SlideShare a Scribd company logo

How to Intercept a Conversation Held on the Other Side of the Planet

Positive Hack Days
Positive Hack Days
TechnologyBusiness
1 of 140
Download to read offline
How to Intercept a Conversation Held on the Other Side of the Planet
Who we are Sergey Puzankov Dmitry Kurbatov Information Security Specialists Positive Technologies
Denial of Service on Mobile Switching Center Fraud in SS7 network Short Message Interception USSD Money Transfer Subscriber’s Location Voice Call Interception Hot for Mobile network operators Hot for everyone Topics
All of us are subscribers Service Availability Quality of Service Security
Mobile Services Dynamics Voice Mobile Data Traffic
Yesterday: Closed Ecosystems
Today: Unified Technologies
Today: Common Interfaces
Today: IP Connectivity
Today: Widen Borders Get your own femtocell • Hack it • Upload modified firmware • Make a call/SMS interception • Get into IPsec • Get into Core network
Tomorrow: virtualization
SIGTRAN Time Machine Through SIGTRAN back to 1970’s
SS7 SS7 Network HLR A B MSC VLR Gateway MSC Billing SMS-C
SS7 HLRMSC VLR Gateway MSC Billing SMS-C Radio Part A B Cell Phone Base Transceiver Station Base Station Controller
SS7 MSC/VLR HLR A B Gateway MSC Billing SMS-C MSC VLR Mobile Switching Center Visitor Location Register
SS7 Gateway MSC HLR A B MSC VLR Billing SMS-C Gateway MSC Gateway Mobile Switching Center
SS7 SMS-C HLR A B MSC VLR Gateway MSC Billing SMS-C Short Message Service Center
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C Homeу Location Register HLR
SS7 Billing A B MSC VLR Gateway MSC SMS-C HLR Billing
SS7 IDs HLR A B MSC VLR Gateway MSC Billing SMS-C GT – Global Title 0 123 4567890
SS7 IDs HLR A B MSC VLR Gateway MSC Billing SMS-C GT – Global Title 0 123 4567890 MSISDN – A or B mobile numbers 0 123 4567890
SS7 IDs HLR A B MSC VLR Gateway MSC Billing SMS-C GT – Global Title 0 123 4567890 MSISDN – A or B mobile numbers 0 123 4567890 MSRN – Mobile Subscriber Roaming Number 0 123 4567890
SS7 IDs HLR A B MSC VLR Gateway MSC Billing SMS-C GT – Global Title 0 123 4567890 MSISDN – A or B mobile numbers 0 123 4567890 MSRN – Mobile Subscriber Roaming Number 0 123 4567890 IMSI – International Mobile Subscriber Identity 15 digits
SS7 How to get in? HLR A B MSC VLR Gateway MSC Billing SMS-C
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS Core PS Core IMS Core Networks
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto Access Networks
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto GRX/IPX Exchange Points
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto GRX/IPX OAM Remote support Support
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto GRX/IPX OAM Remote support IT IT network
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto GRX/IPX OAM Remote support Internet Internet IT network
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto GRX/IPX OAM Remote support Internet IT networkTraffic
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto GRX/IPX OAM Remote support Internet IT networkThreats Attacker Attacker Attacker Attacker AttackerAttacker
SS7 HLR A B MSC VLR Gateway MSC Billing SMS-C CS CoreUTRAN PS Core IMS LTE Wi-Fi WiMAX PON DSL Femto GRX/IPX OAM Remote support Internet IT networkThreat Attacker Attacker Attacker Attacker AttackerAttacker
Mobile Switching Center DoS Just like DHCP Starvation
SS7 Collect info HLR Attacker B Gateway MSC We know B-Number 0 123 4567802 MSC VLR
SS7 Collect info HLR Attacker as SMSC B MSC VLR Gateway MSC 1 We know B-Number 0 123 4567802 SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802?
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 2 SRI4SM We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Attacker as SMSC
SS7 Make it starve HLR Attacker as HLR B MSC VLR Gateway MSC We know MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits 3PRNprovideRoamingNumber I am HLR. My GT 1 321 4567801. Provide MSRN for Subscriber-B IMSI 15 digits.
SS7 Make it starve HLR Attacker as HLR B MSC VLR Gateway MSC We know MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits MSRN 0 123 4560001 3PRN 4 provideRoamingNumber MSRN 0 123 4560001
SS7 Make it starve HLR Attacker as HLR B MSC VLR Gateway MSC We know MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits MSRN 0 123 4560001 3PRN 4 Default timeouts for MSRN: • Ericsson – 30 sec • Huawei – 45 sec provideRoamingNumber MSRN 0 123 4560001
SS7 Make it starve HLR Attacker as HLR B MSC VLR Gateway MSC We know MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits MSRN 0 123 4560001 … MSRN 0 123 4569999 3PRN 4 provideRoamingNumber I am HLR. My GT 1 321 4567801. Provide MSRN for Subscriber-B IMSI 15 digits. provideRoamingNumber I am HLR. My GT 1 321 4567801. Provide MSRN for Subscriber-B IMSI 15 digits. provideRoamingNumber I am HLR. My GT 1 321 4567801. Provide MSRN for Subscriber-B IMSI 15 digits.… provideRoamingNumber MSRN 0 123 4560001provideRoamingNumber MSRN 0 123 4560001 provideRoamingNumber MSRN 0 123 4569999…
SS7 Make it starve HLR Attacker as HLR B MSC VLR Gateway MSC We know MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits MSRN 0 123 4560001 … MSRN 0 123 4569999 3PRN 4 provideRoamingNumber I am HLR. My GT 1 321 4567801. Provide MSRN for Subscriber-B IMSI 15 digits.
SS7 HLR Attacker as HLR B MSC VLR Gateway MSC We know MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits MSRN 0 123 4560001 … MSRN 0 123 4569999 3PRN 4 noRoamingNumberAvailable Make it starve
SS7 HLR Attacker as HLR B MSC VLR Gateway MSC We know MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits MSRN 0 123 4560001 … MSRN 0 123 4569999 3PRN 4 noRoamingNumberAvailable Make it starve
