├── .gitignore ├── LICENSE ├── README.md ├── __init__.py ├── gtpmain.py ├── requirements.txt ├── sigploit.py └── ss7main.py /.gitignore: -------------------------------------------------------------------------------- 1 | *.pyc 2 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Loay Abdelrazek 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # List of Contributors 2 | - Rosalia D'Alessandro, Telecom Italia 3 | 4 | # SigPloit 5 | SigPloit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile operators regardless of the geneartion being in use. 6 | SigPloit aims to cover all used protocols used in the operators interconnects SS7, GTP (3G), Diameter (4G) or even SIP for IMS and VoLTE infrastructures used in the access layer and SS7 message encapsulation into SIP-T. 7 | Recommendations for each vulnerability will be provided to guide the tester and the operator the steps that should be done to enhance their security posture 8 | 9 | SigPloit is developed on several versions 10 | 11 | Note: In order to test SS7 attacks, you need to have an SS7 access or you can test in the virtual lab with the provided server sides of the attacks, the used values are provided. 12 | 13 | Version 1: SS7 14 | ------------- 15 | SigPloit will initially start with SS7 vulnerabilities providing the messages used to test the below attacking scenarios 16 | A- Location Tracking 17 | B- Call and SMS Interception 18 | C- Fraud 19 | 20 | Version 2: GTP 21 | ------------ 22 | This Version will focus on the data roaming attacks that occur on the IPX/GRX interconnects. 23 | 24 | Version 3: Diameter 25 | ----------------- 26 | This Version will focus on the attacks occurring on the LTE roaming interconnects using Diameter as the signaling protocol. 27 | 28 | Version 4: SIP 29 | ------------ 30 | This is Version will be concerned with SIP as the signaling protocol used in the access layer for voice over LTE(VoLTE) and IMS infrastructure. 31 | Also, SIP will be used to encapsulate SS7 messages (ISUP) to be relayed over VoIP providers to SS7 networks taking advantage of SIP-T protocol, a protocol extension for SIP to provide intercompatability between VoIP and SS7 networks 32 | 33 | Version 5: Reporting 34 | ------------------ 35 | This last Version will introduce the reporting feature. A comprehensive report with the tests done along with the recommendations provided for each vulnerability that has been exploited. 36 | 37 | BETA Version of SigPloit will have the Location Tracking attacks of the SS7 phase 1 38 | 39 | ## Installation and requirements 40 | The requirements for this project are: 41 | 42 | 1) Python 2.7 43 | 2) Java version 1.7 + 44 | 3) Linux machine (Windows doesnt support SCTP) 45 | 46 | To run use 47 | 48 | cd SigPloit 49 | 50 | python sigploit.py 51 | -------------------------------------------------------------------------------- /__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /gtpmain.