Tuesday, April 20, 2010

SMS UDH Binary and Concatenated

As a standard SMS can only contain 160 7-bit GSM characters, Concatenated SMS are used to send long SMS which are bigger then 160 characters. Concatenation allows a sender to send more than one SMS which then get stuck together automatically by the phone to appear as one message.

To indicate that the content contains a UDH, a flag on the SMS called the UDH Indicator (UDHI) must be turned on. This tells the phone that it must separate the UDH from the rest of the content.

UDH

Format of an SMS with a UDH

The phone separates the UDH by reading the first byte of the content. The number in this byte is the length of the rest of UDH and is called the User Data Header Length (UDHL). The phone then knows how many bytes make up the UDH and can separate it from the rest of the message.

There are two main kind of SMS systems one is Smart Messaging which is for NOKIA supported and sets (include almost all brand except older version of Sony and Ericsson), and other one is EMS (Enhanced messaging system), both have different type of content and UDH encoding , first with the common between them.

  1. both have same algo to build UDH .
  2. data and udh for both systems are only in hex i.e char having 0-9 or A-F.
  3. both have same Header for split messages i.e. concatenated messages,
    for nokia it goes like for each binary messages there is data and UDH part now Nokia identifies coming binary message as ringtone, pic ,logo etc because of port number present in its header, lets consider full UDH of Nokia

 

06 05 04 1581 1581
06  -  length of whole UDH i.e 6 octet now each octet has two char so 050415811581 counts to 6 octet, got it?, now
05  - it represents as keyword for 16-bit nokia port addressing(according to specs of smart messaging)
04  -  its again count of upcoming octets i.e. 4 ,
1581  -  it is destination port mentioning port number in hex for ringtone, in other words this the thing which identifies upcoming message as ringtone.
1581  -  it is source port , when a ringtone is sent from handset to handset it automatically becomes 1581, but when you send it via GSM modem or SMPP connection it can be assigned to any valid hex string, preferably 0000.

so instead of ringtone if we are sending picture message, or logo or anything else then we just have to change destination port number for different binary messages it is as follows

Ringtone - 1581
CGI /CLI - 1583
Picture Msg- 158A
Operator Logo 1582
vCard 23F4
vCard Secure 23F6
vCalendar 23F5
vCalendar Secure 23F7
eMail Notification 1588
DMCP(obsolete) 1584

now if our message is bigger than preferably 260 chars we need to break it into more than one part ,, that's called concatenation for that you need to append concat header in UDH which goes like

00 03 XX 0N 0n 

it looks confusing but let me explain it ,
00 is offset to mention its new part of UDH


03 is according to specs concat header


XX it can be from 00 to FF , it is called message reference header , its same in UDH of all splited message in order to make receiving body understand that incoming splitted message is part of earlier received message because it has same reference string, get it??


0N represents total count of messages, like after splitting there are 3 parts then it is 03 , so here u can deduce that SMS support maximum 255 splits, becoz 25 if FF and it is largest 2 digit hex number.
0N represents sequence number of upcoming sms part like for first part it will be 01 for next it will be 02 and so on up to 0N,

now there is somthing u should take care of when we append concat header whole UDH becomes of 22 char i.e. 11 octets so UDH begins with 0B instead of 06 so for SMS of 3 splits of ringtone type UDHs will be


0B0504158115810003AF0301
0B0504158115810003AF0302
0B0504158115810003AF0303


this is all about Smart messaging, now EMS is even more simpler,  there is no data part in EMS all is bundled together in UDH its like


XX0CXX00<data hex string>
first XX = length of total data
0C is according to EMS specs octet for melody sound
second XX is length of rest part of data, 00 is offset to show start of data part data part it hex form of iMelody string, now even in EMS concat system is same , as mentioned earlier, so just append 0003XX0N0n before 00 offset of EMS, count the chars and make changes accordingly,

Connect Nokia or Any other Phone to a Computer or a Laptop

Below is some information on how to configure your laptop for use with a GPRS-enabled mobile phone, for Internet access.