SS7 DoS HLR Attacker as HLR B Gateway MSC Real HLR 10k – 500k MSC VLR
SS7 DoS HLR Attacker as HLR Gateway MSC PRN Real HLR B 10k – 500k MSC VLR 3 provideRoamingNumber I am HLR. My GT 1 321 4568701. Provide MSRN for Subscriber-ANY IMSI 15 digits.
SS7 DoS HLR Attacker as HLR Gateway MSC PRN Real HLR B 10k – 500k MSC VLR 3 4 noRoamingNumberAvailable
SS7 DoS HLR Attacker as HLR Gateway MSC PRN Real HLR B 10k – 500k MSC VLR 3 4 No incoming calls Sad calling party
Fraud in SS7
SS7 SS7 interconnection HLRMSC VLR Gateway MSC Billing SMS-C HLRMSC VLR Gateway MSC Billing SMS-C HLRMSC VLR Gateway MSC Billing SMS-C Trusted environment
Leadership team HLRMSC VLR Gateway MSC Billing SMS-C CEO CSO CMO CCO CLO
Leadership team HLRMSC VLR Gateway MSC Billing SMS-C CEO CSO CMO CCO CLO Really?! Trust them?
Uncharged calls 1) Spoof MSC 2) Initiate «home network» call 3) Forward call anywhere
SS7 Collect info HLR Attacker B MSC VLR Gateway MSC We know B-Number 0 123 4567802 A
SS7 Collect info HLR Attacker as SMSC B MSC VLR Gateway MSC 1 We know B-Number 0 123 4567802 SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802? A
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC A
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits A
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits A
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 2 SRI4SM We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Attacker as SMSC A
SS7 Spoof MSC HLR Attacker as MSC B MSC VLR Gateway MSCA 3 updateLocation I am MSC/VLR. My GT 1 321 4567801. I serve Subscriber-B IMSI 15 digits. We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits
SS7 Spoof MSC HLR Attacker as MSC B MSC VLR Gateway MSCA 3 updateLocation I am MSC/VLR. My GT 1 321 4567801. I serve Subscriber-B IMSI 15 digits. We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits
SS7 Spoof MSC HLR Attacker as MSC B MSC VLR Gateway MSCA 3 We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits HLR stores Subscriber-B IMSI 15 digits MSC/VLR 1 321 4567801 4
SS7 Spoof MSC HLR Attacker as MSC B MSC VLR Gateway MSCA 3 We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits HLR stores Subscriber-B IMSI 15 digits MSC/VLR 1 321 4567801 4 We serve Subscriber-B
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA 5 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 GatewayMSC knows nothing
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 5 6 sendRoutingInfo Where is Subscriber-B MSISDN 0 123 4567802 = Where is Subscriber-B located?
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA 5 6 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 7 provideSubscriberInfo I am HLR. My GT 0 123 4567800. Provide location for the Subscriber-B.
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA 5 6 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 7 8 provideSubscriberInfo Subscriber-B is in the Home network.
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA 5 6 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 GatewayMSC knows that Subscriber-B is at home. This information will be sent to a billing platform. 7 8 8
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 5 9 sendRoutingInfo Where is Subscriber-B MSISDN 0 123 4567802 located = What is MSRN for Subscriber-B?
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA 5 9 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 provideRoamingNumber I am HLR. My GT 0 123 4567800. Provide MSRN for Subscriber-B IMSI 15 digits. 10
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA 5 9 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 provideRoamingNumber MSRN 53 12345678 10 11
SS7 Forward a call HLR Attacker as MSC B MSC VLR Gateway MSCA 5 9 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 GatewayMSC knows Subscriber-B MSRN 53 12345678 10 11 11
SS7 Forward a call to… Cuba HLR Attacker as MSC B MSC VLR Gateway MSCA 5 9 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 GatewayMSC knows Subscriber-B MSRN 53 12345678 10 11 11 12
SS7 Forward a call to… HLR Attacker as MSC B MSC VLR Gateway MSCA 5 9 provideRoamingNumber MSRN 53 12345678 HLR stores Subscriber-B MSISDN 0 123 4567802 IMSI 15 digits MSC/VLR 1 321 4567801 GatewayMSC knows Subscriber-B MSRN 53 12345678 10 11
Who pays? ACall from to while at “home” = $ 0.05B ACall from to = $ 1.00Cuba
Who pays? ACall from to while at “home” = $ 0.05B ACall from to = $ 1.00Cuba $ 1.00 - $ 0.05 = $ 0.95 – Attacker profit
Call from to = $ 0.30 Who pays? ACall from to while at “home” = $ 0.05B ACall from to = $ 1.00Cuba $ 1.00 - $ 0.05 = $ 0.95 – Attacker profit How much Mobile operator loses? MNO Cuba
SMS Interception 1) Collect info 2) Spoof MSC 3) Receive incoming SMSs
SS7 Collect info HLR Attacker B MSC VLR Gateway MSC We know B-Number 0 123 4567802 A SMS-C
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC A SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802? SMS-C
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 2 SRI4SM We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Attacker as SMSC A SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802? sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits SMS-C
SS7 Spoof MSC HLR Attacker as MSC B MSC VLR Gateway MSCA 3 updateLocation I am MSC/VLR. My GT 1 321 4567801. I serve Subscriber-B IMSI 15 digits. We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits SMS-C
SS7 Spoof MSC HLR Attacker as MSC B MSC VLR Gateway MSCA 3 We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits HLR stores Subscriber-B IMSI 15 digits MSC/VLR 1 321 4567801 4 We serve Subscriber-B SMS-C
SS7 SMS interception HLR B MSC VLR Gateway MSC 5 Attacker as MSC A SMS-C 5 “Hi, meet at 8pm at Baker Street”