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | ''' 3 | GTP Main 4 | 5 | Created on 18 June 2018 6 | 7 | @author: loay 8 | ''' 9 | import os 10 | import time 11 | import sys 12 | import gtp.info 13 | import sigploit 14 | 15 | 16 | from gtp.gtp_v2_core.utilities.configuration_parser import parseConfigs 17 | 18 | config_file= '' 19 | remote_net ='' 20 | listening = True 21 | verbosity = 2 22 | 23 | def gtpinfo(): 24 | os.system('clear') 25 | print " \033[31mInformation Gathering\033[0m ".center(105, "#") 26 | print " \033[34mSelect an Attack from the below\033[0m ".center(105, "#") 27 | print 28 | print " Attacks".rjust(10) + "\t\t\t\tDescription" 29 | print " -------- ------------" 30 | print "0) GTP Nodes Discovery".rjust(25) + "\t\tNE Discovery, using: EchoRequest,CreateSession,DeleteSession or DeleteBearer Messages" 31 | #print "1) TEID Allocation Discovery".rjust(31) + "\t\tTEID Discovery, using: CreateSession,ModifyBearer or CreateBearer Messages" 32 | #print "2) TEID Sequence Predictability".rjust(34) 33 | 34 | print 35 | print "or type back to go back to Attacks Menu".rjust(42) 36 | 37 | choice = raw_input("\033[37m(\033[0m\033[2;31minfo\033[0m\033[37m)>\033[0m ") 38 | 39 | if choice == "0": 40 | gtp.info.nediscover() 41 | 42 | else: 43 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0)' 44 | time.sleep(1.5) 45 | gtpinfo() 46 | 47 | 48 | 49 | def gtpattacksv2(): 50 | os.system('clear') 51 | 52 | print " \033[34mChoose From the Below Attack Categories\033[0m ".center(105, "#") 53 | print 54 | print "0) Information Gathering".rjust(27) 55 | print 56 | print "or type back to return to the main menu".rjust(42) 57 | print 58 | 59 | choice = raw_input( 60 | "\033[37m(\033[0m\033[2;31mattacks\033[0m\033[37m)>\033[0m ") 61 | 62 | if choice == "0": 63 | gtpinfo() 64 | 65 | else: 66 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0)' 67 | time.sleep(1.5) 68 | gtpattacksv2() 69 | 70 | def showOptions(config_file='', remote_net='', listening=True, verbosity=2): 71 | 72 | print('\n Option \t\t\t\t\tValue') 73 | print(' -------- ----------------------------------') 74 | print(' \033[34mconfig\033[0m {:<15s} \t\t\t\033[31m%s\033[0m'.format('path to configuration file')) %config_file 75 | print(' \033[34mtarget\033[0m {:<15s} \t\033[31m%s\033[0m'.format('example: 10.10.10.1/32 or 10.10.10.0/24')) %remote_net 76 | print(' \033[34mlistening\033[0m {:<15s} \t\033[31m%s\033[0m'.format('accepting replies from target, default: True')) %listening 77 | print(' \033[34mverbosity\033[0m {:<15s} \t\t\t\033[31m%d\033[0m\n '.format('versbosity level, default: 2')) %verbosity 78 | 79 | 80 | def helpmenu(): 81 | 82 | print('\n Command Description') 83 | print(' ---------------------------------------------------------------------') 84 | print(' \033[34mshow options\033[0m display required options to run attack') 85 | print(' \033[34mset\033[0m set a value for an option') 86 | print(" \033[34mrun\033[0m run the exploit") 87 | print(" \033[34mhelp\033[0m display this menu") 88 | print(" \033[34mexit\033[0m exit SigPloit\n") 89 | 90 | 91 | def prep(): 92 | print 93 | print " Module".rjust(10) + "\t\tDescription" 94 | print " -------- ------------" 95 | print "0) GTPv1".rjust(8) + "\t\t3G Data attacks" 96 | print "1) GTPv2".rjust(8) + "\t\t4G Data attacks" 97 | print 98 | print "or type back to go back to Main Menu".rjust(39) 99 | 100 | choice = raw_input("\033[34mgtp\033[0m\033[37m>\033[0m ") 101 | 102 | if choice == "0": 103 | print "\n\033[34m[*]\033[0mGTPv1 will be updated in version 2.1 release.." 