Posted on

Talk @ SSTIC 2017: Subscribers remote geolocation and tracking using 4G VoLTE enabled Android phone

sstic 2017 rennes volte p1security geolocation tracking 4G IMS patrick ventuzelo

SSTIC 2017

VoLTE (Voice over LTE) is a technology implemented by many operators over the world. Unlike previous 2G/3G technologies, VoLTE offers the possibility to use the end-to-end IP network to handle voice communications. This technology uses VoIP (Voice over IP) standards over IMS (IP Multimedia Subsystem) network.

In this paper, we will first introduce the basics of VoLTE technology. We will then, demonstrate how to use an Android phone, to communicate with VoLTE networks and what normal VoLTE communications look like. Finally, we will describe different issues and implementations problems. We will present vulnerabilities, both passive and active, and attacks that can be done using VoLTE Android smartphones to attack subscribers and operators infrastructure.

Some of these vulnerabilities are new and not previously disclosed: they may allow an attacker to silently retrieve private pieces of information on targeted subscribers, such as their geolocation

link paper

Posted on

Talk @ ESE #4: Introduction to PIN, a DBI (Dynamic Binary Instrumentation) framework

ese pin intel DBI patrick ventuzelo

2016/05/21 @ ESE #4

Dynamic Binary Instrumentation (DBI) is a technique for analyzing and modifying the behavior of a program when it is executed.

Among the most known frameworks there are Valgrind, DynamoRIO and PIN. The latter is developed by Intel and has a simple and functional API.

The purpose of this presentation is to show the possibilities of such a tool as well as an example through a Crackme.

slides (fr)