Penetration Testing mailing list archives
Re: GPRS_UMTS
From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Tue, 14 Oct 2008 22:23:47 +0400
Hi! You can penetrate WAP proxy which is often component of such networks. Also some providers can have intermediate devices which analyzes http requests and charge traffic for commercial sites, for example with content. This can be the subject of analysis as well. Attack GGSN - for IP stack it is an ordinary router. Attack DNS. Try to send spoofed packets to your first hop. With wrong firewall settings they can reach internal operators network. Try to get technical or opensource mobile and attack PPP stack which is a part of GPRS protocol. Very interesting attack - you can try to reach other handsets connected for example to WAP APN. In that case you will see IP of devices, not computer which connects as in case ordinary GPRS. In case you reach mobile devices over IP - there a lot of cases to try. Say you can try utilize WAP PUSH or even OMA DM over UDP bearer! Or turn in off by consuming all battery power. Attack on MMS infrastructure in case you have access to it. For a pity, I had no ability time to pen test gprs networks, but google should show some attacks on GPRS and UMTS security. See: http://gpaharenko.livejournal.com/3563.html#cutid1 I'm really interested in pen-testing mobile networks. Please let me know if you reach some interesting results, and do spent time to share it with community. 2008/10/14 Rafa <rafa.sgomez () gmail com>:
Hi all! I am about to begin an audit of a client access to a GPRS / UMTS. Could someone tell me where to find information about analysis of this type of network? types of attacks? possible approaches? etc. Thank you very much in advance!! -- Rafa Sánchez http://rafasec.blogspot.com (cc) --
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- GPRS_UMTS Rafa (Oct 14)
- Re: GPRS_UMTS Gleb Paharenko (Oct 14)
- Re: GPRS_UMTS Johan Mellberg (Oct 17)
- Re: GPRS_UMTS Gleb Paharenko (Oct 14)