Modmob tools: Home made tools to test mobile devices and monitor networks
Modmob tools are a set of two home made mobile tools (Modmobmap & Mobmobjam) that could be combined to monitor the mobile network (legit and rogue cells), but also attack mobile devices (phones, car computers, alarms, and so on), by using different techniques (monitoring, cell profile cloning, and smart/targeted jamming) and cheap equipments (smartphones or/and modems or/and Software-Radio-Communication devices).
In addition to mobile phones, a lot of devices use the mobile network to exchange data. To attack these devices, different techniques can be used to intercept targeted devices, capture exchanged data and attack client applications, but also remote servers. In this presentation, we will present Modmobmap and Mobmobjam tools and see how it can be used with very cheap equipments. Then we will present different case scenarios we have encountered during our pentest and Red team to see how these tools can be used in real case scenarios. Morover, we will see how these tools can be used in defense scenarios. To finish will talk about the future and coming extensions for the tool set.
- Intro: Context, evolution of mobile technologies, security of communications, the future with 5G;
- Required hardware and software + the alternatives;
- Attraction of mobile devices: intro, methods (Faraday shield, using Modmobmap and Modmobjam, custom USIM for pentests);
- Interception: GPRS, 3G and 4G, our difficulties and how to circumvent them, some words about testing 5G devices, and vulnerable endpoints devices are connected to;
- Hardware attacks: case of an intercom -> looking on debug interfaces and abusing one, techniques to interfaces (including cheaper ones), protection bypasses on some devices, chip-off, etc.