From gdemiguel at ceit.es Tue Apr 21 10:47:10 2015 From: gdemiguel at ceit.es (de Miguel, Gorka) Date: Tue, 21 Apr 2015 10:47:10 +0000 Subject: APDU log Message-ID: <1429613229839.11687@ceit.es> Dear friends, First of all, let me introduce myself. My name is Gorka De Miguel and I am working in my master?s thesis right now. On it, I am trying to do a man in the middle attack to my own cellphone and trying to obtain the data that reaches the SIM card. For that I am using a simtrace board. I have followed the user manual and the advises given in the web, but I am not able to make it work properly. Once I have simtrace executable created with the libosmocom and the rest of libraries in my computer in the way it is said in the web, I can execute it and some APDUs appear in the screen, but they seem to be not useful. Then I wanted to log them by using HTerm, to parse it and try to obtain the meaning of the APDUs. But the device is not recognized by the linux machine. I mean , it does not appear in the /dev directory. So it is imposible to reach to it and log the APDUs using a different program. I also tried to recognize the device using a windows machine, but it does not recognize it as there is not a simtrace driver for windows. Reached this point, my questions are the following ones; is there any way of logging de APDUS from the simtrace program? Is there any simtrace driver for windows? Do you know about anyone that was able to parse the APDUs and understand them well? Have anybody used HTerm? Is anybody able to understand the APDUs obtained? If yes, would it be possible to obtain his/her contact? Thank you in advance for all, every little advice will be really helpful for me, Regards Gorka De Miguel -------------- next part -------------- An HTML attachment was scrubbed... URL: From ml at mail.tsaitgaist.info Tue Apr 21 13:07:18 2015 From: ml at mail.tsaitgaist.info (=?iso-8859-1?Q?K=E9vin?= Redon) Date: Tue, 21 Apr 2015 15:07:18 +0200 Subject: APDU log Message-ID: <20150421130718.GC4233@coil.lan> Hi Gorka, On Tue, Apr 21, 2015 at 10:47:10AM +0000, de Miguel, Gorka wrote: > Dear friends, > > > First of all, let me introduce myself. My name is Gorka De Miguel and I am working in my master?s thesis right now. On it, I am +trying to do a man in the middle attack to my own cellphone and trying to obtain the data that reaches the SIM card. For that I am +using a simtrace board. I have followed the user manual and the advises given in the web, but I am not able to make it work properly. +Once I have simtrace executable created with the libosmocom and the rest of libraries in my computer in the way it is said in the +web, I can execute it and some APDUs appear in the screen, but they seem to be not useful. > "make it work properly" is a bit vague. In these cases could you describe what your environment is (OS, simtrace version, phone, ...), what commands you are running, what +output you are getting, and what you expected to have. Some APDUs appearing on the screen is already a good result. Actually it's the main purpose of SIMtrace. > > Then I wanted to log them by using HTerm, to parse it and try to obtain the meaning of the APDUs. But the device is not recognized +by the linux machine. I mean , it does not appear in the /dev directory. So it is imposible to reach to it and log the APDUs using a +different program. I also tried to recognize the device using a windows machine, but it does not recognize it as there is not a +simtrace driver for windows. > SIMtrace does not use the USB virtual serial port profile. You have to talk to it using libusb directly. I think someone managed to compile and run it under windows, but using cygwin. Most of the users run it under linux. > > Reached this point, my questions are the following ones; is there any way of logging de APDUS from the simtrace program? you can directly use the text output of simtrace. but the better way would be to use the network GSMTAP output provided by simtrace > Is there any simtrace driver for windows? more details are available in the mailing list archive AFAIR > Do you know about anyone that was able to parse the APDUs and understand them well? there is a wireshark plugin to decode the SIM commands. the APDU are well specified in ETSI TS 102.221. > Have anybody used HTerm? no, because SIMtrace does not provide a serial port > Is anybody able to understand the APDUs obtained? if you are looking for an example application, someone wrote a script that uses the GSMTAP interface to get the terminal profile out +of the traffic: https://terminal-profile.osmocom.org/ > If yes, would it be possible to obtain his/her contact? it should be on the web page. but before contacting him, be sure to have understood this email and are familiar with the cited specification. > Thank you in advance for all, every little advice will be really helpful for me, you're welcome From n.poczynek at gmail.com Wed Apr 29 19:18:46 2015 From: n.poczynek at gmail.com (Nick Poczynek) Date: Wed, 29 Apr 2015 19:18:46 -0000 Subject: Issue building SIMtrace firmware from OpenPCD repository Message-ID: Hello, I'm unable to build the SIMtrace firmware according to the instructions on the wiki at http://bb.osmocom.org/trac/wiki/SIMtrace/Firmware. The GCC 4.5.2 ARM cross compiler has been installed and added to my path. Here is the output when I run make: ~/repos/openpcd/firmware$ make -f Makefile.dfu BOARD=SIMTRACE -------- begin (mode: RUN_FROM_ROM) -------- arm-elf-gcc (GCC) 4.5.2 Copyright (C) 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Assembling (ARM-only): src/start/Cstartup.S arm-elf-gcc -c -mcpu=arm7tdmi -I. -x assembler-with-cpp -DRUN_FROM_ROM -D__AT91SAM7S256__ -Wa,-adhlns=src/start/Cstartup.lst,--gdwarf-2 -Iinclude/ -D__ASSEMBLY__ src/start/Cstartup.S -o src/start/Cstartup.o src/start/Cstartup.S:102:2: error: #error please define PIO_BOOTLDR for your board make: *** [src/start/Cstartup.o] Error 1 Has the SIMtrace target been removed from this repo? Looking through Makefile and Makefile.dfu, I don't see any references to the project. None of the checks on the $BOARD variable include a SIMTRACE option. Similarly, Cstartup.S only defines PIO_BOOTLDR for PCD, PICC, and OLIMEX boards. I'm still browsing through some other source files to see if I'm missing something obvious, but I'd appreciate any advice. Thanks, -Nick P. -------------- next part -------------- An HTML attachment was scrubbed... URL: