This 120-minute workshop will cover different attacks on popular GSM-devices: alarms, smart home systems, access control systems and smartwatches for kids. GSM-devices are popular and easy for use: for example, you just need to insert SIM-card in GSM-alarm, and the system is ready for use. But the security of those devices is questionable.
Common alarm-devices was tested properly, researchers found different vulnerabilities and attacks. At this training will be coerced attacks on the GSM part of devices, because this part is not covered properly and there are some easy and effective attacks.
* A laptop with a modern browser
* Favorite editor with script language (optional)
You will be provided with:
* Different GSM-devices: alarms, smart home systems, access control systems and smartwatches for kids
* SIP accounts for calls
* Special accounts at service for calls with spoofed Caller ID
1) Introduction and basic information about GSM-devices, typical use cases, discussion about requirements.
2) Number spoofing attacks
3) Bruteforcing and “locking brute-force”
4) Attacking mobile operators.
5) Attacking mobile applications and personal accounts.
6) Defense – basics of protection for GSM-devices