BadB
Professional
- Messages
- 2,494
- Reaction score
- 2,550
- Points
- 113
How do I listen to a cardholder's conversation and get his SMS for bypass 3D-Security?
Monitoring of mobile phones without their owners ' knowledge is growing rapidly in Latin American countries such as Argentina, Mexico, and Brazil, after becoming very prominent in the US since 2008.
A Stingray, GSM interceptor, or IMSI interceptor is a piece of equipment that can collect data from hundreds of phones in targeted areas, and can also perform denial-of-service ( DOS) attacks on phones and intercept conversations. Although the purchase of these devices is not available legally, they can be purchased through the black market or in darknets.
Law enforcement agencies and the military use these devices to track mobile phones. The Stingray system includes an antenna, maps, and a signaling device. The device simulates both a base transmitting station (BTS) and cell towers and connects phones in this zone to it. The device then collects the international mobile subscriber number (IMSI) and electronic serial number (ESM) numbers associated with the phone, and can connect to any phone.
There are two ways to use these devices:
These devices can be used with software to listen in on mobile phone conversations and fake calls/SMS messages. These programs are known as special signaling programs, such as FISHHAWK, PORPOISE.
Also known as GSM INTERCEPTOR or IMSI CATCHER. It is easy to find various similar devices on the market:
Some of the devices available on the market.
We'll talk about some of them in more detail.
GOSSAMER
Gossamer is a small, portable device that looks like a Stingray and is able to collect data on mobile phones operating in the target area. The Gossamer device is much smaller than a Stingray, and it can be used to perform a denial-of-service attack on phone users, blocking targeted people from making or receiving calls. According to information security industry analysts, the estimated cost of gossamer-type devices on the black market is between $ 10,000 and $ 20,000, depending on the state of the device and the characteristics of the device in countries such as Mexico, Brazil, and Argentina.
TRIGGERFISH LIKE
Triggerfish is a listening device. With it, anyone can intercept calls and messages in real time in the target zone. This is all allowed by the functions of the ramp. Some advanced Russian versions of Triggerfish can intercept calls and SMS messages from 10,000 mobile phones in the target area of the city at once.
KINGFISH LIKE
Kingfish is a device that allows anyone to track and analyze information from mobile phones in the target area. This is smaller than Stingray devices, but it can give you a list of connections between different phones. This device can be controlled wirelessly for communication monitoring.
The HARPOON
A harpoon is an amplifying device that is used to amplify the signal of a Stingray or Kingfish device, so that a larger area can be monitored and a safer mobile phone can be tracked from a very long distance. The cost of a harpoon similar to Russian amplifiers is about 15,000 US dollars on the black market.
3G (UMTS) GSM INTERCEPTOR
This device automatically scans and detects the parameters of all 3G networks in the range, as well as intercepts outgoing and incoming 3G packets, detects all 3G phones and collects their IDs (IMSI, IMEI and TMSI). This device selectively blocks 3G communication on the target's phones. In addition, the extended version of this device can fully control mobile devices to send and receive calls and data related to Spoof 3G.
What you need to create your own interceptor:
BSC (base station controller) is the brain for BTS. It's a decision-making device, and it decides to switch between different BTS's. It also measures call switching. The interface between BSC and BTS is called the GSM A-bis interface.
OpenBTS software to configure our software-defined radio station (SDR), whose base radio station can work as a radio, or with OpenBTS and Linux, we can convert it to OpenBTS.
Asterisk Server, which helps in switching calls and is very easy to set up as a BSC:
HOW DOES IT WORK?
BTS verifies which mobile device it is connecting to, but the mobile device does not authenticate the BTS mobile network it is connecting to. Because phones always choose the strongest signal, so if there is a new BTS with a stronger signal, the mobile phone will always connect to it. In GSM, BTS decides whether to enable encryption or not, so our new OpenBTS station will not use encryption so that we can listen to all calls and SMS messages. The IMSI catcher must not break GSM encryption; it simply acts as a base station and tells the phone to disable GSM encryption.
To fake a network, you will need some information: the mobile country code, the mobile network code, and the network name. All this data can be easily found on the Internet, and we can program our OpenBTS with these values and configure IUSACELL for any network. After configuring these settings in our BTS, mobile phones within the range will start connecting to our OpenBTS.
We will also set up Asterisk Server, which will act as a call switching software, and will also help us display calls in real time, or possibly record them.
That's all.
Monitoring of mobile phones without their owners ' knowledge is growing rapidly in Latin American countries such as Argentina, Mexico, and Brazil, after becoming very prominent in the US since 2008.
A Stingray, GSM interceptor, or IMSI interceptor is a piece of equipment that can collect data from hundreds of phones in targeted areas, and can also perform denial-of-service ( DOS) attacks on phones and intercept conversations. Although the purchase of these devices is not available legally, they can be purchased through the black market or in darknets.
