Quick intro to setting up Wireguard interfaces in Mirktok’s RouterOS.
Category Archives: Security
Some thoughts on NRF Security in 5G Core
A look at attack vectors the NRF opens up in #5G Core networks, and the mitigations recommended by 3GPP.
The PLMN Problem for Private LTE / 5G
As the number of Private Networks built on LTE and 5G grow, how will PLMN allocation be managed?
And the call was coming from… INSIDE THE HOUSE. A look at finding UE Locations in LTE
How to find a subscriber location within the network.
PyHSS New Features
Thanks to some recent developments, PyHSS has had a major overhaul recently, and is getting better than ever, Some features that are almost ready for public release are: Config File Instead of having everything defined all over the place a single YAML config file is used to define how the HSS should function. SCTP Support … Continue reading PyHSS New Features
SIM Card Sniffing with Wireshark
Using Wireshark to sniff communication between your computer and Smart Card / SIM Card
Confidentiality Algorithms in 3GPP Networks: MILENAGE, XOR & Comp128
A look at the Confidentiality Algorithms used in 3GPP Networks, MILENAGE, XOR & Comp128
SIM / Smart Card Deep Dive – Part 3 – APDUs and Hello Card
A look at APDUs and Interacting with Cards
SIM / Smart Card Deep Dive – Part 2 – Meet & Greet
The basics of Smart Cards & their File System
SIM / Smart Card Deep Dive – Part 1 – Introduction to Smart Cards
Getting up close and personal with Smart Card / SIM Cards
5G Subscriber Identifiers – SUCI & SUPI
Acronyms and cryptography – a look at Subscriber Identifiers in 5G
SIM Unlock Shims
What do Unlock SIMs sold online actually do and how do they do it?
mkcert – Simple Localhost Certs
Using Mkcert to generate valid SSL certificates on your local machine for development
16 in 1 Magic SIM Card Revisited
Quick look at cheap “Magic SIM Cards”, what they do, how they do it, and the amazing graphics they use.
Kamailio Bytes – SIP over TLS (SIPS)
Using Transport Layer Security (TLS) to protect SIP traffic from modification / manipulation and guarantee message authenticity.
VoLTE / IMS – P-CSCF Assignment
How the P-CSCF address is assigned to a UE in Protocol Configuration Options (PCO) during bearer establishment.
Using Wireshark to peer inside IPsec ESP VoLTE data from the P-CSCF
Viewing the payload of an Encapsulated Security Payload in Wireshark.
Reverse Engineering Samsung Sysdump Utils to Unlock IMS Debug & TCPdump on Samsung Phones
Reverse Engineering the Samsung Sysdump app to unlock IMS Debug and TCPdump functions
VoLTE/IMS Debugging on Samsung Handsets using Sysdump & Samsung IMS Logger
Unlocking the built in IMS Debugging tool in Samsung’s Sysdump Utility
PyHSS Update – MongoDB Backend & SQN Resync
Feature Update on PyHSS the Python Home Subscriber Server
Random Posts on Security
Filtering for 3GPP DNS in Wireshark
5GC for EPC Folks – Control Plane Signalling
End of ISDN in Australia
K8s multiple objects in YAML File
Motorola GP Series CPS Unlock
PyHSS Update – IMS Cx Support!
Kamailio Bytes – UAC – Authenticate Outbound Calls
And the call was coming from… INSIDE THE HOUSE. A look at finding UE Locations in LTE
RTPengine – Installation & Configuration
