Upload
ledien
View
226
Download
1
Embed Size (px)
Citation preview
©2017P1Security.Allrightsreserved.
2017
²
TrainingDescription
TS-310Reversingtelecomplatformsforsecurity
©2017P1Security.Allrightsreserved.
TS-310Reversingtelecomplatformsforsecurity
Descriptionoftraining
Learn about contemporary telecom andmobile system reverse engineering within the context ofTelecom and Mobile Network operators and how to attack core telecom infrastructure (CoreNetwork,Services,MobileApps,Handsetplatforms,IoTplatforms).Wewill see fromthemobilehandset (Android,apps,platform)totheoperatorCoreNetworkhowthesetechnologiesmeshedtogetherandhowtomakesenseoftheirprotocolsandapplications.DurationShortversion:2days.Prerequisitesfortraining
• Basicknowledgeoftelecom&networkprinciples:whatis2G,3G,4G;OSInetworklayers.• BasicknowledgeandusageofWireshark.• BasicskillsandusageofLinuxforreverseengineering(knowledgeoftoolsinaBacktrack/Kali
forreverseengineeringisaplus).• BasicskillsinPythonprogramming.
MinimumSoftwaretoinstall
• LaptopwithLinuxinstalledeitherinaVMornative,Backtrack/Kalirecommended.• optional:DisassemblersuchasHopper/Radare2/IDAPro.• Mobilephone(Androidrecommended)andworkingSIMcardwithsufficientcreditforvoice,
SMSanddata(roamingworkingandtestedisaplus).• AdditionalSIMcardsoptional.• Knowhowtodotetheringforyourlaptopthroughyourmobilephone.
Coveredinthistraining
Part1:Operatorinfrastructureattacksurface,ReverseengineeringtoolsandNetworkelementvulnerabilityresearch
• Thetrainingwillshowthevariousattacksurfacesforthesenetworksandshowtheimpactofvulnerabilitiesforeachnetworkelement.
• Thetrainingwillshowhowtoapplyandusedcommonreverseengineeringtoolsontelecomandmobilesystems.
• HuaweiMGW8900CoreNetworkElement(legacy,monolithic,VxWorks+FPGA)description,analysisandreverseengineering.
• HuaweiHSS/MSCCoreNetworkElement(ATCA,recent,Linux+FPGA)description,analysisandreverseengineering.
©2017P1Security.Allrightsreserved.
• ZTECoreNetworkElement(ATCA,recent,Linux)description,analysisandreverseengineering.
Part2:Mobile(in)security,SubscriberapplicationsreverseengineeringandNetworkprotocolsanalysis
• Androidplatform(Android+Proprietaryextensions).WewilllookintoAndroidapplicationsandplatformspecificsbinariestofindaccesspointtothecorenetwork.
• Mobilephoneusageofthenetworkandapplications(CS,USSD,SMS,PacketSwitched/Data,VAS).
• Wewilllookintotheprotocolsusedbythemobile,analyzingthemanddetailingwheresecurityproblemscanappear.
• WewilldigintoCoreNetworkprotocols,reverseengineersomespecifiedandsomeproprietarytelecomCoreNetworkprotocols.
• Accessnetworkprotocolsanalysis.Wewilllookintothenetworkprotocolsthatareusedbythemobilehandsetstowardthemobilenetwork.
• CiscoASR5x00NetworkElementdescription,analysisandreverseengineering.