On the PC, go to the Networking section of the Control Panel (Start > Settings > Control panel > Network)

  1. Select "Make new connection" (this should start a setup wizard)
  2. Choose "Dial up to Internet"
  3. Choose the "Connect via a Modem" option
  4. Select your mobile from the list of modems displayed
  5. Enter the telephone number to dial as *99# (No area code, and turn off dialing rules)
  6. Select the username and password for your Network Operator (GPRS settings here, first try leaving this blank)
  7. When complete, go to Control panel > networks, and double-click on the icon for your GPRS connection and click dial

NOTE :- If your phone is not listed as a modem install the proper drivers before continuing

Thursday, April 1, 2010

How I Will Hack Your Password

Note: This isn't intended as a guide to hacking *other people's* weak passwords. Instead, the aim is to help you better understand the security of your own passwords and how to bolster that security.

If you invited me to try and crack your password, you know the one that you use over and over for like every web page you visit, how many guesses would it take before I got it?

Let's see… here is my top 10 list. I can obtain most of this information much easier than you think, then I might just be able to get into your e-mail, computer, or online banking. After all, if I get into one I'll probably get into all of them.

  1. Your partner, child, or pet's name, possibly followed by a 0 or 1 (because they're always making you use a number, aren't they?)
  2. The last 4 digits of your social security number.
  3. 123 or 1234 or 123456.
  4. "password"
  5. Your city, or college, football team name.
  6. Date of birth – yours, your partner's or your child's.
  7. "god"
  8. "letmein"
  9. "money"
  10. "love"

Statistically speaking that should probably cover about 20% of you. But don't worry. If I didn't get it yet it will probably only take a few more minutes before I do…

Hackers, and I'm not talking about the ethical kind, have developed a whole range of tools to get at your personal data. And the main impediment standing between your information remaining safe, or leaking out, is the password you choose. (Ironically, the best protection people have is usually the one they take least seriously.)

One of the simplest ways to gain access to your information is through the use of a Brute Force Attack. This is accomplished when a hacker uses a specially written piece of software to attempt to log into a site using your credentials.

So, how would one use this process to actually breach your personal security? Simple. Follow my logic:

  • You probably use the same password for lots of stuff right?
  • Some sites you access such as your Bank or work VPN probably have pretty decent security, so I'm not going to attack them.
  • However, other sites like the Hallmark e-mail greeting cards site, an online forum you frequent, or an e-commerce site you've shopped at might not be as well prepared. So those are the ones I'd work on.
  • So, all we have to do now is unleash attack on their server with instructions to try say 10,000 (or 100,000 – whatever makes you happy) different usernames and passwords as fast as possible.
  • Once we've got several login+password pairings we can then go back and test them on targeted sites.
  • But wait… How do I know which bank you use and what your login ID is for the sites you frequent? All those cookies are simply stored, unencrypted and nicely named, in your Web browser's cache.

And how fast could this be done? Well, that depends on three main things, the length and complexity of your password, the speed of the hacker's computer, and the speed of the hacker's Internet connection.

Assuming the hacker has a reasonably fast connection and PC here is an estimate of the amount of time it would take to generate every possible combination of passwords for a given number of characters. After generating the list it's just a matter of time before the computer runs through all the possibilities – or gets shut down trying.

Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.

500x_password_hacking_times-1

Remember, these are just for an average computer, and these assume you aren't using any word in the dictionary. If Google put their computer to work on it they'd finish about 1,000 times faster.

Now, I could go on for hours and hours more about all sorts of ways to compromise your security and generally make your life miserable – but 95% of those methods begin with compromising your weak password. So, why not just protect yourself from the start and sleep better at night?

Believe me, I understand the need to choose passwords that are memorable. But if you're going to do that how about using something that no one is ever going to guess AND doesn't contain any common word or phrase in it.

Here are some password tips:

  1. Randomly substitute numbers for letters that look similar. The letter ‘o' becomes the number ‘0′, or even better an ‘@' or ‘*'. (i.e. – m0d3ltf0rd… like modelTford)
  2. Randomly throw in capital letters (i.e. – Mod3lTF0rd)
  3. Think of something you were attached to when you were younger, but DON'T CHOOSE A PERSON'S NAME! Every name plus every word in the dictionary will fail under a simple brute force attack.
  4. Maybe a place you loved, or a specific car, an attraction from a vacation, or a favorite restaurant?
  5. You really need to have different username / password combinations for everything. Remember, the technique is to break into anything you access just to figure out your standard password, then compromise everything else. This doesn't work if you don't use the same password everywhere.
  6. Once you've thought of a password, try Microsoft's password strength tester to find out how secure it is.