These phones got no WLAN connection possibilities, so one of the options is kicked. )
Top! You get 5 reputation points or kudos -)
Easy measurable if all WiFis are down, sub-scenario 5) solved by you.
If you already know the phone location, the easiest way making the phone not reachable in by putting the towers offline for that area.
The phone will retry to connect to the GSM network automatically, so you can use you own stingray to gain control over it. The TMSI o should be still available and it could be searched on the regular towers logs and the real IMSI could be found. From there on, direct USIM communication is possible and the AT commands should follow from the stingray. Theoretically.
I still only guess which protocol should be used to shut it down, so I better wait for the end of the training )
Near phone Scenario
BTS capture all near devices and make a cell logout and transfer IMSI to police machine.
You now have total control of ALL devices.
Far away from cellphone
Call an ambulance
Thank you droopy.
Shooting down all nearby cell towers is in a dense area not possible as there are uncounted numerous macro and small cells and if you shoot the nearest, cell towers more fare would serve. The public would also not understand being cut off. In our team, we estimate to shut down cell towers, fails in reality.
Jamming cell tower radio frequency propagation is possible. But then the stingray gun is out of action too.
As the cell phone would operate over may attached USB debugging to switch the IED to probably high electricity power to generate a very high temperature to blow e.g. C4 it would be a question how to turn of remotely USB debugging function.
Usually cell tower logs are long and a problem to fast select the wanted TMSI o to resolve the initial IMSI paging request. Its a problem of too large in too short amount of time of such a situation.
A general risk are wrong dialed calls or call center calls as elements of risk. The probability is low but not zero. If controlled and safe solution is required. Unexpected blow up blames the Police of being lacy. Fast and deadly killing IED was until now, but the goal is to get more evidence and not just trash to clean up.
If you are near, just pull the battery of the phone ?!
The IED is inside a bag and the cell phone from outside not visible but assumed to be there. Bluetooth disabled and no NFC too. We designed a 3D hemispheric jammer construction to avoid cell communication from outside. The jammer is dyadic and would be closed around the IED bag by the caterpillard remote controllable robot to catch the IED.
In short, it can be disabled only by communication over a protocol… Ok, back to AT commands then )
I'd like to play along, but the topic is too hot for me. I'm all about education, but I'd hate to think that something that was posted helped some killer build a better mouse trap or evade detection.
closed