Law enforcement agencies and the military use these devices to track mobile phones. The Stingray system includes an antenna, maps, and a signaling device. The device simulates both a base transmitting station (BTS) and cell towers and connects phones in this zone to it. The device then collects the international mobile subscriber number (IMSI) and electronic serial number (ESM) numbers associated with the phone, and can connect to any phone.
There are two ways to use these devices:
- One way is to use an antenna in a given area to collect mobile phone numbers with an international subscriber number (IMSI) and an electronic serial number (ESN) in that area and find out who is in that area.
- The second method is to find a mobile phone with an IMEI, international mobile subscriber number (IMSI), and electronic serial number (ESM), such as Apple's find my phone app, but in this case the phone can be tracked even if the phone is formatted as the IMEI remains associated with hardware, not software. Based on the device's signal strength, you can find the exact location of your mobile phone.
These devices can be used with software to listen in on mobile phone conversations and fake calls/SMS messages. These programs are known as special signaling programs, such as FISHHAWK, PORPOISE.
Also known as GSM INTERCEPTOR or IMSI CATCHER. It is easy to find various similar devices on the market:
- GOSSAMER
- LONGSHIP
- BLACKFIN
- BLACKFIN II
- HAWKSBILL
- SPURDOG
- FISHFINDER
- KINGFISH
- STINGRAY
- STINGRAY II
- GSM INTERROGATOR
- CDMA INTERROGATOR
- INTERGROGTOR
- FIRE FISH
- TARPON
- AMBERJACK
- The HARPOON
- MORAY
- LANTERNIER
- PISCES FLIGHT
- STONE
Some of the devices available on the market.
We'll talk about some of them in more detail.
GOSSAMER
Gossamer is a small, portable device that looks like a Stingray and is able to collect data on mobile phones operating in the target area. The Gossamer device is much smaller than a Stingray, and it can be used to perform a denial-of-service attack on phone users, blocking targeted people from making or receiving calls. According to information security industry analysts, the estimated cost of gossamer-type devices on the black market is between $ 10,000 and $ 20,000, depending on the state of the device and the characteristics of the device in countries such as Mexico, Brazil, and Argentina.
TRIGGERFISH LIKE
Triggerfish is a listening device. With it, anyone can intercept calls and messages in real time in the target zone. This is all allowed by the functions of the ramp. Some advanced Russian versions of Triggerfish can intercept calls and SMS messages from 10,000 mobile phones in the target area of the city at once.
KINGFISH LIKE
Kingfish is a device that allows anyone to track and analyze information from mobile phones in the target area. This is smaller than Stingray devices, but it can give you a list of connections between different phones. This device can be controlled wirelessly for communication monitoring.
The HARPOON
A harpoon is an amplifying device that is used to amplify the signal of a Stingray or Kingfish device, so that a larger area can be monitored and a safer mobile phone can be tracked from a very long distance. The cost of a harpoon similar to Russian amplifiers is about 15,000 US dollars on the black market.
3G (UMTS) GSM INTERCEPTOR
This device automatically scans and detects the parameters of all 3G networks in the range, as well as intercepts outgoing and incoming 3G packets, detects all 3G phones and collects their IDs (IMSI, IMEI and TMSI). This device selectively blocks 3G communication on the target's phones. In addition, the extended version of this device can fully control mobile devices to send and receive calls and data related to Spoof 3G.
What you need to create your own interceptor:
BSC (base station controller) is the brain for BTS. It's a decision-making device, and it decides to switch between different BTS's. It also measures call switching. The interface between BSC and BTS is called the GSM A-bis interface.
OpenBTS software to configure our software-defined radio station (SDR), whose base radio station can work as a radio, or with OpenBTS and Linux, we can convert it to OpenBTS.
Asterisk Server, which helps in switching calls and is very easy to set up as a BSC:
- OpenBTS is open source software
- Asterisk Server is also open source
- Linux, as we all know, is also open source
- Software-defined radio communication (SDR) is a piece of hardware that will set you back about $ 500-1,000
HOW DOES IT WORK?
BTS verifies which mobile device it is connecting to, but the mobile device does not authenticate the BTS mobile network it is connecting to. Because phones always choose the strongest signal, so if there is a new BTS with a stronger signal, the mobile phone will always connect to it. In GSM, BTS decides whether to enable encryption or not, so our new OpenBTS station will not use encryption so that we can listen to all calls and SMS messages. The IMSI catcher must not break GSM encryption; it simply acts as a base station and tells the phone to disable GSM encryption.
To fake a network, you will need some information: the mobile country code, the mobile network code, and the network name. All this data can be easily found on the Internet, and we can program our OpenBTS with these values and configure IUSACELL for any network. After configuring these settings in our BTS, mobile phones within the range will start connecting to our OpenBTS.
We will also set up Asterisk Server, which will act as a call switching software, and will also help us display calls in real time, or possibly record them.
That's all.
