"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code
We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.
If you're serious about implementing protocols correctly, you need the Codenomicon tools."
-- Jeremy Allison,
Co Creator of Samba
Codenomicon Whitepaper
SMS Fuzzing
Miia Vuontisjärvi and Tero Rontti
info@codenomicon.com
Codenomicon Ltd.
Abstract
Short message service (SMS) is a communication service that allows sending text messages from one mobile phone to another or between mobile phones and other short message entities such as mobile banking, e-mail gateway or notification applications. Mobile originated messages are transported from a mobile phone to a Short Message Service Center (SMSC). They may be destined for other mobile users, or for subscriberson a fixed network. Mobile terminated messages are transported from a SMSC to a mobile. These messages can be input to SMSC by other mobile users (via a mobile originated short message) or by a variety of other sources, e.g. speech, telex, or facsimile. Since it's deployment in 1993, SMS has become widely used, with more than 6.1 trillion text messages sent and received in 2010.
Lately, there have been discussions about SMS security and the possibility of exploits. The fact is, SMS makes and ideal attack vector. The SMS feature is always on: practically every cell phone supports SMS, and it cannot be turned off. When mobile is connected tothe network, it can send and receive text messages. Also, SMS is used for variety of services, such as vcard, which adds to the complexity of the service. Complex services aremore likely to contain exploitable vulnerabilities. These two traits combined with the number of users surely give a reason for concern and should motivate security testing of SMS.
Fuzzing is a robustness testing method that helps finding vulnerabilities proactively, before they are exploited or cause robustness problems. It can be used for finding SMS vulnerabilities both from mobile phones and network elements.