SS7 SMS interception HLR B MSC VLR Gateway MSC 5 6 Attacker as MSC A sendRoutingInfoForSM I am SMSC. My GT 0 123 4567804. Where is Subscriber-B MSISDN 0 123 4567802? SMS-C 5 “Hi, meet at 8pm at Baker Street”
SS7 SMS interception HLR B MSC VLR Gateway MSC 7 5 6 Attacker as MSC A sendRoutingInfoForSM I am SMSC. My GT 0 123 4567804. Where is Subscriber-B MSISDN 0 123 4567802? sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 1 321 4567801 Subscriber-B IMSI 15 digits SMS-C 5 “Hi, meet at 8pm at Baker Street” HLR sends Attacker address instead of real MSC!
SS7 SMS interception HLR B MSC VLR Gateway MSC 7 5 6 8 Attacker as MSC A sendRoutingInfoForSM I am SMSC. My GT 0 123 4567804. Where is Subscriber-B MSISDN 0 123 4567802? sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 1 321 4567801 Subscriber-B IMSI 15 digits SMS-C 5 “Hi, meet at 8pm at Baker Street” SMS-C routes this SMS to the received address.
SS7 SMS interception HLR B MSC VLR Gateway MSC 7 5 6 8 Attacker as MSC A sendRoutingInfoForSM I am SMSC. My GT 0 123 4567804. Where is Subscriber-B MSISDN 0 123 4567802? sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 1 321 4567801 Subscriber-B IMSI 15 digits SMS-C 5 “Hi, meet at 8pm at Baker Street” SMS-C routes this SMS to the received address.
SMS interception 1. SMS chats 2. One time passwords 3. Confirmation codes 4. Password recovery
Money Transfer Using USSD 1) Collect info 2) Request account status 3) Transfer money
SS7 Collect info HLR Attacker B MSC VLR Gateway MSC We know B-Number 0 123 4567802 A
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC A SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802?
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 2 SRI4SM We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Attacker as SMSC A SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802? sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits
SS7 Send USSD 1 HLR Attacker as MSC/VLR B MSC VLR Gateway MSCA We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits *100#3 processUnstructuredSS-Request I am MSC/VLR. Request how much money has subscriber with IMSI 15 digits?
SS7 Send USSD 1 HLR Attacker as MSC/VLR B MSC VLR Gateway MSCA processUnstructuredSS-Request I am MSC/VLR. Request how much money has subscriber with IMSI 15 digits? We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits Account info. 3 4 processUnstructuredSS-Request Subscriber’s account is $$$$$.
SS7 Send USSD 1 HLR Attacker as MSC/VLR B MSC VLR Gateway MSCA We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits Account info. 4 processUnstructuredSS-Request Subscriber’s account is $$$$$. processUnstructuredSS-Request I am MSC/VLR. Request how much money has subscriber with IMSI 15 digits? 3
SS7 Send USSD 2 HLR Attacker as MSC/VLR B MSC VLR Gateway MSCA We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits Account info. *123*01238765400*100# processUnstructuredSS-Request I am MSC/VLR. Transfer money from IMSI 15 digits to my mobile account. 5
SS7 Send USSD 2 HLR Attacker as MSC/VLR B MSC VLR Gateway MSCA We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits Account info. 6 processUnstructuredSS-Request OK. processUnstructuredSS-Request I am MSC/VLR. Transfer money from IMSI 15 digits to my mobile account. 5
SS7 Send USSD 2 HLR Attacker as MSC/VLR B MSC VLR Gateway MSCA We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits Real account info. Subscriber B does not get SMS notification if Attacker combines this attack with the previuos one. 6 processUnstructuredSS-Request OK. processUnstructuredSS-Request I am MSC/VLR. Transfer money from IMSI 15 digits to my mobile account. 5
SS7 Send USSD 2 HLR Attacker as MSC/VLR B MSC VLR Gateway MSCA We know HLR 0 123 4567800 Subscriber-B IMSI 15 digits Real account info. Subscriber B does not get SMS notification if Attacker combines this attack with the previuos one. 6 processUnstructuredSS-Request OK. processUnstructuredSS-Request I am MSC/VLR. Transfer money from IMSI 15 digits to my mobile account. 5
Subscriber Location Discovery 1) Collect info 2) Receive Cell ID 3) Get point on the map
SS7 Collect info HLR Attacker B MSC VLR Gateway MSC We know B-Number 0 123 4567802 A
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 SRI4SM We know B-Number 0 123 4567802 Attacker as SMSC A SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802?
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 2 SRI4SM We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Attacker as SMSC A SRI4SMsendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-B MSISDN 0 123 4567802? sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits
SS7 Get Cell ID HLR Attacker as HLR B MSC VLR Gateway MSC We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits 3PSIprovideSubscriberInfo I am HLR. My GT 1 321 4567801. Provide location for the Subscriber-B.
SS7 Get Cell ID HLR Attacker as HLR B MSC VLR Gateway MSC We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Cell ID 3PRN 4 provideSubscriberInfo Cell ID. provideSubscriberInfo I am HLR. My GT 1 321 4567801. Provide location for the Subscriber-B.
SS7 Get Cell ID HLR Attacker as HLR B MSC VLR Gateway MSC We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Cell ID 3PRN 4 provideSubscriberInfo Cell ID. provideSubscriberInfo I am HLR. My GT 1 321 4567801. Provide location for the Subscriber-B. MCC: 250 MNC: 90 LAC: 4A67 CID: 673D
SS7 Get location HLR Attacker as HLR B MSC VLR Gateway MSC We know B-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-B IMSI 15 digits Cell ID 5 MCC: 250 MNC: 90 LAC: 4A67 CID: 673D Search in Internet physical location by MCC, MNC, LAC, CID
