Presentation Material
Abstract
Offensively focused research is of high importance mainly because of the increase in no of targeted attacks. This paper focus on an innovative new attacks surface [USB Data Modems] that could possibly be a potential target to attacks in the future. The paper demonstrates fuzzing approaches and code execution on computers via SMS payloads.
Attacking by SMS “You can run, you can hide but you can’t escape these exploits”. There is already a lot of research done on SMS attacks on mobile phones by Collin mullier, Charlie Miller, Nico Golde. Based on their research it was easy to find SMS payloads that crashed the phones but reliable code execution was hard on the mobile platforms. As well as the limitation of character that could be send over SMS was an issue. In the case of USB modems, it was easy to write a reliable exploits once we found a poc crash. Another main reason is no user interaction required, as soon as SMS is received on modem the parser[dialer] tries to read the data and extract the database and move it to the local database. A normal web browser or network layer attacks need either user interaction or their target to be online attacks. But SMS based exploit does not have these drawbacks, as soon as a victim gets online his service provider would forward the message to his Inbox. Mass exploitation and high reliability of targets, since these modems have a phone no which lies in a particular series, so all the phone numbers starting with xxxxxx1000 to xxxxxx2000 would be running a particular version of USB modem software so the impact is large.
AI Generated Summarymay contain errors
Here is a summarized version of the content:
The speaker is demonstrating a proof-of-concept (POC) exploit for a vulnerability in a particular SMS parser. When an SMS is sent to the device, , it crashes and creates a file called “hack.txt”, allowing for code execution. The speaker notes that there are limitations to this exploit and that they are not experienced in exploit writing.
The exploit was tested by sending the SMS directly to the modem, debugging tool. The speaker mentions that it’s difficult to send malicious messages via network due to security measures like passwords on SMS centers.
The vulnerability is specific to a particular parser module and mainly affects Windows users who use the interface. Linux users are not affected since they use a different dialer. The speaker thanks several friends and colleagues for their help and support in developing this exploit.
In response to questions, the speaker clarifies that the SMS was sent directly to the modem and that it’s possible to bypass security measures like non-ASCII payloads. They also mention that the vulnerability is not fixed yet and that they hope others will extend and improve upon their work.