Today's lecture is on the weaknesses in cell phones. Specifically, gaining access to either voicemail or billing account passwords. For all of these methods you need physical access to the phones.
############
###T-Mobile###
###########
The weaknesses presented by this company are stunning. First off you can type in #PWD# and press send in any of their cell phones and the voicemail password is reset to the last four digits of the phone number. So if my phone number is 333-444-5555 my new voicemail password would be 5555. This can be done in a matter of seconds, giving the attacker full access to the voicemail and everything within it. The second flaw with T-Mobile is their online password recovery to the "My T-Mobile" online account management system. They send the password to the account to the cell phone via sms. Most cell phones today have internet and the lost password link is on the main page for quick access. Both of these tricks can be done in under 2 minutes given decent cell phone coverage and internet speeds on the cell. Other shortcusts include
#MIN# --> voice minutes balance
#BAL# --> account balance
#NUM# --> displays the phone number of the phone
#MSG# --> shows how many txt messages were used
#PWD# --> resets the voicemail pass to the last 4 digits of the phone number
###########
####AT&T###
##########
AT&T is a bit different, they require you to reset the password to get into the account, or rather send you a temp password you enter and change the original and then get in fine. Then you can add phones, change the bill, view call history etc. To get into the voicemail there are a few ways you can do it. If you have gotten into the billing account you can do it there by going to the "myWirelessAccount" select the phone you want to change (or all of em if your real naughty) and click change voicemail PIN on the left column. To do this from the phone you need to dial 611, press 3, 3, then enter the billing zipcode, shouldn't be too hard to figure out. Most people bill to their house so just ask them what zipcode they live in prior to attempting this in a meaningless conversation. Note that social engineering skills help all of this go alot smoother (unless you stole the phone). You'll receive an sms with the new pass and your golden. To do it from inside the voicemail which can be done if the user hasn't set up their voicemail yet by using phone gangster to spoof their number and call their number, thus tricking the phone into letting you into the voicemail. Press 4, 2, 1, and the new pw.
###########
###Cricket###
##########
Cricket is just like At&t in which they send you an sms of a temp password which you use to log in and change the current password. From inside the control panel you can do almost anything you want. As of right now, to my knowledge the only way to reset the voicemail or get into it remotely on a cricket phone is to take the phone to a cricket store or call them and s/e a new pw out of em. Although they use a default password of 9999 on all of their phones.
###########
###Verizon###
##########
Now verizon is a bit trickier. To get into their billing account you need to have their phone number and their email. Both are not hard to get and some pre-planning is recommended but not necessary if your good. As before sms is sent out and temp pass is given to recover the account. To gain access to the voicemail you need to dial 611*, press send, then press 2, and the new pass is the last 4 digits of the phone number. Allowing access to all of the goodies and whatnots inside.
Here's some verizon codez that you may find of use if you have them.
#832 - test call
#PMT (768) - make a payment
#BAL (225) - check current balance and last payment
#MIN (646) - check minute usage
#DATA (3282) - check txt and pic message usage
*611 - customer service
*511 - gives weather and traffic in some areas
*228 - update your Perfered Roamers List or update the software on your Phone (CDMA phones only)
*228 80 - force update, ignore fails
*228 99 - force seconday tower update
*228 00 - original tower update
###########
Well that about wraps it up, expect more in the future as i dive a little deeper into how easy it is to gain access to someones private cell phone information. Hope you found it useful and/or enjoyed it.
~Tully