Get location
Get location
Voice Call Interception 1) Collect info 2) Change subscriber profile 3) Add third party into mobile call
SS7 Collect info HLR Attacker B MSC VLR Gateway MSC We know A-Number 0 123 4567802 A Billing
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 SRI4SM We know A-Number 0 123 4567802 Attacker as SMSC A SRI4SM sendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-A MSISDN 0 123 4567802? Billing
SS7 Collect info HLR B MSC VLR Gateway MSC 1 1 2 2 SRI4SM We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Attacker as SMSC A SRI4SM sendRoutingInfoForSM I am HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Billing sendRoutingInfoForSM I am SMSC. My GT 1 321 4567801. Where is Subscriber-A MSISDN 0 123 4567802?
SS7 Collect info HLR Attacker as MSC B MSC VLR Gateway MSCA 3 updateLocation I am MSC/VLR. My GT 1 321 4567801. I serve Subscriber-A IMSI 15 digits. We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Billing
SS7 Collect info HLR Attacker as MSC B MSC VLR Gateway MSCA 3 We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Billing 4 insertSubscriberData Subscriber’s profile: • Allowed/prohibited services • Forwarding settings • Billing platform address updateLocation I am MSC/VLR. My GT 1 321 4567801. I serve Subscriber-A IMSI 15 digits.
SS7 Collect info HLR Attacker as MSC B MSC VLR Gateway MSCA 3 We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing 4 updateLocation I am MSC/VLR. My GT 1 321 4567801. I serve Subscriber-A IMSI 15 digits. insertSubscriberData Subscriber’s profile: • Allowed/prohibited services • Forwarding settings • Address of billing platform
SS7 Collect info HLR Attacker as MSC B MSC VLR Gateway MSCA 5 We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing updateLocation I am MSC/VLR. My GT 1 321 4567801. Subscriber-A IMSI 15 digits is served by 0 123 4567803 5
updateLocation I am MSC/VLR. My GT 1 321 4567801. Subscriber-A IMSI 15 digits is served by 0 123 4567803 SS7 Collect info HLR Attacker as MSC B MSC VLR Gateway MSCA 5 We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing 5
SS7 Change profile HLR Attacker as HLR B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing 6 insertSubscriberData I am HLR. Change profile for Subscriber-A. Billing GT 1 321 4567801.
SS7 Change profile HLR Attacker as HLR B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing 6 7 insertSubscriberData OK. insertSubscriberData I am HLR. Change profile for Subscriber-A. Billing GT 1 321 4567801.
SS7 Change profile HLR Attacker as HLR B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing 6 7 insertSubscriberData OK. insertSubscriberData I am HLR. Change profile for Subscriber-A. Billing GT 1 321 4567801.
SS7 Change profile HLR Attacker B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing 6 7 insertSubscriberData OK. insertSubscriberData I am HLR. Change profile for Subscriber-A. Billing GT 1 321 4567801.
SS7 Call interception HLR Attacker as Billing B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing Subscriber A calls to Subscriber B. 8
SS7 Call interception HLR Attacker as Billing B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing 9 9 HLR interrogation procedure: • sendRoutingInfo • provideSubscriberInfo Subscriber A calls to Subscriber B. 8
SS7 Call interception HLR Attacker as Billing B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 Billing InitialDP Start billing . Subscriber-A 0 123 4567802 calls to Subscriber-B 0 123 4567805 10 Subscriber A calls to Subscriber B. 8
SS7 Call interception HLR Attacker as Billing B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 B-Number 0 123 4567805 Billing InitialDP Start billing . Subscriber-A 0 123 4567802 calls to Subscriber-B 0 123 4567805 10 Subscriber A calls to Subscriber B. 8
SS7 Call interception HLR Attacker as Billing B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 B-Number 0 123 4567805 Billing Proceed billing. ApplyCharging RequestReportBCSMEvent Connect Reroute call to number 1 321 4567802 InitialDP Start billing . Subscriber-A 0 123 4567802 calls to Subscriber-B 0 123 4567805 10 11 Subscriber A calls to Subscriber B. 8
SS7 Call interception HLR Attacker as MSC B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 B-Number 0 123 4567805 Billing IAM Continue call. Subscriber-A 0 123 4567802 calls to Subscriber-C 1 321 4567802 12 Subscriber A calls to Subscriber B. 8
SS7 Call interception HLR Attacker as MSC B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 B-Number 0 123 4567805 Billing 12 Subscriber A calls to Subscriber B. 8 13 IAM Continue call. Subscriber-A 0 123 4567802 calls to Subscriber-C 1 321 4567802
SS7 Call interception HLR Attacker as MSC B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 B-Number 0 123 4567805 Billing IAM Initiate a new call Subscriber-A 0 123 4567802 calls to Subscriber-B 0 123 4567805 12 14 Subscriber A calls to Subscriber B. 8 13 IAM Continue call. Subscriber-A 0 123 4567802 calls to Subscriber-C 1 321 4567802
SS7 Call interception HLR Attacker as MSC B MSC VLR Gateway MSCA We know A-Number 0 123 4567802 HLR 0 123 4567800 MSC/VLR 0 123 4567803 Subscriber-A IMSI 15 digits Subscriber-A profile Billing 0 123 4567808 B-Number 0 123 4567805 Billing IAM Initiate a new call Subscriber-A 0 123 4567802 calls to Subscriber-B 0 123 4567805 12 14 8 13 15 Subscriber A calls to Subscriber B. IAM Continue call. Subscriber-A 0 123 4567802 calls to Subscriber-C 1 321 4567802
Conclusion SS7 rules Just the tip of the iceberg
The End. Sergey Puzankov Dmitry Kurbatov spuzankov@ptsecurity.com dkurbatov@ptsecurity.com Questions?
How to Intercept a Conversation Held on the Other Side of the Planet

