Posts tagged: Mobile Phones

Jul 15 2011

Vodafone Hacked – Root Password Published

Vodafone Sure Signal HackThe Hacker’s Choice announced a security problem with Vodafone’s Mobile Phone Network.

An attacker can listen to UK Vodafone mobile phone calls.

An attacker can exploit a vulnerability in 3G/UMTS/WCDMA – the latest and most secure mobile phone standard in use today.

The technical details are available at http://wiki.thc.org/vodafone.

The problem lies within Vodafone’s Sure Signal / Femto equipment.

A Femto Cell is a tiny little home router which boosts the 3G Phone signal. It’s available from the Vodafone Store to any customer for 160 GBP.

THC managed to reverse engineer – a process of revealing the secrets – of the equipment. THC is now able to turn this Femto Cell into a full blown 3G/UMTC/WCDMA interception device.

A Femto is linked to the Vodafone core network via your home Internet connection. The Femto uses this access to retrieve the secret key material of a Vodafone customer who wants to use the Femto.

THC found a way to circumvent this and to allow any subscriber – even those not registered with the Femto – to use the Femto. They turned it into an IMSI grabber. The attacker has to be within 50m range of the UK Vodafone customer to make the customer’s phone use the attacker’s femto.

The second vulnerability is that Vodafone grants the femto to the Vodafone Core Network HLR /AuC which store the secret subscriber information. This means an attacker with administrator access to the Femto can request the secret key material of a UK Vodafone Mobile Phone User.

This is exactly what happened. The group gained administrator access to the Femto. An attacker can now retrieve the secret key material of other Vodafone customers.

This secret key material enables an attacker to listen to other people’s phone calls and to impersonate the victim’s phone, to make phone calls on the victim’s cost and access the victim’s voice mail.

This is clearly a design flaw by Vodafone. It is disgusting to see that a major player like Vodafone chooses ‘newsys’ as the administrator password, thus allowing anyone to retrieve secret data of other people.

Jan 05 2011

Researchers hack GSM mobile calls

Researchers have demonstrated an alarmingly simple technique for eavesdropping on individual GSM mobile calls without the need to use expensive, specialised equipment.

During a session at the Chaos Computer Club Congress (CCC) in Berlin, Karsten Nohl and Sylvain Munaut used cheap Motorola handsets running a replacement firmware based on open source code to intercept data coming from a network base station.

Armed with this, they were able to locate the unique ID for any phone using this base, breaking the encryption keys with a rainbow table lookup.

Although far from trivial as hacks go, the new break does lower the bar considerably compared to previous hacks shown by the same reasearchers. In 2009, Nohl published a method for cracking open GSM’s A5/1 encryption design using a lookup table in near real time.

Another important detail is that Nohl was able to replace the firmware of the handsets with custom software. According to the BBC report on which most stories are being based, this was only possible because the Motorola handsets in question had been reverse engineered after an unspecified leak.

How easy would it be to exploit the new hack? In short, not particularly easy. Creating a custom lookup table similar to Nohl’s would take months of work and any eavesdropper would still need to break into the handset in question.

The crack does lower the bar from being a hardware problem to one of software expertise, which will cause some alarm in the GSM engineering community.

By John E Dunn,
TechWorld

Apr 18 2009

Hijacking Mobile Phone Data

Mobile HijackResearchers claim to be able to hijack cell-phone data connections.

In a presentation at Black Hat Europe, a computer-security conference in Amsterdam, a group of researchers claimed to have found a way to hijack the data sent to and from mobile phones. The researchers say that the attack might be used to glean passwords or to inject malicious software onto a device.

The new attack relies on a protocol that allows mobile operators to give a device the proper settings for sending data via text message, according to Roberto Gassira, Cristofaro Mune, and Roberto Piccirillo, security researchers for Mobile Security Lab [www.mseclab.com], a consulting firm based in Italy. By faking this type of text message, according to the protocol an attacker can create his own settings for the victim’s device. This would allow him to, for example, reroute data sent from the phone via a server that he controls. The researchers say that the technique should work on any handset that supports the protocol, as long as the attacker knows which network the victim belongs to and the network does not block this kind of message.

Some trickery is required to make the attack work, however. Ordinarily, to transfer settings to a device remotely, a mobile operator will first send a text message containing a PIN code. The operator will then send the message to reconfigure the phone. In order to install the new settings, the user must first enter the PIN.

So an attacker would need to convince a victim to enter a PIN and accept the malicious settings sent to the phone. But Gassira, Mune and Piccirillo believe that this shouldn’t be too difficult. The attacker could send text messages from a name such as “service provider” or “message configuration,” suggesting that changes to the device’s settings are needed due to a network error. For many handsets, they say, the results of the configuration aren’t shown to the user, giving the victim little chance to notice that anything is amiss.

Source: Technology Review

Nov 07 2008

Access Free Airtel GPRS Using TeaShark Browser

TeaShark, a mobile browser like Opera Mini, allow you to access Airtel GPRS for FREE.
Shockingly it has nothing to do with modifying any Airtel settings or any kind of hack.

Here is how I used this…

* Download TeaShark v. 312. Its free and being JAR file it can be installed on most handsets.
* Open it from your mobile and select AirTel Live as access point.
* That’s it! Open any site from TeaShark and you won’t be charged anything.

Note for the first time, when TeaShark starts, it may take more than one minute to initialize. Also this one time initialization may fail many times. But don’t loose your heart!

As of now, this trick is limited to handsets only.

Note : “Subscribe to Packet Data First”
This means you need to activate AirTel Live service which is free.
Contact customer care to get it activated.
Also select only AirTel Live as access point when prompted by TeaShark.

Download TeaShark :
http://teashark.com/download.html

Oct 11 2008

Latest Airtel Hack

Now a days Airtel gives New option to the Subscriber to access Mobile Office daily @ Rs.25.00/- per day. But this is too Costly.
Only 24 hours and the cost is Rs.25.00 Oh GOD!!

But I got a Trick that’s help me to Activate my Mobile Office whole 30 days only for 25.00/. Its really good.

Just follow the Trick-
1) Your account balance should be above 25.00 for the first time.
2) Activate your mobile office by dialing *444*1#. You will Activate your Mobile Office in the Morning.
3) You got an Activation msg. Your account should deducted by Rs. 25.00/-
4) After that your can enjoy mobile office for 24 hours.
5) But for unlimited access you will do this :: Just switch off your mobile from 7.00 am to 10.00am. and your account balance should be below 25.00 /
6) Just try it enjoy the whole world only by 25.00.

I am Sure you should be Benefited. JUST TRY IT!!!!!!!!!