R: sms crash

Sicuramente la avevi gią trovata, comunque la presentazione di Job de Haas
si trova in http://www.itsx.com/hal2001/hal2001-itsx.ppt.
Anche io sono curioso di saperne di pił
Roberto Argiero
r.argiero@asa.livorno.it

> -----Messaggio originale-----
> Da:	scai [SMTP:scai@freemail.it]
> Inviato:	sabato 1 dicembre 2001 4.38
> A:	ml@sikurezza.org
> Oggetto:	sms crash
> 
>  riporto :
> 
> How to crash a phone by SMS
> By John Leyden
> Posted: 28/11/2001 at 18:20 GMT
> So now you can send an SMS and crash a mobile phone, so that the user is
> locked out.
> 
> Job de Haas, a security researcher at ITSX, has adapted a program called
> sms_client, which sends an SMS message from an Internet-connected PC, in
> which the User Data Header is broken.
> 
> During a presentation during the Black Hat conference last week, he
> demonstrated how a malformed message crashes a Nokia 6210 phone on its
> receipt. Once the message is received it is impossible to turn on an
> infected phone again.
> 
> The vulnerability is tied to the software used by a phone. The flaw
> affects
> Nokia 6210, 3310 and 3330 phones, de Haas has discovered, but not a
> Siemens
> phone he tried. Phones from other manufacturers are yet to be tested.
> 
> To fix the problem users have to put a SIM card into a phone without the
> bug. Alternatively if the SMS message is registered in a user's In-box
> this
> could be deleted with a SMS management tool on a PC.
> 
> To repeat the exploit requires knowledge of SS7 signalling and telco
> protocols to adapt sms_client into an attack tool. But given the power of
> the attack security through obscurity doesn't appeal. The kicker is that
> the
> modified sms_client makes it trivial to spoof the source of any attack.
> 
> Nokia told us that sending a message which freezes a phone is "something
> it
> encountered" before. The company is unfamiliar with the exploit uncovered
> by
> ITSX, which comes as a new twist even to clued-up Black Hat attendees. It
> promises to get us a more detailed technical response, and we'll update
> you
> when this becomes available. ®
> 
> http://www.itsx.com/home-index.html = apparentemente non c'e' nulla.
> http://www.punto-informatico.it/p.asp?i=38237 = la notizia qua riportata
>  -- cut - cut - cut - cut - cut - cut - cut - cut - cut - cut - cut
> 
> Pur non interessandomi per nulla di far crashare GSM altrui, sarei
> ALQUANTO
> curioso di sapere come hanno forgiato il PDU "malizioso" ... dire solo che
> l'UDH e' malformato e' un po poco...
> Attorno alla codifica UCP (e anche TAP ,ma poco) + nokia (ma "purtroppo"
> un
> 6110) ci giocai parecchio...  scoprii poi, parallelamente a jack mckrak,
> che
> se ne usci' con un interessante articolo su BFi tra l'altro :)
> Anchio come lui ero convinto che forgiando male un qualche pacchetto
> qualcosa sarebbe crashato... ma sul mio 6110 niente :P
> Ora sarei proprio curioso di sapere cosa hanno fatto di preciso...
> Sul sito del BlackHat non c'e' praticamente nulla (la presentazione in ppt
> non l'ho ancora presa perche non ho poorpoint installato qui... cmq
> immagino
> non ci sia niente di useful)
> 
> Qualcuno affiliato a 0super3ll3t group puo mandare/mandarmi qualcosa in
> piu
> , grazie? :)
> 
> 
> ________________________________________________________
> http://www.sikurezza.org - Italian Security Mailing List

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List