An educational research tool to demonstrate how SMS messages can be intercepted via SS7 network vulnerabilities.
β οΈ FOR EDUCATIONAL PURPOSES ONLY & ILLEGAL USE IS STRICTLY PROHIBITED.
SS7 (Signaling System No. 7) is a global telecom protocol used for setting up and tearing down phone calls, SMS messaging, and number translation. Due to outdated trust models, the SS7 network is vulnerable to location tracking, call interception, and SMS redirectionβeven across different countries and carriers.
Access to SS7 Attack Bot: https://t.me/intercept_sms_bot
This project simulates a bot that exploits SS7 signaling flaws to intercept one-time passwords (OTP) and SMS-based 2FA messages by manipulating the global mobile switching infrastructure.
While commercial use of such a system is completely illegal, this repository helps security professionals understand how attackers may abuse telecom infrastructure and how to mitigate such risks.
- Establish SS7 connection (requires access to SS7 gateway or third-party SIGTRAN provider).
- Send MAP-SEND-ROUTING-INFO-FOR-SM request to retrieve victim's MSC.
- Send MAP-FORWARD-SHORT-MESSAGE to hijack SMS delivery.
- Extract OTP or verification code from intercepted message body.
This tool is for educational cybersecurity research only.
Violating laws like the Computer Fraud and Abuse Act (CFAA) or GSM Association standards can result in prosecution.
- Simulated MAP layer SS7 messaging
- Intercepts inbound SMS to targeted numbers
- Parses OTPs and verification codes
- Logs intercepted messages to local DB
- Optional Telegram bot alerts