contact@p1sec.com

(Pen)Testing 5G Core Networks

P1 Security has developed in the two last years a set of tools and libraries to help with testing, and pentesting, 5G Core Networks. A dedicated commercial Signaling Scanner is also available since June 2021 for that purpose: the PTA 5GC product that can be directly used by...
Read More…

All authentication vectors are not made equal

Abstract:In mobile networks, 3G and 4G authentication vectors are completely separate and should not be convertible to each other. P1 Security however discovered that some MNOs distribute over roaming interconnects, for certain subscribers, 3G authentication vectors that can be...
Read More…

Open5GS at P1 Security

In the course of developing new tools for scanning, fuzzing and monitoring 5G signaling interfaces, P1 Security has been more and more using Open5GS internally. This open-source project, mostly developed by its creator Sukchan Lee (also known as acetcom), works really in a clean...
Read More…

New open-source MCC_MNC library

P1 Security is working with mobile operators worldwide, and therefore requires a good knowledge of identifiers used in mobile networks. The P1 Lab has worked carefully to identify all public information related to this topic, and is publishing a new

Read More…

5G SUPI, SUCI and ECIES

The 3GPP has defined a nice subscriber’s identity protection scheme for 5G networks. This is a way for 5G handsets and terminals (or UE, in the 3GPP terminology) to encrypt the subscriber’s identity before sending it over-the-air. In this way, 5G radio sniffers, 5G...

Read More…

P1 Security releases its open-source Python decoder for the 5G NAS protocols

With the introduction of 5G networks, a complete rework of the cellular core network is ongoing, in addition to the introduction of the New Radio stack (abbreviated NR). New network functions are defined, such as AMF for handling the mobility of subscribers, SMF for...

Read More…

Working with TCAP-MAP the efficient way with pycrate

Abstract

In this post, we explain how the TCAP-MAP protocol has been defined and extended in its successive versions, which led to some backward incompatibilities in the message decoding process. This is where pycrate...

Read More…