which is a much more serious flaw; as a consequence, US providers lose over $500 million yearly to fraud.) (more…)
How GSM Operates ?
Saturday, June 20th, 2009As I’ve said in past tutorials, in order to hack anything in any sense of the word you have to first understand how it operates. Therefore in this section you will learn the details on GSM to have a better understanding of how it operates. Therefore, you will have a better understanding of how it can be exploited. GSM (Global System for Mobile communication) is fundamentally different from some of it’s older counterparts like AMP in the sense that it operates using digital technology, instead of using the traditional analog technology. GSM being a cellular system is of course divided into cells. These cells correspond to their covering area of one trasmitter, or a small collection of transmitters. The size of these cells depend on the power of their transmitter. GSM, as with other cellular systems, uses low power transmitters so that frequencies can be reused efficiently. The frequency band used by a cellular mobile radio system is distributed over a group of cells, which is repeated in all the covering area of an operator. All the radio channels that are available can then be used in each group of cells that form the covering area of an operator. The frequencies that are used then will be reused several cells away.
Delphi GSM Tool VCL
Wednesday, June 17th, 2009List of Delphi GSM Tools VCL, There are: TOxygen SMS, TSMSModule, Boomerang Lite
Oxygen SMS
The TOxygenSMS Component works under Microsoft Windows 95, 98, NT, ME and 2000 operating systems family and supports Borland Delphi version 3,4,5,6,7 and Borland C++ Builder 5. (more…)
TOxygenSMS Component for Borland Delphi and Borland C++ Builder
Wednesday, November 26th, 2008TOxygenSMS component is designed to give an access to SMS and Calendar capabilities of Nokia GSM phone from a Windows program.
SMS section allows you to send, receive, read and delete messages from Inbox, read and write default SMS centre number and many other features like battery and signal level, hardware and software revision and date, phone model type and IMEI. You can send simple text, Unicode strings, flashing and picture messages, ringtones, Operator Logos and CLI Logos. If a message or report arrives the corresponding events occures. All incoming messages can be automatically deleted on thier arrival. (more…)
Bluetooth Framework VCL 5.1.4
Sunday, November 23rd, 2008Bluetooth Framework VCL is an easy-to-use communication library for Delphi and CBuilder developers which will allow to your applications communicate with mobile devices through Bluetooth, IrDA or Serial interfaces.
Make it possible to discovery devices and services, send and receive files using OBEX profiles, send and recevie SMS using GSM modem of your mobile phone and a lot of other usefull things. (more…)