Hacking 4G and how to get arrested in 10 minutes - Christian Sørseth
Ғылым және технология
We have all seen in the movies, where the bad guy's mobile get tapped and the feds listen in on their plans. But how feasible is this in practice?. Christian will show you in this lightning talk how mobile networks work, why they are vulnerable to attack, how to build your own IMSI catcher for less than 1000 dollars and what will happen to you if you ever use it.
NDC Conferences
ndcoslo.com
ndcconferences.com
Пікірлер: 65
Such a great content, you deserve millions of subscribers
Some agencies who are NOT law enforcement definetly use these
Very informative, thanks. 🙏🏻
And they say geeks don't know how to have Fun!! 😂😂😂
Great man...
If someone is doing this who could you tell and how could you prove it
There are things you can do. You can stop using primitive communication technologies. Don't send an SMS, send a WhatsApp message. It's that simple. Assuming the network is a secure direct line between two parties is wrong in all types of public computer networks. Just don't send unencrypted data over the network and stop caring about attackers listening to traffic on the network.
@McDaniel1
11 ай бұрын
What about 2FA and OTP :/
Very Good, Lots of Information in simple and funny talking.
Why couldn't this be done passively without have to interrupt ? or does it have to intercept to open the encryption ?
Guy is talking from Oslo where police were shocked to learn how many IMSI catchers were active in the city.
I wish my local government in las vegas understood this!
@nopoliticalparties
3 жыл бұрын
flagg the spam ^^ fake account noobs you can't cuss but these idiots can market scams
Basically this is what the NSA does to us ?!!?!?
@ockeojoj
3 жыл бұрын
No, this is what the cops do. You could read about it if you google it.
All of that felonies for only $940!!!
7:49 it must be fun to be oblivious
I am very curious, did anyone actually got caught for making this fake 4g base station? I doubt it. HOW would anyone find out about it unless you are really reckless/open about it and do some crazy shit that actually cause harm to make a lot of people notice something is wrong.
@spiderx01
2 жыл бұрын
In Czech Republic is network of signal detectors. So if somebody make too strong signal on some frequency, they can catch him. They get his position based on triangulation.
@AndreasDelleske
2 жыл бұрын
Every modern cell tower has capabilities to triangulate bad or fake stations automatically, precision better than a meter (nanosecond is 33 cm). If they don't send police in 10 minutes it is because they want to collect evidence and find out what you're up to first so they can pull you to court. It's their job to find out if one of their own stations get corrupted or bad.
@stage666
2 жыл бұрын
@@AndreasDelleske I doubt they will do anything about it. Even if they do, what if I put the station on a car? They call the cops in 10 min? I'm gone in 20 min. Catch me if you can.
@AndreasDelleske
2 жыл бұрын
@@stage666 If it seems to work, you will do it more often. When law enforcement is prepared, it takes seconds to catch your location.
@1gta4gta
2 жыл бұрын
@@spiderx01 but what If you limit the signal?
So could you build your own 3G tower this way using your wired connection if you live in a secluded area without a lot of towers nearby?
@adamstewart7856
3 жыл бұрын
Yup, it’s possible with a BladeRF and a piece of software called OpenBTS
@sjwiz5991
2 жыл бұрын
@@adamstewart7856 Is BladeRF better than all the other SDRs for this purpose?
@1gta4gta
2 жыл бұрын
@@sjwiz5991 unfortunately its too expensive for me
How to get arrested in 10 minutes 😂😂😂😂🤣🤣🤣🤣
Good knowledge. I wonder if that happened to me. Is there a way to defend against it happening?
@fernsader9261
4 жыл бұрын
If you learn to defend you must learn how to attack
@solidpain9098
3 жыл бұрын
There are different ways to mitigate and to detect it. With an rooted Android Phone and SnoopSnitch you get warned, whenever you are connected to an IMSI Catcher. It detects abnormal behaviour from the Base Station like too high Transmission Power, wrong or changing LAIs, suspicious commands etc. It works an all rooted Android phones with a Broadcom Chipset. Other than that, always use as much encryption as possible to prevent data interceltion and analysis from the IMSI Catcher. To prevent location tracking, well, change your SIM (IMSI) and your phone (IMEI) regularly. And you can always go for a counterattack. DOS the IMSI-catcher, track it down and disconnect it or jamm it (3G/4G Jammers are cheap). This also has the advantage, that it will alert your Federal Network Agency, and depending if they only cut the jammer or the jammer+ IMSI Catcher you will know if it is a state owned one or from some criminal smug (or foreign state?)
@legomego6943
Жыл бұрын
@@davidfierros8186 why/how does foil work?
So he build his own cell like tower for other cellphones to connect.
Unbelievable stuff
I bet this was a zero day once upon a time. Now 5G? 00
So how do you legally learn to do this without breaking any law?
@lockheed7610
2 жыл бұрын
By hacking yourself
why is there so little comments ? ofc comments are off i mean the creator has to choose them
Thanks i got arrested ❤
“With the IMSI you can send texts.” What? That doesn’t sound right
@chizzas
4 жыл бұрын
Well, by using the software as mentioned (OpenAirInterface) you can configure the USRP to act as an UE.
@BullCheatFR
4 жыл бұрын
I find it really hard to believe a cellular network will accept a message without any kind of SIM presence verification. Be it signing, challenge response or some other method, there has to be some kind of authentication mechanism otherwise everybody would be SMS spoofing
🤣🤣nice live demo 🤣🤣
Спасибо! Просто интересно возможно ли каким-то странным людям взломать мои драгоценные разговоры с мамой...
@mattlawton4715
Жыл бұрын
Yes they are
@pspdv
Жыл бұрын
@@mattlawton4715 lol
Why only few comments, Afraid ?
@justknot4481
3 жыл бұрын
You will also get arrested if you explain in detail 🤣🤣
6:36 police sirens lol 😂😂😂 Probably FBI 🤣 jk
@passord1d493
4 жыл бұрын
we don't have the fbi in norway propely e-tjenesten
LMFAO live demo
what even is this
Catch me if you can .... Lol no i am kidding