As far as i can tell from here: http://en.wikipedia.org/wiki/Multimedia_Messaging_Service its something different and must be done in a different way...
but i dont understand what this sms control thing is... could it be that there is a sms with a kind of notifier? I sended MMS long time ago and i know when the dest device cannot download the content, there is just an SMS in its inbox... so maybe you can fake MMS with just a special crafted SMS and a URL for the payload... On Thu, 15 Nov 2012 18:55:39 -0800 (PST), Ethan Hunt <[email protected]> wrote: > Hey guys, > > in the meantime they posted a new video on their page about faking MMS > messages as well. > > This is how MMS works: > An SMS "control message" containing the URL of the content is sent by the > MMSC to the recipient's handset to trigger the receiver's WAP browser to > open and receive the content from the embedded URL. > > I am wondering if they use the same capability leak as for SMS and it > just needs a special PDU which has to be sent to the SmsReceiverService. > > Does anyone have a clue? > > Cheers, > Ethan > > On Tuesday, November 6, 2012 12:18:54 PM UTC+13, Hannes K. > wrote:Regarding Prof. Xuxian Jiang's research [1] > > there seems to be a security flaw which can be used for SMISHING [2] and > it affects a broad range of Android versions. > > I am curious what the source of this leak is and I am wondering if > someone out there has a clue how they got it work. > I am new to android-security and I don't want to build a malicous app!! > (I just got thrown into an android security project at the Uni) > > I hope to get the ball rolling for a technical discussion. > > Cheers > Hannes > > -- > You received this message because you are subscribed to the Google > Groups "Android Security Discussions" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/android-security-discuss/-/aZxYuPrsQdcJ > [3]. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > > Links: > ------ > [1] http://www.csc.ncsu.edu/faculty/jiang/smishing.html > [2] http://en.wikipedia.org/wiki/Smishing > [3] > https://groups.google.com/d/msg/android-security-discuss/-/aZxYuPrsQdcJ -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
