forked from AnwarMohamed/SigPloit
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
49ecd70
commit c05b396
Showing
1 changed file
with
11 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,32 +1,32 @@ | ||
| # SiGploit | ||
| SiGploit” a signaling security testing framework dedicated to Telecom Securrity professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile operators regardless of the geneartion being in use. | ||
| SiGploit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile operators regardless of the geneartion being in use. | ||
| SiGploit aims to cover all used protocols used in the operator's interconnects SS7,GTP (3G), Diameter (4G) or even SIP for IMS and VoLTE infrastrucutres used in the access layer. | ||
| Recommendations for each vulnerability will be provided to guide the tester and the operator the steps that should be done to enhance their security posture | ||
|
|
||
| SiGploit is developed on several phases | ||
| SiGploit is developed on several versions | ||
|
|
||
| Phase 1: SS7 | ||
| Version 1: SS7 | ||
| ------------- | ||
| SiGploit will intially start with SS7 vulnerabilites providing the messages used to test the below attacking scenarios | ||
| A- Location Tracking | ||
| B- Call and SMS Interception | ||
| C- Fraud | ||
|
|
||
| Phase 2: GTP | ||
| Version 2: GTP | ||
| ------------ | ||
| This phase will focus on the data roaming attacks that occurs on the IPX/GRX interconnects. | ||
| This Version will focus on the data roaming attacks that occurs on the IPX/GRX interconnects. | ||
|
|
||
| Phase 3: Diameter | ||
| Version 3: Diameter | ||
| ----------------- | ||
| This phase will focus on the attacks occuring on the LTE roaming interconnects using Diameter as the signaling protocol. | ||
| This Version will focus on the attacks occuring on the LTE roaming interconnects using Diameter as the signaling protocol. | ||
|
|
||
| Phase 4: SIP | ||
| Version 4: SIP | ||
| ------------ | ||
| This is phase will be concerned with SIP as the signaling protocol used in the access layer for voice over LTE(VoLTE) and IMS infrastructure. | ||
| This is Version will be concerned with SIP as the signaling protocol used in the access layer for voice over LTE(VoLTE) and IMS infrastructure. | ||
| Also SIP will be used to encapsulate SS7 messages (ISUP) to be relayed over VoIP providers to SS7 networks taking advantage of SIP-T protocol, a protocol extension for SIP to provide intercompatability between VoIP and SS7 networks | ||
|
|
||
| Phase 5: Reporting | ||
| Version 5: Reporting | ||
| ------------------ | ||
| This last phase will introduce the reporting feature. A comprehensive report with the tests done along with the recommendations provided for each vulnerability that has been exploited. | ||
| This last Version will introduce the reporting feature. A comprehensive report with the tests done along with the recommendations provided for each vulnerability that has been exploited. | ||
|
|
||
| BETA Version of SiGploit will have the Location Tracking attacks of the SS7 phase 1 |