Description: Paper would be on DTMF input processing algorithms [DSP] , that are often embed into PBX, IVR, Telephone routers and other devices that process DTMF input. PBX and IVR servers are often deployed for running Phone Banking App Servers, Call Center Application and other systems that uses phone to interact with them. If an attacker could trigger exception in DTMF processing algorithms, then they could crash the entire application server making a single phone call, causing the entire Phone banking in accessible, or no calls to the costumer service goes through. One such denial of Service could cause a lot of panic and the amount of damage would be pretty huge. We will be demonstrating lot of amusing remote DTMF attacks on Phone Banking, Tele-Voting, and Customer Support applications using DTMF. This talk is recommended for Pentesters, PCI|DSS consultants, Telephone Companies, Banks or anyone who uses a device interacted via Telephone.
Tags: nullcon null nullcon.net null.co.in "DTMF Fuzzing" "IVR Security" ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.