Into the wild: Gaining access to SS7 - Part 1: Finding an access point

on a better note at least ss7 attack is actually possible :sweat_smile: :sweat_smile:
in my ongoing research i have found a lot of same information interpreted in different ways, but meaning basc. the same thing…
you need access to the network.

ss7 Access -
*Already work in Telcom
*Know or have a Contact in Telcom
*Hack equi. thats con to ss7 netw. “listed above”
*or Buy access from a teclom source “best/easiest/ only option in my opinion” refer here

This above post gives me some extremely great start points w/ out slapping it in your face lol.
and you need a GT to get any info back to you so buying access is really the only route.


So what about part 2?
Is this article still relevant and we should try that direction?

You bought from them and they blocked you?I think they are fake, because only one mobile phone number to get SMS should directly invade the operator’s server and the server coverage is very large. There is also a loophole in how much it takes to invade Instagram. But their video looks real?

TBH anybody selling something on telegram is probably a scam.


Can’t agree more …

100% scam. i managed to get the link of two of the pages from their video with slowmo lol. it’s crappp


boss please tools1,2,3not found and 4 blue screen

yeah , i too droped my reserches about ss7 , and im working more on malwares now, its easier , i use android malwares with telegram cnc servers ,its a varient of the herorat

Yes… breathing life into a corpse… but a very interesting one… at least it’s quite clear that there is a lot of interest in this topic, but a lot of optimism about being able to do it.
Those with actual competence and who have interest in this area, are welcome to talk to me.

1 Like

when you have working code to send type0 pdu, one of the next questions is to incorporate some AT commands, to request some data back.

1 Like

What does “GT” stand for?

GT stand for Global title , btw most of telco has ss7 firewall now .

Anyone know when part 2 of the article on ss7 exploiting coming out?


in json
raw grab
seperated by country
each array is as follows :
‘ispc’ =ISPC
‘dec’ = DEC
‘usp’ = Unique name of the signalling point
‘nsp’ = Name of the signalling point operator

some usp’s are empty so replaced with # tag
have fun with it
not sure if a normalized sqlite file would be smaller


And if evil twin is used with a usrp in 2/3/4 g, to capture sms, then reset accounts, mail, whats…, telge… obtaining technical documents, configurations, manuals…, accounts of the employees of a telephone company, it would be necessary to be close, it may be possible to obtain information, where or how to access.
PS: Now the operators are using AI in the firewalls

1 Like