Phreaking 2.0 - Abusing Microsoft Teams Direct Routing

Presented at DEF CON 30 (2022), Aug. 12, 2022, 2 p.m. (20 minutes)

Microsoft Teams offers the possibility to integrate your own communication infrastructure, e.g. your own SIP provider for phone services. This requires a Microsoft-certified and -approved Session Border Controller. During the security analysis of this federation, Moritz Abrell identified several vulnerabilities that allow an external, unauthenticated attacker to perform toll fraud.

This talk is a summary of this analysis, the identified security issues and the practical exploitation as well as the manufacturer's capitulation to the final fix of the vulnerabilities.

Presenters:

• Moritz Abrell - SySS GmbH
  Moritz Abrell is an experienced expert in Voice-over-IP and network technologies with a focus on information security. He works as a senior IT security consultant and penetration tester for the Germany-based pentest company SySS GmbH, where he daily deals with the practical exploitation of vulnerabilities and advises customers on how to fix them. In addition, he regularly publishes his security research in blog posts or presents it at IT security conferences.

Links:

• https://forum.defcon.org/node/241821
• https://infocon.org/cons/DEF CON/DEF CON 30/DEF CON 30 video and slides/DEF CON 30 - Moritz Abrell - Phreaking 2.0 - Abusing Microsoft Teams Direct Routing.mp4
• https://infocon.org/cons/DEF CON/DEF CON 30/DEF CON 30 video and slides/DEF CON 30 - Moritz Abrell - Phreaking 2.0 - Abusing Microsoft Teams Direct Routing.srt (subtitles)
• https://www.youtube.com/watch?v=LXxcVi2MMe8