Recommended

Attacks you can't combat: vulnerabilities of most robust MNOs
Attacks you can't combat: vulnerabilities of most robust MNOsAttacks you can't combat: vulnerabilities of most robust MNOs
Attacks you can't combat: vulnerabilities of most robust MNOsPositiveTechnologies
 
Worldwide attacks on SS7 network
Worldwide attacks on SS7 networkWorldwide attacks on SS7 network
Worldwide attacks on SS7 networkAlexandre De Oliveira
 
Mobile signaling threats and vulnerabilities - real cases and statistics from...
Mobile signaling threats and vulnerabilities - real cases and statistics from...Mobile signaling threats and vulnerabilities - real cases and statistics from...
Mobile signaling threats and vulnerabilities - real cases and statistics from...DefCamp
 
Attacking GRX - GPRS Roaming eXchange
Attacking GRX - GPRS Roaming eXchangeAttacking GRX - GPRS Roaming eXchange
Attacking GRX - GPRS Roaming eXchangeP1Security
 
Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkP1Security
 
Philippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elementsPhilippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elementsP1Security
 
SS7: the bad neighbor you're stuck with during the 5G migration and far beyond
SS7: the bad neighbor you're stuck with during the 5G migration and far beyondSS7: the bad neighbor you're stuck with during the 5G migration and far beyond
SS7: the bad neighbor you're stuck with during the 5G migration and far beyondPositiveTechnologies
 
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe Langlois
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisAttacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe Langlois
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisP1Security
 

Recommended

Attacks you can't combat: vulnerabilities of most robust MNOs
Attacks you can't combat: vulnerabilities of most robust MNOsAttacks you can't combat: vulnerabilities of most robust MNOs
Attacks you can't combat: vulnerabilities of most robust MNOsPositiveTechnologies
 
Worldwide attacks on SS7 network
Worldwide attacks on SS7 networkWorldwide attacks on SS7 network
Worldwide attacks on SS7 networkAlexandre De Oliveira
 
Mobile signaling threats and vulnerabilities - real cases and statistics from...
Mobile signaling threats and vulnerabilities - real cases and statistics from...Mobile signaling threats and vulnerabilities - real cases and statistics from...
Mobile signaling threats and vulnerabilities - real cases and statistics from...DefCamp
 
Attacking GRX - GPRS Roaming eXchange
Attacking GRX - GPRS Roaming eXchangeAttacking GRX - GPRS Roaming eXchange
Attacking GRX - GPRS Roaming eXchangeP1Security
 
Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkP1Security
 
Philippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elementsPhilippe Langlois - Hacking HLR HSS and MME core network elements
Philippe Langlois - Hacking HLR HSS and MME core network elementsP1Security
 
SS7: the bad neighbor you're stuck with during the 5G migration and far beyond
SS7: the bad neighbor you're stuck with during the 5G migration and far beyondSS7: the bad neighbor you're stuck with during the 5G migration and far beyond
SS7: the bad neighbor you're stuck with during the 5G migration and far beyondPositiveTechnologies
 
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe Langlois
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisAttacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe Langlois
Attacking SS7 - P1 Security (Hackito Ergo Sum 2010) - Philippe LangloisP1Security
 
Philippe Langlois - LTE Pwnage - P1security
Philippe Langlois - LTE Pwnage - P1securityPhilippe Langlois - LTE Pwnage - P1security
Philippe Langlois - LTE Pwnage - P1securityP1Security
 
SS7: Locate. Track. Manipulate.
SS7: Locate. Track. Manipulate.SS7: Locate. Track. Manipulate.
SS7: Locate. Track. Manipulate.3G4G
 
SIGTRAN - An Introduction
SIGTRAN - An IntroductionSIGTRAN - An Introduction
SIGTRAN - An IntroductionTareque Hossain
 
Introducing to LAC-CI
Introducing to LAC-CIIntroducing to LAC-CI
Introducing to LAC-CIRiswan
 
Assaulting diameter IPX network
Assaulting diameter IPX networkAssaulting diameter IPX network
Assaulting diameter IPX networkAlexandre De Oliveira
 
VoLTE Flows and CS network
VoLTE Flows and CS networkVoLTE Flows and CS network
VoLTE Flows and CS networkKarel Berkovec
 
Ss7 Introduction Li In
Ss7 Introduction Li InSs7 Introduction Li In
Ss7 Introduction Li Inmhaviv
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 VulnerabilitiesPositiveTechnologies
 
SS7 & SIGTRAN
SS7 & SIGTRANSS7 & SIGTRAN
SS7 & SIGTRANStephanie Galloway-Williams
 
Creating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyCreating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyPositiveTechnologies
 
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Siddharth Rao
 
Sigtran Workshop
Sigtran WorkshopSigtran Workshop
Sigtran WorkshopLuca Matteo Ruberto
 
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core NetworkHamidreza Bolhasani
 
Positive approach to security of Core networks
Positive approach to security of Core networksPositive approach to security of Core networks
Positive approach to security of Core networksPositiveTechnologies
 
LI Solutions
LI SolutionsLI Solutions
LI SolutionsДенис Забіяко, BCIP
 
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...Alejandro Corletti Estrada
 
Introduction to Diameter Protocol - Part1
Introduction to Diameter Protocol - Part1Introduction to Diameter Protocol - Part1
Introduction to Diameter Protocol - Part1Basim Aly (JNCIP-SP, JNCIP-ENT)
 
Telecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenesTelecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenesPositiveTechnologies
 
Diameter based Interfaces and description
Diameter based Interfaces and descriptionDiameter based Interfaces and description
Diameter based Interfaces and descriptionManjeet Kaur
 
Introduction to DIAMETER
Introduction to DIAMETERIntroduction to DIAMETER
Introduction to DIAMETERHossein Yavari
 
Quick Summary of LTE Voice Summit 2015 #LTEVoice
Quick Summary of LTE Voice Summit 2015 #LTEVoiceQuick Summary of LTE Voice Summit 2015 #LTEVoice
Quick Summary of LTE Voice Summit 2015 #LTEVoice3G4G
 
Introduction to Telco-OTT Services
Introduction to Telco-OTT ServicesIntroduction to Telco-OTT Services
Introduction to Telco-OTT ServicesMartin Geddes
 

More Related Content

What's hot

Philippe Langlois - LTE Pwnage - P1security
Philippe Langlois - LTE Pwnage - P1securityPhilippe Langlois - LTE Pwnage - P1security
Philippe Langlois - LTE Pwnage - P1securityP1Security
 
SS7: Locate. Track. Manipulate.
SS7: Locate. Track. Manipulate.SS7: Locate. Track. Manipulate.
SS7: Locate. Track. Manipulate.3G4G
 
SIGTRAN - An Introduction
SIGTRAN - An IntroductionSIGTRAN - An Introduction
SIGTRAN - An IntroductionTareque Hossain
 
Introducing to LAC-CI
Introducing to LAC-CIIntroducing to LAC-CI
Introducing to LAC-CIRiswan
 
VoLTE Flows and CS network
VoLTE Flows and CS networkVoLTE Flows and CS network
VoLTE Flows and CS networkKarel Berkovec
 
Ss7 Introduction Li In
Ss7 Introduction Li InSs7 Introduction Li In
Ss7 Introduction Li Inmhaviv
 
Creating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyCreating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyPositiveTechnologies
 
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Siddharth Rao
 
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core NetworkHamidreza Bolhasani
 
Positive approach to security of Core networks
Positive approach to security of Core networksPositive approach to security of Core networks
Positive approach to security of Core networksPositiveTechnologies
 
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...Alejandro Corletti Estrada
 
Telecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenesTelecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenesPositiveTechnologies
 
Diameter based Interfaces and description
Diameter based Interfaces and descriptionDiameter based Interfaces and description
Diameter based Interfaces and descriptionManjeet Kaur
 
Introduction to DIAMETER
Introduction to DIAMETERIntroduction to DIAMETER
Introduction to DIAMETERHossein Yavari
 

What's hot (20)

Philippe Langlois - LTE Pwnage - P1security
Philippe Langlois - LTE Pwnage - P1securityPhilippe Langlois - LTE Pwnage - P1security
Philippe Langlois - LTE Pwnage - P1security
 
SS7: Locate. Track. Manipulate.
SS7: Locate. Track. Manipulate.SS7: Locate. Track. Manipulate.
SS7: Locate. Track. Manipulate.
 
SIGTRAN - An Introduction
SIGTRAN - An IntroductionSIGTRAN - An Introduction
SIGTRAN - An Introduction
 
Introducing to LAC-CI
Introducing to LAC-CIIntroducing to LAC-CI
Introducing to LAC-CI
 
Assaulting diameter IPX network
Assaulting diameter IPX networkAssaulting diameter IPX network
Assaulting diameter IPX network
 
VoLTE Flows and CS network
VoLTE Flows and CS networkVoLTE Flows and CS network
VoLTE Flows and CS network
 
Ss7 Introduction Li In
Ss7 Introduction Li InSs7 Introduction Li In
Ss7 Introduction Li In
 
SS7 Vulnerabilities
SS7 VulnerabilitiesSS7 Vulnerabilities
SS7 Vulnerabilities
 
SS7 & SIGTRAN
SS7 & SIGTRANSS7 & SIGTRAN
SS7 & SIGTRAN
 
Creating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyCreating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case study
 
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
 
Sigtran Workshop
Sigtran WorkshopSigtran Workshop
Sigtran Workshop
 
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
 
Positive approach to security of Core networks
Positive approach to security of Core networksPositive approach to security of Core networks
Positive approach to security of Core networks
 
LI Solutions
LI SolutionsLI Solutions
LI Solutions
 
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...
Analysis of attacks / vulnerabilities SS7 / Sigtran using Wireshark (and / or...
 
Introduction to Diameter Protocol - Part1
Introduction to Diameter Protocol - Part1Introduction to Diameter Protocol - Part1
Introduction to Diameter Protocol - Part1
 
Telecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenesTelecom incidents investigation: daily work behind the scenes
Telecom incidents investigation: daily work behind the scenes
 
Diameter based Interfaces and description
Diameter based Interfaces and descriptionDiameter based Interfaces and description
Diameter based Interfaces and description
 
Introduction to DIAMETER
Introduction to DIAMETERIntroduction to DIAMETER
Introduction to DIAMETER
 

Viewers also liked

Quick Summary of LTE Voice Summit 2015 #LTEVoice
Quick Summary of LTE Voice Summit 2015 #LTEVoiceQuick Summary of LTE Voice Summit 2015 #LTEVoice
Quick Summary of LTE Voice Summit 2015 #LTEVoice3G4G
 
Introduction to Telco-OTT Services
Introduction to Telco-OTT ServicesIntroduction to Telco-OTT Services
Introduction to Telco-OTT ServicesMartin Geddes
 
Lte security overview
Lte security overviewLte security overview
Lte security overviewaliirfan04
 
