[Crypto-chi] IMSI Catchers / How to break two cell phones
Freddy Martinez
freddymartinez9 at gmail.com
Fri Jan 30 11:36:29 CST 2015
Hi folks.
I will regive it soon. I have a talk in may and have to prepare so yes.
I'll send out a time next week or the one after
Freddy
On Jan 26, 2015 11:03 AM, "joe fuentes" <joseph.fuentes at live.com> wrote:
> I'm sorry I missed the SS7 talk last Sat nite but I had some previous
> commitments. As a telecommunications engineer, SS7 was one of my areas of
> expertise including SS7 over IP (SS7/IP) called Sigtran. In all of my
> experiences, my customers both domestic and international (Japan Telecom,
> Telefonica de Argentina etc) had all their SS7 networks completely isolated
> from the outside world. I'd be interested to see how this wuz able to
> occur. Any chance for a repeat of this pres?
>
> Joe
>
> ------------------------------
> Date: Mon, 26 Jan 2015 09:36:43 -0600
> From: rutzennick at gmail.com
> To: cryptoparty-chi at groups.sshchicago.org
> Subject: Re: [Crypto-chi] IMSI Catchers / How to break two cell phones
>
> I mentioned SS7 to a coworker and it turns out, he was on the team that
> built it many years ago and he was one of the people who designed the
> emergency response with GPS coordinates thing. Small world.
> On Jan 25, 2015 2:59 PM, "Freddy Martinez" <freddymartinez9 at gmail.com>
> wrote:
>
> Hi Folks,
>
> Thanks everyone for staying late and talking IMSI Catchers / SS7
> attacks at Triple C last night. If you want the slides or references,
> please email me off the list. (I don't intend to publish my talk, they
> are a draft for another project).
>
> Below are my experiences with Android phones. Good luck and please
> email me with questions.
>
> I was able to get SnoopSnitch and AIMSICD installed on a LG Nexus 5.
> It took a bit longer than expected (2 days). First I tried to do it
> on a pre-paid Moto G but that didn't work The problem is that AT&T
> locked the bootloader and Motorola is just horrible when it comes to
> locked bootloaders. So if you want to get a dedicated phone for IMSI
> catcher catching, I recommend getting the Moto E online (pay cash for
> an Amazon gift card) and that *should* have an unlockable bootloader.
> But don't get an AT&T Moto G. It's a waste of time and money.
>
> So I unlocked and rooted the Lexus 5. Before you start, you *need* to
> use 4.4.4, the 5.0 and 5.0.1 OS have incompatible kernels (that
> baseband!).
>
> So first unlock the bootloader. I recommend the Clockwork recovery
> image. (use the clockwork-touch image! It has to be touch). Then
> rename your files and load them
>
> mv recovery-clockwork-touch-6.0 recovery.img
> fastboot flash recovery recovery.img
>
> But that still didn't work (OS was 5.0.1) so I went to the google
> developers page and found
> reinstalled stock Android 4.4.4 (in my case ktu84p). Reboot into the
> bootloader and then run
>
> ./flash_all.sh
>
> Finally boot into recovery mode and push the SU package for root.
> Sideload it using ADB.
>
> adb sideload UPDATE-SuperSUv2.45.zip
>
> reboot and install the apk's as normal.
>
> That worked. Happy hunting.
>
> Freddy M
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
>
> _______________________________________________ cryptoparty-chi mailing
> list cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20150130/57ae83e6/attachment.html>
More information about the cryptoparty-chi
mailing list