用户工具

站点工具


0day:澳大利亚电信集团

澳大利亚电信集团Telstra不定期向美国mFormation公司上传数据以获得用户体验改善建议。
MFORMATION公司位于12.144.49.X的服务器遭到黑客入侵,服务器中大量澳大利亚电信隐私数据遭到下载,至今仍未修复。

数据样本1:

monthly_20110510185022_20120509190000.dat

10,89610177098413000096,61419547344,20110708093347,0,Get SIM Vital Signs,mfbackend,TELSTRAS,Apple,iPhone4,505013446197363,NO_RESPONSE,3233,16177961,,,801,1,140,,,
10,89610176939514000096,61447431126,20110708093348,0,Get SIM Vital Signs,mfbackend,TELSTRAS,Apple,iPhone4,,NO_RESPONSE,3233,16177962,,,801,1,140,,,
10,359773030078454,61439049449,20110708093358,0,Set MMS Settings (OTA),retail_prepaid / retail_prepaid,TELSTRAS.RETAILER.PREPAID,ZTE,T870,505010082831441,DELIVERED,10002,16177963,,125,801,4,560,,A75D930425523C51E0440021281AD1D6,
10,356275049424771,61438807881,20110708093405,0,Set WAP Settings (OTA),retail_postpaid / retail_postpaid,TELSTRAS.RETAILER.POSTPAID,Nokia,2720fold,505010374070116,DELIVERED,10001,16177964,,122,801,4,560,,A774270DCC023C87E0440021281AD1D6,
10,012750005510835,61407581237,20110708093504,0,Send Message,retail_postpaid,TELSTRAS.RETAILER.POSTPAID,Apple,iPhone4,505013438562521,DELIVERED,100055,16177969,,,801,3,420,,A7608F61B2C23B1FE0440021281AD1D6,

数据对应:

1:数据识别码
2:用户识别号(唯一)
3:手机号/固话号(国家代码已打码)
4:事件发生时间戳
5:未知(全为0)
6:执行动作
7:用户类型(账单用)
8:运营商
9:手机制造商
10:手机型号
11:对方用户识别号(唯一)
12:执行状态
13/14:tac码和疑似频段
15~20:未知
21:识别通道

数据样本2,可将HEX转为ASCII

短信样本 - 正文已删除

7|SMS|2011-03-24 00:00:43 ping?
7|SMS|2011-03-24 00:00:43 pdu read: 000000108000001500000000000267f6
7|SMS|2011-03-24 00:00:43   command_id=enquire_link_resp
7|SMS|2011-03-24 00:00:43   command_status=OK
7|SMS|2011-03-24 00:00:43   sequence_number=157686
7|SMS|2011-03-24 00:00:43 pong!
7|SMS|2011-03-24 00:00:44 pdu read: 000000cc00000005000000000004a0630001013631343538393138333935000201313235313330000400000000000000009a69643a2f636538396564383336393036353063613030303030303030313231343661373530316534303530312f31323631343538393138333935207375623a30303120646c7672643a303031207375626d697420646174653a3131303332333232353420646f6e6520646174653a3131303332333233303020737461743a44454c49565244206572723a30303020746578743a4e6f2054657874
7|SMS|2011-03-24 00:00:44   command_id=deliver_sm
7|SMS|2011-03-24 00:00:44   command_status=OK
7|SMS|2011-03-24 00:00:44   sequence_number=303203
7|SMS|2011-03-24 00:00:44     service_type=
7|SMS|2011-03-24 00:00:44     source_ton=1
7|SMS|2011-03-24 00:00:44     source_npi=1
7|SMS|2011-03-24 00:00:44     source_addr=61458918395
7|SMS|2011-03-24 00:00:44     destination_ton=2
7|SMS|2011-03-24 00:00:44     destination_npi=1
7|SMS|2011-03-24 00:00:44     destination_addr=125130
7|SMS|2011-03-24 00:00:44     esm_class=4
7|SMS|2011-03-24 00:00:44     protocol_id=0
7|SMS|2011-03-24 00:00:44     priority_flag=0
7|SMS|2011-03-24 00:00:44     registered_delivery=0
7|SMS|2011-03-24 00:00:44     replace_if_present=0
7|SMS|2011-03-24 00:00:44     data_coding=0
7|SMS|2011-03-24 00:00:44     default_msg_id=0
7|SMS|2011-03-24 00:00:44     sm_length=154
7|SMS|2011-03-24 00:00:44     short_message(ascii)=id:/ce89ed83690650ca0000000012146a7501e40501/1261458918395 sub:001 dlvrd:001 submit date:1103232254 done date:1103232300 stat:DELIVRD err:000 text:No Text
7|SMS|2011-03-24 00:00:44 SMSCGroup: messageStatus ok
7|SMS|2011-03-24 00:00:44 EnqHelper: updateStatus(): 2/null//ce89ed83690650ca0000000012146a7501e40501/1261458918395/DELIVRD/smsc-01/null/0/0
7|SMS|2011-03-24 00:00:44|EnqHelper: updateStatus() ok