Critical networking using mesh Wi-SUN technology
Critical networking using mesh Wi-SUN technologyCritical networking using mesh Wi-SUN technology
Critical networking using mesh Wi-SUN technology3G4G
 
Narrowband Internet of Things - R&S Whitepaper
Narrowband Internet of Things - R&S WhitepaperNarrowband Internet of Things - R&S Whitepaper
Narrowband Internet of Things - R&S Whitepaper3G4G
 
VoWLAN: Call Quality
VoWLAN: Call QualityVoWLAN: Call Quality
VoWLAN: Call Quality3G4G
 
Andy sutton - Multi-RAT mobile backhaul for Het-Nets
Andy sutton - Multi-RAT mobile backhaul for Het-NetsAndy sutton - Multi-RAT mobile backhaul for Het-Nets
Andy sutton - Multi-RAT mobile backhaul for Het-Netshmatthews1
 
Mobile Network Sharing
Mobile Network SharingMobile Network Sharing
Mobile Network Sharing3G4G
 
Radio Frequency, Band and Spectrum
Radio Frequency, Band and SpectrumRadio Frequency, Band and Spectrum
Radio Frequency, Band and Spectrum3G4G
 
2G/3G Switch off Dates
2G/3G Switch off Dates2G/3G Switch off Dates
2G/3G Switch off Dates3G4G
 

Viewers also liked (11)

Quick Summary of LTE Voice Summit 2015 #LTEVoice
Quick Summary of LTE Voice Summit 2015 #LTEVoiceQuick Summary of LTE Voice Summit 2015 #LTEVoice
Quick Summary of LTE Voice Summit 2015 #LTEVoice
 
Introduction to Telco-OTT Services
Introduction to Telco-OTT ServicesIntroduction to Telco-OTT Services
Introduction to Telco-OTT Services
 
Gsm basics
Gsm basicsGsm basics
Gsm basics
 
Lte security overview
Lte security overviewLte security overview
Lte security overview
 
Critical networking using mesh Wi-SUN technology
Critical networking using mesh Wi-SUN technologyCritical networking using mesh Wi-SUN technology
Critical networking using mesh Wi-SUN technology
 
Narrowband Internet of Things - R&S Whitepaper
Narrowband Internet of Things - R&S WhitepaperNarrowband Internet of Things - R&S Whitepaper
Narrowband Internet of Things - R&S Whitepaper
 
VoWLAN: Call Quality
VoWLAN: Call QualityVoWLAN: Call Quality
VoWLAN: Call Quality
 
Andy sutton - Multi-RAT mobile backhaul for Het-Nets
Andy sutton - Multi-RAT mobile backhaul for Het-NetsAndy sutton - Multi-RAT mobile backhaul for Het-Nets
Andy sutton - Multi-RAT mobile backhaul for Het-Nets
 
Mobile Network Sharing
Mobile Network SharingMobile Network Sharing
Mobile Network Sharing
 
Radio Frequency, Band and Spectrum
Radio Frequency, Band and SpectrumRadio Frequency, Band and Spectrum
Radio Frequency, Band and Spectrum
 
2G/3G Switch off Dates
2G/3G Switch off Dates2G/3G Switch off Dates
2G/3G Switch off Dates
 

Similar to How to Intercept a Conversation Held on the Other Side of the Planet

Call flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flowCall flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flowEricsson Saudi
 
fdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.pptfdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.pptHazemElabed2
 
Kumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication securityKumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication securitynullowaspmumbai
 
Gsm training
Gsm trainingGsm training
Gsm traininggernaz55
 
395273802-GSM-Signaling.pdf
395273802-GSM-Signaling.pdf395273802-GSM-Signaling.pdf
395273802-GSM-Signaling.pdfGeoffreyAlleyne
 
Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)Hamidreza Bolhasani
 
Gsm architecture and call flow
Gsm architecture and call flowGsm architecture and call flow
Gsm architecture and call flowMohd Nazir Shakeel
 
Gsm overview
Gsm overviewGsm overview
Gsm overviewChon Tum
 
02 gsm hscsd_gprs
02 gsm hscsd_gprs02 gsm hscsd_gprs
02 gsm hscsd_gprsChyon Ju
 
Basic gsm principles
Basic gsm principlesBasic gsm principles
Basic gsm principlesSupper Mario
 
PLNOG 9: Piotr Wojciechowski - Multicast Security
PLNOG 9: Piotr Wojciechowski - Multicast Security PLNOG 9: Piotr Wojciechowski - Multicast Security
PLNOG 9: Piotr Wojciechowski - Multicast Security PROIDEA
 
Ussd call back or UCB
Ussd call back or UCBUssd call back or UCB
Ussd call back or UCBRawand Jaf
 
Gsm architecture
Gsm architectureGsm architecture
Gsm architecturesumit singh
 
Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)Hamidreza Bolhasani
 

Similar to How to Intercept a Conversation Held on the Other Side of the Planet (20)

Call flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flowCall flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flow
 
fdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.pptfdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.ppt
 
Kumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication securityKumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication security
 
Gsm
GsmGsm
Gsm
 
Gsm
GsmGsm
Gsm
 
Gsm training
Gsm trainingGsm training
Gsm training
 
395273802-GSM-Signaling.pdf
395273802-GSM-Signaling.pdf395273802-GSM-Signaling.pdf
395273802-GSM-Signaling.pdf
 
gsm operation
gsm operationgsm operation
gsm operation
 
Intelegent network.ppt
Intelegent network.pptIntelegent network.ppt
Intelegent network.ppt
 
Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)
 
Switching systems lecture7
Switching systems lecture7Switching systems lecture7
Switching systems lecture7
 
Gsm architecture and call flow
Gsm architecture and call flowGsm architecture and call flow
Gsm architecture and call flow
 
