sms forging xplendor
TRANSCRIPT
-
7/29/2019 SMS Forging Xplendor
1/21
SMS Forging & Countermeasures
By
Sunny Vaghela
-
7/29/2019 SMS Forging Xplendor
2/21
Session Flow
SMS Introduction
SMSC Overview SMS Routing in GSM
SMSC Implementation
SMSC External Interfaces
SMS Types CIMD 2.0
MO-MT,AO-MT Routing
SMS Spamming
SMS Forging
Solutions
-
7/29/2019 SMS Forging Xplendor
3/21
SMS & SMSC Overview
SMS is a globally accepted wireless service that enables the
transmission of alphanumeric messages between mobile subscribersand external systems such as e-mail, paging and voice mail systems.
SMSC is a server which serves as a main controller for routing of
Short messages and for storing and forwarding of SMS.
Reasons why SMSC is required? Routing of SMS Temporary storage
Retries Value added service on SMS Interconnect mechanisms for various services like Paging, VMS,E-mail, etc.
-
7/29/2019 SMS Forging Xplendor
4/21
SMS Routing in GSM
-
7/29/2019 SMS Forging Xplendor
5/21
SMSC Implementation
There are two ways to implement the SMSC server in GSM network.
1. SMSC server itself having Gateway functionality.
2. SMSC server only for storing and forwarding and MSC is having
Gateway functionality.
-
7/29/2019 SMS Forging Xplendor
6/21
SMSC - 1
In this set up the SMSC server is connected to MSC via ss7 signaling
links and talks on MAP layer.
The SMSC server itself performs the SMS routing functionality and
sends and receives MAP layer messages.
Advantage
Since the SMSC itself is doing the routing, it becomes very easy to
troubleshoot various SMS routing related problems.
Disadvantage
High number of signaling links required to handle high SMS traffic.
Hence it requires costly SS7 cards and stacks in the SMSC server itself.
-
7/29/2019 SMS Forging Xplendor
7/21
SMSC - 2
In this set up the SMSC is connected with MSC on TCP/IP links.
This set up with Nokia SMSC is only possible with Nokia MSC. It isnot supported with other vendors MSC.
Advantage:
Very less number of TCP/IP links can cater to very high SMS traffic.
Disadvantage:
The functionality of SMSC server is restricted to only store andforward. It is also very difficult to resolve routing related
functionalities as MSC is doing the same.
-
7/29/2019 SMS Forging Xplendor
8/21
SMSC External Interfaces
-
7/29/2019 SMS Forging Xplendor
9/21
SMS Types
Mobile Originated SMS
Mobile Terminated SMS
Application Originated SMS
Application terminated SMS
-
7/29/2019 SMS Forging Xplendor
10/21
MO MT & AO-MT Routing
-
7/29/2019 SMS Forging Xplendor
11/21
MO MT & AO-MT Routing
-
7/29/2019 SMS Forging Xplendor
12/21
SMS Spamming
In case of MO-MT SMS,Private SMS providers tries to spoof SDCCH
Channel.
They Spoof MSC Address which will used to authenticate to Nokia
SMSC.
After getting Access to Nokia SMSC, they will send Thousands spoof
SMS from random sender id.
-
7/29/2019 SMS Forging Xplendor
13/21
SCCP/SDCCH Address info
0791 7283010010F5 040BC87238880900F10000993092516195800AE8329BFD4697D9.
07- Length of the SMSC information (in this case 7 octets)
91 - Type-of-address of the SMSC. (91 means international format ofthe phone number)
72 83 01 00 10 F5- Service center number(in decimal semi-octets).The length of the phone number is odd (11), so a trailing F has beenadded to form proper octets. The phone number of this servicecenter is "+27381000015".
04- First octet of this SMS-DELIVER message
0B-Address-Length. Length of the sender number (0B hex = 11 dec)
C8-Type-of-address of the sender number72 38 88 09 00 F1- Sender number (decimal semi-octets), with atrailing F.
-
7/29/2019 SMS Forging Xplendor
14/21
SMS Forging
SMS Forging is the Technology which anyone can send SMS from
any number of their choice.
This is made possible due to AO-MT feature of SMSC.
-
7/29/2019 SMS Forging Xplendor
15/21
SMS Forging
When SMS is sent using application, it is routed throughinternational gateways.
Message id of SMS is spoofed at International gateway.
Finally SMS is routed to destination SMS Center number.
As there is no authentication system, it is sent to destinationnumber with spoof ID.
-
7/29/2019 SMS Forging Xplendor
16/21
SMS Forging
Live Demo
-
7/29/2019 SMS Forging Xplendor
17/21
Solution for MO-MT Spam/forging
-
7/29/2019 SMS Forging Xplendor
18/21
Rules Based Filtering
Rules_orig_int file is defined for filtering the SMS coming from the
Pvt Gateways with the virtual MSC Id.
It checks for the IMSI as well as MSISDN.
If anything found fishy, it simply reject the message.
MNP feature is included for future purpose.
If MSISDN & IMSI not found for MO SMS then,
$>SMSC3>rules_orig_int
&&
-
7/29/2019 SMS Forging Xplendor
19/21
Solution for AO-MT SMS Spam/forging
-
7/29/2019 SMS Forging Xplendor
20/21
Rules Based Filtering
Rules_dest_nat & rules_dest_int checks for the registered
application address.
If not found,it rejects the SMS.
If app address is not registered then,
$>SMSC3>rules_dest_nat
&&
-
7/29/2019 SMS Forging Xplendor
21/21
Thank You