[Crypto-chi] IMSI Catchers / How to break two cell phones
Nicholas Rutzen
rutzennick at gmail.com
Mon Jan 26 09:36:43 CST 2015
I mentioned SS7 to a coworker and it turns out, he was on the team that
built it many years ago and he was one of the people who designed the
emergency response with GPS coordinates thing. Small world.
On Jan 25, 2015 2:59 PM, "Freddy Martinez" <freddymartinez9 at gmail.com>
wrote:
> Hi Folks,
>
> Thanks everyone for staying late and talking IMSI Catchers / SS7
> attacks at Triple C last night. If you want the slides or references,
> please email me off the list. (I don't intend to publish my talk, they
> are a draft for another project).
>
> Below are my experiences with Android phones. Good luck and please
> email me with questions.
>
> I was able to get SnoopSnitch and AIMSICD installed on a LG Nexus 5.
> It took a bit longer than expected (2 days). First I tried to do it
> on a pre-paid Moto G but that didn't work The problem is that AT&T
> locked the bootloader and Motorola is just horrible when it comes to
> locked bootloaders. So if you want to get a dedicated phone for IMSI
> catcher catching, I recommend getting the Moto E online (pay cash for
> an Amazon gift card) and that *should* have an unlockable bootloader.
> But don't get an AT&T Moto G. It's a waste of time and money.
>
> So I unlocked and rooted the Lexus 5. Before you start, you *need* to
> use 4.4.4, the 5.0 and 5.0.1 OS have incompatible kernels (that
> baseband!).
>
> So first unlock the bootloader. I recommend the Clockwork recovery
> image. (use the clockwork-touch image! It has to be touch). Then
> rename your files and load them
>
> mv recovery-clockwork-touch-6.0 recovery.img
> fastboot flash recovery recovery.img
>
> But that still didn't work (OS was 5.0.1) so I went to the google
> developers page and found
> reinstalled stock Android 4.4.4 (in my case ktu84p). Reboot into the
> bootloader and then run
>
> ./flash_all.sh
>
> Finally boot into recovery mode and push the SU package for root.
> Sideload it using ADB.
>
> adb sideload UPDATE-SuperSUv2.45.zip
>
> reboot and install the apk's as normal.
>
> That worked. Happy hunting.
>
> Freddy M
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20150126/0d49ab78/attachment-0001.html>
More information about the cryptoparty-chi
mailing list