104 | print "\033[34m[*]\033[0mGoing back to GTP Menu" 105 | time.sleep(2) 106 | os.system('clear') 107 | prep() 108 | 109 | elif choice == "1": 110 | gtpattacksv2() 111 | 112 | elif choice == "back": 113 | sigploit.mainMenu() 114 | 115 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | colorama==0.3.9 2 | pyfiglet==0.7.5 3 | termcolor==1.1.0 4 | -------------------------------------------------------------------------------- /sigploit.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | ''' 3 | SigPloit Main 4 | 5 | Created on 1 Feb 2018 6 | 7 | @author: loay 8 | 9 | @license: MIT license 10 | ''' 11 | 12 | import sys 13 | import os 14 | import signal 15 | import time 16 | from ss7.tracking import * 17 | from ss7.interception import * 18 | from ss7.fraud import * 19 | from ss7.dos import * 20 | from ss7main import * 21 | from gtpmain import * 22 | from colorama import init 23 | from termcolor import cprint 24 | from pyfiglet import figlet_format 25 | 26 | 27 | def banner(word): 28 | letterforms = '''\ 29 | | | | | | | | | 30 | XXX | XXX | XXX | X | | XXX | XXX |!| 31 | X X | X X | X X | | | | |"| 32 | X X | X X |XXXXXXX| X X |XXXXXXX| X X | X X |#| 33 | XXXXX |X X X|X X | XXXXX | X X|X X X| XXXXX |$| 34 | XXX X|X X X |XXX X | X | X XXX| X X X|X XXX|%| 35 | XX | X X | XX | XXX |X X X|X X | XXX X|&| 36 | XXX | XXX | X | X | | | |'| 37 | XX | X | X | X | X | X | XX |(| 38 | XX | X | X | X | X | X | XX |)| 39 | | X X | X X |XXXXXXX| X X | X X | |*| 40 | | X | X | XXXXX | X | X | |+| 41 | | | | XXX | XXX | X | X |,| 42 | | | | XXXXX | | | |-| 43 | | | | | XXX | XXX | XXX |.| 44 | X| X | X | X | X | X |X |/| 45 | XXX | X X |X X|X X|X X| X X | XXX |0| 46 | X | XX | X X | X | X | X | XXXXX |1| 47 | XXXXX |X X| X| XXXXX |X |X |XXXXXXX|2| 48 | XXXXX |X X| X| XXXXX | X|X X| XXXXX |3| 49 | X |X X |X X |X X |XXXXXXX| X | X |4| 50 | XXXXXXX|X |X |XXXXXX | X|X X| XXXXX |5| 51 | XXXXX |X X|X |XXXXXX |X X|X X| XXXXX |6| 52 | XXXXXX |X X | X | X | X | X | X |7| 53 | XXXXX |X X|X X| XXXXX |X X|X X| XXXXX |8| 54 | XXXXX |X X|X X| XXXXXX| X|X X| XXXXX |9| 55 | X | XXX | X | | X | XXX | X |:| 56 | XXX | XXX | | XXX | XXX | X | X |;| 57 | X | X | X | X | X | X | X |<| 58 | | |XXXXXXX| |XXXXXXX| | |=| 59 | X | X | X | X | X | X | X |>| 60 | XXXXX |X X| X| XXX | X | | X |?| 61 | XXXXX |X X|X XXX X|X XXX X|X XXXX |X | XXXXX |@| 62 | X | X X | X X |X X|XXXXXXX|X X|X X|A| 63 | XXXXXX |X X|X X|XXXXXX |X X|X X|XXXXXX |B| 64 | XXXXX |X X|X |X |X |X X| XXXXX |C| 65 | XXXXXX |X X|X X|X X|X X|X X|XXXXXX |D| 66 | XXXXXXX|X |X |XXXXX |X |X |XXXXXXX|E| 67 | XXXXXXX|X |X |XXXXX |X |X |X |F| 68 | 21.45 |6 8|7 |2 lat|x1 x5|9 4| 31.74 |G| 69 | X X|X X|X X|XXXXXXX|X X|X X|X X|H| 70 | XXX | X | X | X | X | X | XXX |I| 71 | X| X| X| X|X X|X X| XXXXX |J| 72 | X X |X X |X X |XXX |X X |X X |X X |K| 73 | X |X |X |X |X |X |XXXXXXX|L| 74 | X X|XX XX|X X X X|X X X|X X|X X|X X|M| 75 | X X|XX X|X X X|X X X|X X X|X XX|X X|N| 76 | XXXXXXX|X X|X X|X X|X X|X X|XXXXXXX|O| 77 | XXXXXX |X X|X X|XXXXXX |X |X |X |P| 78 | XXXXX |X X|X X|X X|X X X|X X | XXXX X|Q| 79 | XXXXXX |X X|X X|XXXXXX |X X |X X |X X|R| 80 | _IMSI |0x1 GT|PC | _IMEI | CI|Kc 421| _HLR_ |S| 81 | XXXXXXX| X | X | X | X | X | X |T| 82 | X X|X X|X X|X X|X X|X X| XXXXX |U| 83 | X X|X X|X X|X X| X X | X X | X |V| 84 | X X|X X X|X X X|X X X|X X X|X X X| XX XX |W| 85 | X X| X X | X X | X | X X | X X |X X|X| 86 | X X| X X | X X | X | X | X | X |Y| 87 | XXXXXXX| X | X | X | X | X |XXXXXXX|Z| 88 | XXXXX | X | X | X | X | X | XXXXX |[| 89 | X | X | X | X | X | X | X|\| 90 | XXXXX | X | X | X | X | X | XXXXX |]| 91 | X | X X | X X | | | | |^| 92 | | | | | | |XXXXXXX|_| 93 | | XXX | XXX | X | X | | |`| 94 | | XX | X X | X X| XXXXXX| X X| X X|a| 95 | | XXXXX | X X| XXXXX | X X| X X| XXXXX |b| 96 | | XXXX | X X| X | X | X X| XXXX |c| 97 | | XXXXX | X X| X X| X X| X X| XXXXX |d| 98 | | XXXXXX| X | XXXXX | X | X | XXXXXX|e| 99 | | XXXXXX| X | XXXXX | X | X | X |f| 100 | | XXXX | X X| X | X gtp| X X| XXXX |g| 101 | | X X| X X| XXXXXX| X X| X X| X X|h| 102 | | E | n | C | r | P | T |i| 103 | | X| X| X| X| X X| XXXX |j| 104 | | X X| X X | XXXX | X X | X X | X X|k| 105 | | GT | PC | x7 | x6 | x8 | Fraud |l| 106 | | X X| XX XX| X XX X| X X| X X| X X|m| 107 | | X X| XX X| X X X| X X X| X XX| X X|n| 108 | | SGSN | X X| X X| X X| X X| gGsN |o| 109 | | Track | 6 8| s i|credit | Kc | G |p| 110 | | XXXX | X X| X X| X X X| X X | XXX X|q| 111 | | XXXXX | X X| X X| XXXXX | X X | X X|r| 112 | | XXXX | X | XXXX | X| X X| XXXX |s| 113 | |--USIM-- | x0 | x2 | x3 | x8 | x6 |t| 114 | | X X| X X| X X| X X| X X| XXXX |u| 115 | | X X| X X| X X| X X| X X | XX |v| 116 | | X X| X X| X X| X XX X| XX XX| X X|w| 117 | | X X| X X | XX | XX | X X | X X|x| 118 | | X X| X X | X | X | X | X |y| 119 | | XXXXXX| X | X | X | X | XXXXXX|z| 120 | XXX | X | X |XX | X | X | XXX |{| 121 | X | X | X | | X | X | X ||| 122 | XXX | X | X | XX| X | X | XXX |}| 123 | XX |X X X| XX | | | | |~| 124 | '''.splitlines() 125 | 126 | table = {} 127 | for form in letterforms: 128 | if '|' in form: 129 | table[form[-2]] = form[:-3].split('|') 130 | 131 | ROWS = len(table.values()[0]) 132 | 133 | for row in range(ROWS): 134 | for c in word: 135 | print table[c][row], 136 | print 137 | print 138 | 139 | 140 | 141 | def mainMenu(): 142 | os.system('clear') 143 | 144 | banner('SigPloit') 145 | print "\033[33m[-][-]\033[0m\t\tSignaling Exploitation Framework\t\033[33m [-][-]\033[0m" 146 | print "\033[33m[-][-]\033[0m\t\t\tVersion:\033[31mBETA 1.1\033[0m\t\t\033[33m [-][-]\033[0m" 147 | print "\033[33m[-][-]\033[0m\t\tAuthor:\033[32mLoay AbdelRazek(@sigploit)\033[0m\t\033[33m [-][-]\033[0m\n" 148 | print 149 | print "Contributors:" 150 | 151 | print "\t\033[31mRosalia D'Alessandro - TelecomItalia\033[0m" 152 | print 153 | print 154 | print 155 | print 156 | print 157 | print " Module".rjust(10) + "\t\t\tDescription" 158 | print " -------- --------------------" 159 | print "0) SS7".rjust(8) + "\t\t2G/3G Voice and SMS attacks" 160 | print "1) GTP".rjust(8) + "\t\t3G/4G Data attacks" 161 | print "2) Diameter".rjust(13) + "\t\t4G Data attacks" 162 | print "3) SIP".rjust(8) + "\t\t4G IMS attacks" 163 | 164 | print 165 | print "or quit to exit SigPloit\n".rjust(28) 166 | 167 | choice = raw_input("\033[34msig\033[0m\033[37m>\033[0m ") 168 | 169 | if choice == "0": 170 | os.system('clear') 171 | ss7main.attacksMenu() 172 | 173 | elif choice == "1": 174 | os.system('clear') 175 | prep() 176 | elif choice == "2": 177 | print "\n\033[34m[*]\033[0mDiameter will be updated in version 3 release.." 