Lecture: Compromising online accounts by cracking voicemail systems
Voicemail systems can be compromised by leveraging old weaknesses and top of current technology. The impact goes way beyond having your messages exposed.
Voicemail systems have been with us since the 80s. They played a big role in the earlier hacking scene and re-reading those zines, articles and tutorials paints an interesting picture. Not much has changed. Not in the technology nor in some of the attack vectors. Can we leverage the last 30 years innovations to compromise voicemail systems? And what is the real impact today of pwning these?
In this talk I will cover voicemail systems, it's security and how we can use oldskool techniques and new ones on top of current technology to compromise them. I will discuss the impact of gaining unauthorized access to voicemail systems and introduce a new tool that automates the process.
Correction: There is no default PIN on O2 anymore. Initial PINs are generated randomly as it is the case for Vodafone and Telekom.
- Bruteforcing a voicemail PIN with voicemailcracker
- Compromising WhatsApp with voicemailcracker
- Compromising Paypal with voicemailcracker