Telecom Security
Telecom SecurityTelecom Security
Telecom Security
 
Gsm overview
Gsm overviewGsm overview
Gsm overview
 
02 gsm hscsd_gprs
02 gsm hscsd_gprs02 gsm hscsd_gprs
02 gsm hscsd_gprs
 
Basic gsm principles
Basic gsm principlesBasic gsm principles
Basic gsm principles
 
PLNOG 9: Piotr Wojciechowski - Multicast Security
PLNOG 9: Piotr Wojciechowski - Multicast Security PLNOG 9: Piotr Wojciechowski - Multicast Security
PLNOG 9: Piotr Wojciechowski - Multicast Security
 
Ussd call back or UCB
Ussd call back or UCBUssd call back or UCB
Ussd call back or UCB
 
Gsm architecture
Gsm architectureGsm architecture
Gsm architecture
 
Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)
 

More from Positive Hack Days

Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release NotesИнструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release NotesPositive Hack Days
 
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows DockerКак мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows DockerPositive Hack Days
 
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive TechnologiesТиповая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive TechnologiesPositive Hack Days
 
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + QlikАналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + QlikPositive Hack Days
 
Использование анализатора кода SonarQube
Использование анализатора кода SonarQubeИспользование анализатора кода SonarQube
Использование анализатора кода SonarQubePositive Hack Days
 
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps CommunityРазвитие сообщества Open DevOps Community
Развитие сообщества Open DevOps CommunityPositive Hack Days
 
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...Positive Hack Days
 
Автоматизация построения правил для Approof
Автоматизация построения правил для ApproofАвтоматизация построения правил для Approof
Автоматизация построения правил для ApproofPositive Hack Days
 
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»Positive Hack Days
 
Формальные методы защиты приложений
Формальные методы защиты приложенийФормальные методы защиты приложений
Формальные методы защиты приложенийPositive Hack Days
 
Эвристические методы защиты приложений
Эвристические методы защиты приложенийЭвристические методы защиты приложений
Эвристические методы защиты приложенийPositive Hack Days
 
Теоретические основы Application Security
Теоретические основы Application SecurityТеоретические основы Application Security
Теоретические основы Application SecurityPositive Hack Days
 
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 летОт экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 летPositive Hack Days
 
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на граблиУязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на граблиPositive Hack Days
 
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПОТребования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПОPositive Hack Days
 
Формальная верификация кода на языке Си
Формальная верификация кода на языке СиФормальная верификация кода на языке Си
Формальная верификация кода на языке СиPositive Hack Days
 
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CoreМеханизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CorePositive Hack Days
 
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опытSOC для КИИ: израильский опыт
SOC для КИИ: израильский опытPositive Hack Days
 
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services CenterHoneywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services CenterPositive Hack Days
 
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атакиCredential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атакиPositive Hack Days
 

More from Positive Hack Days (20)

Инструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release NotesИнструмент ChangelogBuilder для автоматической подготовки Release Notes
Инструмент ChangelogBuilder для автоматической подготовки Release Notes
 
Как мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows DockerКак мы собираем проекты в выделенном окружении в Windows Docker
Как мы собираем проекты в выделенном окружении в Windows Docker
 
Типовая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive TechnologiesТиповая сборка и деплой продуктов в Positive Technologies
Типовая сборка и деплой продуктов в Positive Technologies
 
Аналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + QlikАналитика в проектах: TFS + Qlik
Аналитика в проектах: TFS + Qlik
 
Использование анализатора кода SonarQube
Использование анализатора кода SonarQubeИспользование анализатора кода SonarQube
Использование анализатора кода SonarQube
 
Развитие сообщества Open DevOps Community
Развитие сообщества Open DevOps CommunityРазвитие сообщества Open DevOps Community
Развитие сообщества Open DevOps Community
 
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
Методика определения неиспользуемых ресурсов виртуальных машин и автоматизаци...
 
Автоматизация построения правил для Approof
Автоматизация построения правил для ApproofАвтоматизация построения правил для Approof
Автоматизация построения правил для Approof
 
Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»Мастер-класс «Трущобы Application Security»
Мастер-класс «Трущобы Application Security»
 
Формальные методы защиты приложений
Формальные методы защиты приложенийФормальные методы защиты приложений
Формальные методы защиты приложений
 
Эвристические методы защиты приложений
Эвристические методы защиты приложенийЭвристические методы защиты приложений
Эвристические методы защиты приложений
 
Теоретические основы Application Security
Теоретические основы Application SecurityТеоретические основы Application Security
Теоретические основы Application Security
 
От экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 летОт экспериментального программирования к промышленному: путь длиной в 10 лет
От экспериментального программирования к промышленному: путь длиной в 10 лет
 
Уязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на граблиУязвимое Android-приложение: N проверенных способов наступить на грабли
Уязвимое Android-приложение: N проверенных способов наступить на грабли
 
Требования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПОТребования по безопасности в архитектуре ПО
Требования по безопасности в архитектуре ПО
 
Формальная верификация кода на языке Си
Формальная верификация кода на языке СиФормальная верификация кода на языке Си
Формальная верификация кода на языке Си
 
Механизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET CoreМеханизмы предотвращения атак в ASP.NET Core
Механизмы предотвращения атак в ASP.NET Core
 
SOC для КИИ: израильский опыт
SOC для КИИ: израильский опытSOC для КИИ: израильский опыт
SOC для КИИ: израильский опыт
 
Honeywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services CenterHoneywell Industrial Cyber Security Lab & Services Center
Honeywell Industrial Cyber Security Lab & Services Center
 
Credential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атакиCredential stuffing и брутфорс-атаки
Credential stuffing и брутфорс-атаки
 

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

How to Intercept a Conversation Held on the Other Side of the Planet