P1 Training Description TS-310 v1.0 jbt€¢ Huawei MGW8900 Core Network Element (legacy,...
Transcript of P1 Training Description TS-310 v1.0 jbt€¢ Huawei MGW8900 Core Network Element (legacy,...
![Page 1: P1 Training Description TS-310 v1.0 jbt€¢ Huawei MGW8900 Core Network Element (legacy, monolithic, VxWorks + FPGA) description, analysis and reverse engineering. • Huawei HSS](https://reader031.fdocuments.net/reader031/viewer/2022022204/5aff520a7f8b9a814d904a49/html5/thumbnails/1.jpg)
©2017P1Security.Allrightsreserved.
2017
²
TrainingDescription
TS-310Reversingtelecomplatformsforsecurity
![Page 2: P1 Training Description TS-310 v1.0 jbt€¢ Huawei MGW8900 Core Network Element (legacy, monolithic, VxWorks + FPGA) description, analysis and reverse engineering. • Huawei HSS](https://reader031.fdocuments.net/reader031/viewer/2022022204/5aff520a7f8b9a814d904a49/html5/thumbnails/2.jpg)
©2017P1Security.Allrightsreserved.
TS-310Reversingtelecomplatformsforsecurity
Descriptionoftraining
Learn about contemporary telecom andmobile system reverse engineering within the context ofTelecom and Mobile Network operators and how to attack core telecom infrastructure (CoreNetwork,Services,MobileApps,Handsetplatforms,IoTplatforms).Wewill see fromthemobilehandset (Android,apps,platform)totheoperatorCoreNetworkhowthesetechnologiesmeshedtogetherandhowtomakesenseoftheirprotocolsandapplications.DurationShortversion:2days.Prerequisitesfortraining
• Basicknowledgeoftelecom&networkprinciples:whatis2G,3G,4G;OSInetworklayers.• BasicknowledgeandusageofWireshark.• BasicskillsandusageofLinuxforreverseengineering(knowledgeoftoolsinaBacktrack/Kali
forreverseengineeringisaplus).• BasicskillsinPythonprogramming.
MinimumSoftwaretoinstall
• LaptopwithLinuxinstalledeitherinaVMornative,Backtrack/Kalirecommended.• optional:DisassemblersuchasHopper/Radare2/IDAPro.• Mobilephone(Androidrecommended)andworkingSIMcardwithsufficientcreditforvoice,
SMSanddata(roamingworkingandtestedisaplus).• AdditionalSIMcardsoptional.• Knowhowtodotetheringforyourlaptopthroughyourmobilephone.
Coveredinthistraining
Part1:Operatorinfrastructureattacksurface,ReverseengineeringtoolsandNetworkelementvulnerabilityresearch
• Thetrainingwillshowthevariousattacksurfacesforthesenetworksandshowtheimpactofvulnerabilitiesforeachnetworkelement.
• Thetrainingwillshowhowtoapplyandusedcommonreverseengineeringtoolsontelecomandmobilesystems.
• HuaweiMGW8900CoreNetworkElement(legacy,monolithic,VxWorks+FPGA)description,analysisandreverseengineering.
• HuaweiHSS/MSCCoreNetworkElement(ATCA,recent,Linux+FPGA)description,analysisandreverseengineering.
![Page 3: P1 Training Description TS-310 v1.0 jbt€¢ Huawei MGW8900 Core Network Element (legacy, monolithic, VxWorks + FPGA) description, analysis and reverse engineering. • Huawei HSS](https://reader031.fdocuments.net/reader031/viewer/2022022204/5aff520a7f8b9a814d904a49/html5/thumbnails/3.jpg)
©2017P1Security.Allrightsreserved.
• ZTECoreNetworkElement(ATCA,recent,Linux)description,analysisandreverseengineering.
Part2:Mobile(in)security,SubscriberapplicationsreverseengineeringandNetworkprotocolsanalysis
• Androidplatform(Android+Proprietaryextensions).WewilllookintoAndroidapplicationsandplatformspecificsbinariestofindaccesspointtothecorenetwork.
• Mobilephoneusageofthenetworkandapplications(CS,USSD,SMS,PacketSwitched/Data,VAS).
• Wewilllookintotheprotocolsusedbythemobile,analyzingthemanddetailingwheresecurityproblemscanappear.
• WewilldigintoCoreNetworkprotocols,reverseengineersomespecifiedandsomeproprietarytelecomCoreNetworkprotocols.
• Accessnetworkprotocolsanalysis.Wewilllookintothenetworkprotocolsthatareusedbythemobilehandsetstowardthemobilenetwork.
• CiscoASR5x00NetworkElementdescription,analysisandreverseengineering.