From hugh at comp.nus.edu.sg  Tue Jul 23 13:20:27 2019
From: hugh at comp.nus.edu.sg (hugh)
Date: Tue, 23 Jul 2019 21:20:27 +0800
Subject: Issue compiling simtrace branch firmware for simtrace2
Message-ID: <09e8d1a47865f7ad48340da862f086c9@comp.nus.edu.sg>


Hi,

Firstly - I am able to compile, flash and run the master branch of the 
software on my simtrace2 hardware without issues - thanks to all 
concerned.

I wanted to try out the mitm and ccid with my simtrace2, and I *think* 
that the laforge/cleanup branch is the most recently worked on branch of 
developmental code, so I tried to compile that and ran into problems.

So far I have noticed two issues:

  1. Errors like this:
       error: implicit declaration of function 'board_exec_dbg_cmd';
     (which can be changed to a warning by removing the 
-Werror-implicit-function-declaration in the Makefile)
  2. This error:
       src_simtrace/main.c:81:40: error: 'PIN_PRTPWR_OVERRIDE' undeclared 
here ...
     (This error appears hard, as PIN_PRTPWR_OVERRIDE is only in 
include_board/qmod/board.h, and not in include_board/simtrace/board.h)

I guess I am doing something silly - but I just cannot see it. Can 
someone help?

By the way - am I correct in thinking that laforge/cleanup is the most 
recent/most worked on MITM code for the simtrace2?

Cheers Hugh


From emregeckin at gmail.com  Thu Jul 25 09:05:54 2019
From: emregeckin at gmail.com (Emre Geckin)
Date: Thu, 25 Jul 2019 13:05:54 +0400
Subject: IMEI filtering
Message-ID: <CA+tJqU8nBuPUr1HFn-STfv4oog5vsK4jigMb7YzAx3Wfva2KJQ@mail.gmail.com>

I would like to know How sim card is requesting IMEI from mobile device and
is it protected only by CHV ?
If so can I filter communication and change my mobile device IMEI number to
something else ?

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/simtrace/attachments/20190725/364fe2d1/attachment.htm>

From axilirator at gmail.com  Thu Jul 25 11:11:21 2019
From: axilirator at gmail.com (Vadim Yanitskiy)
Date: Thu, 25 Jul 2019 18:11:21 +0700
Subject: IMEI filtering
In-Reply-To: <CA+tJqU8nBuPUr1HFn-STfv4oog5vsK4jigMb7YzAx3Wfva2KJQ@mail.gmail.com>
References: <CA+tJqU8nBuPUr1HFn-STfv4oog5vsK4jigMb7YzAx3Wfva2KJQ@mail.gmail.com>
Message-ID: <CAPEnp=bv5VbqAO0y9qMFKpDe1aR4gqSjRu4o_=oSiP-rnzgQDw@mail.gmail.com>

SIM card is not supposed to request IMEI from the MS. Usually, when the
network requests IMEI, the MS/UE just responds without involving the SIM.

Although, I guess it should be possible [1] for some special applications.

[1] https://en.wikipedia.org/wiki/SIM_Application_Toolkit

With best regards,
Vadim Yanitskiy.


From ml at mail.tsaitgaist.info  Thu Jul 25 11:38:24 2019
From: ml at mail.tsaitgaist.info (=?iso-8859-1?Q?K=E9vin?= Redon)
Date: Thu, 25 Jul 2019 13:38:24 +0200
Subject: Issue compiling simtrace branch firmware for simtrace2
In-Reply-To: <09e8d1a47865f7ad48340da862f086c9@comp.nus.edu.sg>
References: <09e8d1a47865f7ad48340da862f086c9@comp.nus.edu.sg>
Message-ID: <20190725113824.GC21080@coil>

On Tue, Jul 23, 2019 at 09:20:27PM +0800, hugh wrote:
> I wanted to try out the mitm and ccid with my simtrace2, and I *think* that
> the laforge/cleanup branch is the most recently worked on branch of
> developmental code, so I tried to compile that and ran into problems.

yes it is, but it is outdated and not fully tested/maintained.
MITM and CCID are currently not officially supported.
alternatively you can use a regular USB card reader, if you are looking for a CCID device (there are plenty available).
for the MITM aspect I recommend to wait a bit until the card emulation firmware is ready (this is currently in development).
with an external card reader you can then implement a MITM on your computer.


From ml at mail.tsaitgaist.info  Thu Jul 25 11:31:09 2019
From: ml at mail.tsaitgaist.info (=?iso-8859-1?Q?K=E9vin?= Redon)
Date: Thu, 25 Jul 2019 13:31:09 +0200
Subject: IMEI filtering
In-Reply-To: <CA+tJqU8nBuPUr1HFn-STfv4oog5vsK4jigMb7YzAx3Wfva2KJQ@mail.gmail.com>
References: <CA+tJqU8nBuPUr1HFn-STfv4oog5vsK4jigMb7YzAx3Wfva2KJQ@mail.gmail.com>
Message-ID: <20190725113109.GB21080@coil>

On Thu, Jul 25, 2019 at 01:05:54PM +0400, Emre Geckin wrote:
> I would like to know How sim card is requesting IMEI from mobile device

the [U]SIM application normally does not request the IMEI, nor any other information.
it is mainly a storage and key generation application.
it would be possible for a UICC (the card) to be "proactive" and use the "card application toolkit" to interact with the mobile though (what vadim mentioned).
to read out the IMEI, it could use the RUN AT COMMAND. see ETSI TS 102 223 for more information.
to find out which mechanism is used, you would need to monitor the UICC-ME communication (for example using SIMtrace).

> and is it protected only by CHV ?

the CHV (aka PIN) only protects files on the SIM card, not on the mobile.

> If so can I filter communication and change my mobile device IMEI number to
> something else ?

the SIMtrace hardware supports man-in-middle, but not the original firmware.
if you have a SIMtrace (v1) board (https://osmocom.org/projects/simtrace/wiki/SIMtrace) you can use the alternative firmware simlabtrace (https://github.com/kamwar/simlabTrace/wiki).
the SIMtrace v2 (https://osmocom.org/projects/simtrace2/wiki) firmware does not support MITM currently. there is also no ETA, but we are working on card emulation (you then just need a separate card reader and custom filtering software).