澳大利亚电信集团Telstra不定期向美国mFormation公司上传数据以获得用户体验改善建议。
MFORMATION公司位于12.144.49.X的服务器遭到黑客入侵,服务器中大量澳大利亚电信隐私数据遭到下载,至今仍未修复。
数据样本1:
monthly_20110510185022_20120509190000.dat
10,89610177098413000096,61419547344,20110708093347,0,Get SIM Vital Signs,mfbackend,TELSTRAS,Apple,iPhone4,505013446197363,NO_RESPONSE,3233,16177961,,,801,1,140,,, 10,89610176939514000096,61447431126,20110708093348,0,Get SIM Vital Signs,mfbackend,TELSTRAS,Apple,iPhone4,,NO_RESPONSE,3233,16177962,,,801,1,140,,, 10,359773030078454,61439049449,20110708093358,0,Set MMS Settings (OTA),retail_prepaid / retail_prepaid,TELSTRAS.RETAILER.PREPAID,ZTE,T870,505010082831441,DELIVERED,10002,16177963,,125,801,4,560,,A75D930425523C51E0440021281AD1D6, 10,356275049424771,61438807881,20110708093405,0,Set WAP Settings (OTA),retail_postpaid / retail_postpaid,TELSTRAS.RETAILER.POSTPAID,Nokia,2720fold,505010374070116,DELIVERED,10001,16177964,,122,801,4,560,,A774270DCC023C87E0440021281AD1D6, 10,012750005510835,61407581237,20110708093504,0,Send Message,retail_postpaid,TELSTRAS.RETAILER.POSTPAID,Apple,iPhone4,505013438562521,DELIVERED,100055,16177969,,,801,3,420,,A7608F61B2C23B1FE0440021281AD1D6,
数据对应:
1:数据识别码 2:用户识别号(唯一) 3:手机号/固话号(国家代码已打码) 4:事件发生时间戳 5:未知(全为0) 6:执行动作 7:用户类型(账单用) 8:运营商 9:手机制造商 10:手机型号 11:对方用户识别号(唯一) 12:执行状态 13/14:tac码和疑似频段 15~20:未知 21:识别通道
数据样本2,可将HEX转为ASCII
短信样本 - 正文已删除
7|SMS|2011-03-24 00:00:43 ping? 7|SMS|2011-03-24 00:00:43 pdu read: 000000108000001500000000000267f6 7|SMS|2011-03-24 00:00:43 command_id=enquire_link_resp 7|SMS|2011-03-24 00:00:43 command_status=OK 7|SMS|2011-03-24 00:00:43 sequence_number=157686 7|SMS|2011-03-24 00:00:43 pong! 7|SMS|2011-03-24 00:00:44 pdu read: 000000cc00000005000000000004a0630001013631343538393138333935000201313235313330000400000000000000009a69643a2f636538396564383336393036353063613030303030303030313231343661373530316534303530312f31323631343538393138333935207375623a30303120646c7672643a303031207375626d697420646174653a3131303332333232353420646f6e6520646174653a3131303332333233303020737461743a44454c49565244206572723a30303020746578743a4e6f2054657874 7|SMS|2011-03-24 00:00:44 command_id=deliver_sm 7|SMS|2011-03-24 00:00:44 command_status=OK 7|SMS|2011-03-24 00:00:44 sequence_number=303203 7|SMS|2011-03-24 00:00:44 service_type= 7|SMS|2011-03-24 00:00:44 source_ton=1 7|SMS|2011-03-24 00:00:44 source_npi=1 7|SMS|2011-03-24 00:00:44 source_addr=61458918395 7|SMS|2011-03-24 00:00:44 destination_ton=2 7|SMS|2011-03-24 00:00:44 destination_npi=1 7|SMS|2011-03-24 00:00:44 destination_addr=125130 7|SMS|2011-03-24 00:00:44 esm_class=4 7|SMS|2011-03-24 00:00:44 protocol_id=0 7|SMS|2011-03-24 00:00:44 priority_flag=0 7|SMS|2011-03-24 00:00:44 registered_delivery=0 7|SMS|2011-03-24 00:00:44 replace_if_present=0 7|SMS|2011-03-24 00:00:44 data_coding=0 7|SMS|2011-03-24 00:00:44 default_msg_id=0 7|SMS|2011-03-24 00:00:44 sm_length=154 7|SMS|2011-03-24 00:00:44 short_message(ascii)=id:/ce89ed83690650ca0000000012146a7501e40501/1261458918395 sub:001 dlvrd:001 submit date:1103232254 done date:1103232300 stat:DELIVRD err:000 text:No Text 7|SMS|2011-03-24 00:00:44 SMSCGroup: messageStatus ok 7|SMS|2011-03-24 00:00:44 EnqHelper: updateStatus(): 2/null//ce89ed83690650ca0000000012146a7501e40501/1261458918395/DELIVRD/smsc-01/null/0/0 7|SMS|2011-03-24 00:00:44|EnqHelper: updateStatus() ok