彩信样本节选

彩信数据包3/4-4/4

7|SMS|2011-03-24 08:15:57 submitMessage response true
7|SMS|2011-03-24 08:15:57|submitted: 3/4
7|SMS|2011-03-24 08:15:57|about to submit message!
7|SMS|2011-03-24 08:15:57|submitting
7|SMS|2011-03-24 08:15:57|     source_ton: 1
7|SMS|2011-03-24 08:15:57|     source_npi: 1
7|SMS|2011-03-24 08:15:57|     source_addr: 125130 
7|SMS|2011-03-24 08:15:57|     destination_ton: 1
7|SMS|2011-03-24 08:15:57|     destination_npi: 1
7|SMS|2011-03-24 08:15:57|     destination_addr: 61408854281 
7|SMS|2011-03-24 08:15:57|     esm_class: 64
7|SMS|2011-03-24 08:15:57|     protocol_id: 0
7|SMS|2011-03-24 08:15:57|     priority_flag: 0
7|SMS|2011-03-24 08:15:57|     validity_period: 000000003000000R
7|SMS|2011-03-24 08:15:57|     registered_delivery: 1
7|SMS|2011-03-24 08:15:57|     replace_if_present: 0
7|SMS|2011-03-24 08:15:57|EnqHelper: updateStatus() ok
7|SMS|2011-03-24 08:15:57|     data_coding: 245
7|SMS|2011-03-24 08:15:57|     default_msg_id: 0
7|SMS|2011-03-24 08:15:57|     sm_length: 46
7|SMS|2011-03-24 08:15:57| window size reached: 1
7|SMS|2011-03-24 08:15:57| pdu read: 000000488000000400000000000eccdb2f646138613633306436353466636634333030303030303030303233623533323430303761303130312f3132363134303838353432383100
7|SMS|2011-03-24 08:15:57|   command_id=submit_sm_resp
7|SMS|2011-03-24 08:15:57|   command_status=OK
7|SMS|2011-03-24 08:15:57|   sequence_number=969947
7|SMS|2011-03-24 08:15:57|   SUBMIT MESSAGE ID = /da8a630d654fcf4300000000023b5324007a0101/1261408854281
6|SMS|2011-03-24 08:15:57| sms sent, request id 15207466, sequence 1510278, msgId /da8a630d654fcf4300000000023b5324007a0101/1261408854281
6|SMS|2011-03-24 08:15:57|-- waiting for 1 parts to finish
7|SMS|2011-03-24 08:15:57|EnqHelper: updateStatus(): 1/15207466//da8a630d654fcf4300000000023b5324007a0101/1261408854281/SENT/smsc-01/null/120/246
7|SMS|2011-03-24 08:15:57| submitResponse ok
7|SMS|2011-03-24 08:15:57| SMSCGroup: submitResponse ok
7|SMS|2011-03-24 08:15:57| window size now: 0
7|SMS|2011-03-24 08:15:57| submitSm(969948/1510279): 000000700000000400000000000ECCDC0001013132353133300001013631343038383534323831004000000030303030303030303330303030303052000100F5002E0B05040B84000000032A04040603687474703A2F2F6D6D73632E000000000000012E636F6D3A3830303200010101
7|SMS|2011-03-24 08:15:57| submitMessage response true
7|SMS|2011-03-24 08:15:57|submitted: 4/4
6|SMS|2011-03-24 08:15:57|==> message sent, job 0, request id 15207466
7|SMS|2011-03-24 08:15:57|waiting for submissions to finish
7|SMS|2011-03-24 08:15:57|EnqHelper: updateStatus() ok
你需要登录发表评论。
0day/澳大利亚电信集团 · 最后更改: 2017/08/20 12:25

页面工具