WIBattack & Simjacker

So, this is my first post/question here in the forum. To introduce myself, here is my background: I work with IT, but pentesting, finding and exploiting vulnerabilities is more like a hobby for me. In fact, my biggest achievement in this area was to find out the password of my neighbor’s wifi using aircrack :sweat_smile:. But sometimes I try things more complicated (at least for me). This time, I was searching about a couple of vulnerabilities in SIM cards named WIBattack and Simjacker. Basically the way how this works it’s that the attacker sends a sms payload to the target containing commands that are runned by Java applets browsers embeded in the SIM card which allows the attacker to get the SIM location, start a call, send a sms, launch internet browser with an URL, etc. I googled it for a while (lot), but as usual for me in this more complicated things, I got stucked and couldn’t find nothing more than the definition of the vulnerability and a superficial description of how it works.
So my humble question is, does anybody have more experience with these vulnerabilities that could share with me so I could advance some more this time?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.