彩信样本节选
彩信数据包3/4-4/4
7|SMS|2011-03-24 08:15:57 submitMessage response true 7|SMS|2011-03-24 08:15:57|submitted: 3/4 7|SMS|2011-03-24 08:15:57|about to submit message! 7|SMS|2011-03-24 08:15:57|submitting 7|SMS|2011-03-24 08:15:57| source_ton: 1 7|SMS|2011-03-24 08:15:57| source_npi: 1 7|SMS|2011-03-24 08:15:57| source_addr: 125130 7|SMS|2011-03-24 08:15:57| destination_ton: 1 7|SMS|2011-03-24 08:15:57| destination_npi: 1 7|SMS|2011-03-24 08:15:57| destination_addr: 61408854281 7|SMS|2011-03-24 08:15:57| esm_class: 64 7|SMS|2011-03-24 08:15:57| protocol_id: 0 7|SMS|2011-03-24 08:15:57| priority_flag: 0 7|SMS|2011-03-24 08:15:57| validity_period: 000000003000000R 7|SMS|2011-03-24 08:15:57| registered_delivery: 1 7|SMS|2011-03-24 08:15:57| replace_if_present: 0 7|SMS|2011-03-24 08:15:57|EnqHelper: updateStatus() ok 7|SMS|2011-03-24 08:15:57| data_coding: 245 7|SMS|2011-03-24 08:15:57| default_msg_id: 0 7|SMS|2011-03-24 08:15:57| sm_length: 46 7|SMS|2011-03-24 08:15:57| window size reached: 1 7|SMS|2011-03-24 08:15:57| pdu read: 000000488000000400000000000eccdb2f646138613633306436353466636634333030303030303030303233623533323430303761303130312f3132363134303838353432383100 7|SMS|2011-03-24 08:15:57| command_id=submit_sm_resp 7|SMS|2011-03-24 08:15:57| command_status=OK 7|SMS|2011-03-24 08:15:57| sequence_number=969947 7|SMS|2011-03-24 08:15:57| SUBMIT MESSAGE ID = /da8a630d654fcf4300000000023b5324007a0101/1261408854281 6|SMS|2011-03-24 08:15:57| sms sent, request id 15207466, sequence 1510278, msgId /da8a630d654fcf4300000000023b5324007a0101/1261408854281 6|SMS|2011-03-24 08:15:57|-- waiting for 1 parts to finish 7|SMS|2011-03-24 08:15:57|EnqHelper: updateStatus(): 1/15207466//da8a630d654fcf4300000000023b5324007a0101/1261408854281/SENT/smsc-01/null/120/246 7|SMS|2011-03-24 08:15:57| submitResponse ok 7|SMS|2011-03-24 08:15:57| SMSCGroup: submitResponse ok 7|SMS|2011-03-24 08:15:57| window size now: 0 7|SMS|2011-03-24 08:15:57| submitSm(969948/1510279): 000000700000000400000000000ECCDC0001013132353133300001013631343038383534323831004000000030303030303030303330303030303052000100F5002E0B05040B84000000032A04040603687474703A2F2F6D6D73632E000000000000012E636F6D3A3830303200010101 7|SMS|2011-03-24 08:15:57| submitMessage response true 7|SMS|2011-03-24 08:15:57|submitted: 4/4 6|SMS|2011-03-24 08:15:57|==> message sent, job 0, request id 15207466 7|SMS|2011-03-24 08:15:57|waiting for submissions to finish 7|SMS|2011-03-24 08:15:57|EnqHelper: updateStatus() ok