Forwarded from BlackBox (Security) Archiv
This media is not supported in your browser
VIEW IN TELEGRAM
Call Me Maybe: Eavesdropping Encrypted LTE Calls With ReVoLTE (PoC)
Voice over LTE (VoLTE) is a packet-based telephony service seamlessly integrated into the Long Term Evolution (LTE) standard. By now all major telecommunication operators use VoLTE. To secure the phone calls, VoLTE encrypts the voice data between the phone and the network with a stream cipher. The stream cipher shall generate a unique keystream for each call to prevent the problem of keystream reuse.
👀 👉🏼 https://revolte-attack.net/
#hack #LTE #VoLTE #poc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Voice over LTE (VoLTE) is a packet-based telephony service seamlessly integrated into the Long Term Evolution (LTE) standard. By now all major telecommunication operators use VoLTE. To secure the phone calls, VoLTE encrypts the voice data between the phone and the network with a stream cipher. The stream cipher shall generate a unique keystream for each call to prevent the problem of keystream reuse.
👀 👉🏼 https://revolte-attack.net/
#hack #LTE #VoLTE #poc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag
Media is too big
VIEW IN TELEGRAM
DragonOS FocalX Cellular Security Research w/ LTESniffer (srsRan, LimeSDR, B205mini) part 1
https://github.com/alphafox02/focalx_ppa
To learn more about LTESniffer please see the following project page
https://github.com/SysSec-KAIST/LTESn...
#SDR #Cellular #IMSI #LTE
The purpose of this video is to support security and analysis research on cellular networks. It's also created from an educational perspective to help learn more about cellular networks in general by means of a controlled lab environment and software defined radios. Privacy is respected at all times and any use of this tool or software defined radios in general is on the user to follow all local regulations.
With that said, LTESniffer is easily installed in DragonOS FocalX, in fact it can be installed with apt after setting up an install with the following PPA. https://github.com/alphafox02/focalx_ppa
To learn more about LTESniffer please see the following project page
https://github.com/SysSec-KAIST/LTESn...
In this first video on cellular security research, I focus on the general lab environment setup in order to use the downlink functions of the tool.#SDR #Cellular #IMSI #LTE
Media is too big
VIEW IN TELEGRAM
Forcing A Targeted LTE Cellphone Into An Eavesdropping Network - Lin Huang - 2016
#Cellular #IMSI #LTE
In this presentation, we will introduce a method which jointly exploits the vulnerabilities in tracking area update procedure, attach procedure, and RRC redirection procedure in LTE networks resulting in the ability to force a targeted LTE cellphone to downgrade into a malicious GSM network where an attacker can subsequently eavesdrop its voice calls and GPRS data.#Cellular #IMSI #LTE
Forwarded from Pegasus NSO & other spyware
Ransacked - Cellular Security | Florida Institute for Cybersecurity Research –
#Cellular #LTE #5G #Vulnerabilities
We discover 119 vulnerabilities in LTE/5G core infrastructure, each of which can result in persistent denial of cell service to an entire metropolitan area or city and some of which can be used to remotely compromise and access the cellular core. Our research covers seven LTE implementations (Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC, srsRAN) and three 5G implementations (Open5GS, Magma, OpenAirInterface); we find vulnerabilities in every single LTE/5G implementation tested.
Our research finds these vulnerabilities are present in both well-maintained open-source LTE/5G cores and in proprietary software, both of which have active deployments in commercial settings.#Cellular #LTE #5G #Vulnerabilities