178 | print "\033[34m[*]\033[0mGoing back to Main Menu" 179 | time.sleep(2) 180 | mainMenu() 181 | elif choice == "3": 182 | print "\n\033[34m[*]\033[0mSIP will be updated in version 4 release.." 183 | print "\033[34m[*]\033[0mGoing back to Main Menu" 184 | time.sleep(2) 185 | mainMenu() 186 | elif choice == "quit" or choice == "exit": 187 | print '\nYou are now exiting SigPloit...' 188 | time.sleep(1) 189 | sys.exit(0) 190 | else: 191 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0 - 3)' 192 | time.sleep(2) 193 | mainMenu() 194 | 195 | 196 | def signal_handler(signal, frame): 197 | print 198 | print '\nYou are now exiting SigPloit...' 199 | time.sleep(1) 200 | sys.exit(0) 201 | 202 | 203 | signal.signal(signal.SIGINT, signal_handler) 204 | 205 | if __name__ == '__main__': 206 | mainMenu() 207 | 208 | if __name__ == '__sigploit__': 209 | ss7tracking() 210 | ss7interception() 211 | ss7fraud() 212 | ss7dos() 213 | attacksMenu() 214 | prep() 215 | gtpattacksv2() 216 | gtpinfo() 217 | mainMenu() 218 | -------------------------------------------------------------------------------- /ss7main.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # encoding: utf-8 3 | ''' 4 | SS7 main 5 | 6 | @author: Loay Abdelrazek 7 | 8 | @copyright: 2018. All rights reserved. 9 | 10 | @license: MIT license 11 | ''' 12 | 13 | import os 14 | import time 15 | import ss7.tracking 16 | import ss7.fraud 17 | import ss7.interception 18 | import ss7.dos 19 | import sigploit 20 | 21 | 22 | def ss7tracking(): 23 | os.system('clear') 24 | 25 | print " \033[31mLocation Tracking\033[0m ".center(105, "#") 26 | print " \033[34mSelect a Message from the below\033[0m ".center(105, "#") 27 | print 28 | print " Message".rjust(10) + "\t\t\tDescription" 29 | print " -------- ------------" 30 | print "0) SendRoutingInfo".rjust(21) + "\t\tLocation Tracking, used to route calls could be blocked" 31 | print "1) ProvideSubsriberInfo".rjust(26) + "\tReliable Location Tracking" 32 | print "2) SendRoutingInfoForSM".rjust(26) + "\tReliable Location Tracking, if SMS home routing is not applied,should be run twice to check consistent replies" 33 | print "3) AnyTimeInterrogation".rjust(26) + "\tLocation Tracking, blocked by most of operators" 34 | print "4) SendRoutingInfoForGPRS".rjust(28) + "\tLocation tracking, used to route data, it will retrieve SGSN GT" 35 | 36 | print 37 | print "or type back to go back to Attacks Menu".rjust(42) 38 | 39 | choice = raw_input( 40 | "\033[37m(\033[0m\033[2;31mtracking\033[0m\033[37m)>\033[0m ") 41 | 42 | if choice == "0": 43 | ss7.tracking.sri() 44 | elif choice == "1": 45 | ss7.tracking.psi() 46 | elif choice == "2": 47 | ss7.tracking.srism() 48 | elif choice == "3": 49 | ss7.tracking.ati() 50 | elif choice == "4": 51 | ss7.tracking.srigprs() 52 | elif choice == "back": 53 | attacksMenu() 54 | else: 55 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0 - 4)' 56 | time.sleep(1.5) 57 | ss7tracking() 58 | 59 | 60 | def ss7interception(): 61 | os.system('clear') 62 | 63 | print " \033[31mInterception\033[0m ".center(105, "#") 64 | print " \033[34mSelect a Message from the below\033[0m ".center(105, "#") 65 | print 66 | print " Message".rjust(10) + "\t\t\t\tDescription" 67 | print " -------- -----------" 68 | print "0) UpdateLocation".rjust(20) + "\t\t\tStealthy SMS Interception" 