Phone Cloning

I’ve had a couple calls in the last few weeks where Officers in the field had been investigating a case where a call was received and the number shown in the Caller ID was for a cellphone. Contacting the owner of the cellphone showed that they had no knowledge of the phone call and indeed the call records from the provider showed no calls.

Immediately people start saying the phone was cloned. Now, while cloning a phone is possible it involves physical access to the phoen to re-program the EEPROM and network sniffing. I like to apply the principle of Occam’s Razor to situations-”All things being equal, the simplest solution tends to be the best one.”

This was indeed the case on a call I recently received. I believe the below link is how the suspect called what he thought was an underage female using someone else’s number.

http://www.spooftel.com/

We’ll be following up on the suspect’s computer to see if the web history shows details.

There are other sites that do the same thing out there. I’d thought I’d share this with everyone.

Mike

Understanding SMS-Practitioner’s Basics

Hello Everyone-

I wanted to share a little whitepaper I wrote on the subject of SMS

Understanding SMS 

I hope its of use to practitioners in the community.

Mike

Cell Phone Spying

The proliferation of monitoring sites means one more new challenge for investigators. Check out this story in The Register

http://www.theregister.co.uk/2007/06/26/cell_hack_geek_spook_stalk/

Nokia Still Very Dominant In Emerging Markets

This article gives support to the notion that as examiners we need to be working on getting information from the budget Nokia handset.

http://news.com.com/Nokia+poised+to+get+next+billion+mobile+users/2100-1041_3-6192871.html?tag=html.alert.hed 

AT Command Set Site

Here is a handy site for AT Commands and mobile phones. It has nice links to manufacturer specific documents

AT COMMANDS

Since every mobile phone has a modem these commands can be used (and in fact are by traditional mobile forensic tools) to get information from handsets.

Warrants Required On Cell Phone Searches

Here’s an interesting ruling on searches incident to arrest and cell phones.

 http://news.com.com/Police+Blotter+Cops+need+warrant+to+search+cell+phone/2100-1047_3-6187389.html?tag=html.alert.hed

New Phone Info Site

I found a new wiki site for phone information. Has links to specific models etc

http://www.phonenews.com/phones/index.php/Main_Page

I hope this is of benefit to the forensic community.

Mike

Bypassing iDEN Unlock Codes

If you have ever run across an iDEN phone that has an Unlock Code barring your access to the handset? I have, and its none too pleasant. In fact, I found the below just today when looking for some default codes. I hope its of some use to the forensic community.

To attempt to bypass the Unlock Code, press the menu key. This will bring up a prompt for the Security Code. the default for the iDEN phones is six zeros (000000).  Bear in mind however that if someone has gone through the trouble of setting an Unlock Code, they probably have set a new Security Code as well.

Here’s a number to 24/7 Government and Corporate help with SPRINT that may come in handy to help unlock these phones

1-800-390-7545
24/7 Customer Care

Lastly, here’s a way to check the IMEI(International Mobile Equipment Identifier) of the handset. On the keypad press

# * MENU, RIGHT ARROW

Mike

Driver Site

Found this looking for Sanyo SCP 5400 Drivers

Click Here

Pandora’s Box Released

I’m proud to announce the release of Pandora’s Box. Its a versatile tool for decoding hex dumps obtained from phone memory.

Some of its features include

• Loading PM files for analysis
• Decoding Time Stamps
• Loading PM Absolutes
• PDU Decoding 

It’s available here http://www.mobile-examiner.com/vb/showthread.php?p=50#post50