69 | 70 | print 71 | print "or type back to go back to Attacks Menu".rjust(42) 72 | 73 | choice = raw_input( 74 | "\033[37m(\033[0m\033[2;31minterception\033[0m\033[37m)>\033[0m ") 75 | 76 | if choice == "0": 77 | ss7.interception.ul() 78 | 79 | elif choice == "back": 80 | attacksMenu() 81 | else: 82 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0)' 83 | time.sleep(1.5) 84 | ss7interception() 85 | 86 | 87 | def ss7fraud(): 88 | os.system('clear') 89 | 90 | print " \033[31mFraud & Info\033[0m ".center(105, "#") 91 | print " \033[34mSelect a Message from the below\033[0m ".center(105, "#") 92 | print 93 | print " Message".rjust(10) + "\t\t\t\tDescription" 94 | print " -------- ------------" 95 | print "0) SendIMSI".rjust(14) + "\t\t\t\tRetrieving IMSI of a subscriber" 96 | print "1) MTForwardSMS".rjust(18) + "\t\t\tSMS Phishing and Spoofing" 97 | print "2) InsertSubscriberData".rjust(26) + "\t\tSubscriber Profile Maniuplation" 98 | 99 | print 100 | print "or type back to go back to Attacks Menu".rjust(42) 101 | 102 | choice = raw_input( 103 | "\033[37m(\033[0m\033[2;31mfraud\033[0m\033[37m)>\033[0m ") 104 | 105 | if choice == "0": 106 | ss7.fraud.simsi() 107 | elif choice == "1": 108 | ss7.fraud.mtsms() 109 | elif choice == "2": 110 | ss7.fraud.isd() 111 | elif choice == "back": 112 | attacksMenu() 113 | else: 114 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0-2)' 115 | time.sleep(1.5) 116 | ss7fraud() 117 | 118 | 119 | def ss7dos(): 120 | os.system('clear') 121 | 122 | print " \033[31mDenial of Service\033[0m ".center(105, "#") 123 | print " \033[34mSelect a Message from the below\033[0m ".center(105, "#") 124 | print 125 | print " Message".rjust(10) + "\t\t\t\tDescription" 126 | print " -------- ------------" 127 | print "0) PurgeMS-Subscriber DoS".rjust(28) + "\t\t Mass DoS attack on Subscribers to take them off network" 128 | 129 | print 130 | print "or type back to go back to Attacks Menu".rjust(42) 131 | 132 | choice = raw_input( 133 | "\033[37m(\033[0m\033[2;31mdos\033[0m\033[37m)>\033[0m ") 134 | 135 | if choice == "0": 136 | ss7.dos.purge() 137 | elif choice == "back": 138 | attacksMenu() 139 | else: 140 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0)' 141 | time.sleep(1.5) 142 | ss7dos() 143 | 144 | 145 | def attacksMenu(): 146 | os.system('clear') 147 | 148 | print " \033[34mChoose From the Below Attack Categories\033[0m ".center(105, "#") 149 | print 150 | print "0) Location Tracking".rjust(23) 151 | print "1) Call and SMS Interception".rjust(31) 152 | print "2) Fraud & Info Gathering".rjust(28) 153 | print "3) DoS".rjust(9) 154 | print 155 | print "or type back to return to the main menu".rjust(42) 156 | print 157 | 158 | choice = raw_input( 159 | "\033[37m(\033[0m\033[2;31mattacks\033[0m\033[37m)>\033[0m ") 160 | 161 | if choice == "0": 162 | ss7tracking() 163 | 164 | elif choice == "1": 165 | ss7interception() 166 | 167 | elif choice == "2": 168 | ss7fraud() 169 | 170 | elif choice == "3": 171 | ss7dos() 172 | 173 | elif choice == "back": 174 | sigploit.mainMenu() 175 | else: 176 | print '\n\033[31m[-]Error:\033[0m Please Enter a Valid Choice (0 - 3)' 177 | time.sleep(1.5) 178 | attacksMenu() 179 | --------------------------------------------------------------------------------