simtrace

simtrace@lists.osmocom.org

346 discussions

Loosing 1 byte on each chunk of URB transfer
by Myonium 21 Mar '12

21 Mar '12

Hi It seems to me that simtrace looses a byte between 2 URB transfers from the device. To trace the problem down, I wrote a little test-program, running the same APDU against the smart card. I’m using simtrace to trace the card on the HW level and at the very same time I trace on the PCSC layer of the OS. Of cause the 2 APDU traces should give exactly the same results. Surprisimgly I found that the simtrace is swallowing one byte between two URB chunks transferred. Please find below the 2 logs A.) PCSC trace, B.) simtrace output. In this example simtrace is missing 1 byte (“7F”) between the two URB chunks a.) and b.). This missing byte causes to scrow up the analyser (APDU number 5). The same problem occurs also between the next two URB chunks b.) and c.): This time a “00” gets lost ... etc etc. A.) The PCSC traces as reference: ======================================= 1.) transmitted: 80 C2 00 00 28 D8 00 01 6F 00 F5 EF BF B1 8C 76 16 00 0E 43 6F 6E 74 65 6E 74 4D 61 6E 61 67 65 72 00 C0 4B 4E 7F BD 00 04 4D 53 43 4D received: 61 05 2.) transmitted: 00 C0 00 00 05 received: 01 00 00 00 05 90 00 3.) transmitted: 80 C2 00 00 12 D8 00 05 6F 00 C0 4B 4E 7F BD DE EC 00 04 4D 53 43 4D received: 61 0F 4.) transmitted: 00 C0 00 00 0F received: 00 D2 5D 1C 11 27 00 07 37 2E 31 2E 30 2E 30 90 00 5.) transmitted: 80 C2 00 00 14 D8 00 05 6F 00 C0 4B 4E 7F BD 81 87 00 04 4D 53 43 4D 05 00 received: 61 1A 6.) transmitted: 00 C0 00 00 1A received: 00 D2 5D 1C 45 A3 00 00 00 10 2E 4E 45 54 57 01 13 51 21 9C 77 14 27 14 FF FF 90 00 7.) transmitted: 80 C2 00 00 12 D8 00 05 6F 00 C0 4B 4E 7F BD FA 3B 00 04 4D 53 43 4D received: 61 12 8.) transmitted: 00 C0 00 00 12 received: 00 D2 5D 1C 45 A3 00 00 00 08 83 17 65 55 19 7E A5 EB 90 00 9.) transmitted: 80 C2 00 00 1E D8 00 05 6F 00 C0 4B 4E 7F BD 24 FE 00 04 4D 53 43 4D 00 00 00 08 FC 66 34 93 BD 58 68 54 received: 90 00 10.) transmitted: 80 C2 00 00 13 D8 00 05 6F 00 C0 4B 4E 7F BD 6D 08 00 04 4D 53 43 4D 02 received: 61 0A 11.) transmitted: 00 C0 00 00 0A received: 00 D2 5D 1C 61 C0 00 00 00 05 90 00 B.) The simtrace output: ================================================ simtrace - GSM SIM and smartcard tracing (C) 2010 by Harald Welte <laforge(a)gnumonks.org> Entering main loop URB: 01 01 00 00 3b 16 96 41 73 74 72 69 64 ATR APDU: 3b 16 96 41 73 74 72 69 64 a.) URB: 01 00 00 00 80 c2 00 00 28 c2 d8 00 01 6f 00 f5 ef bf b1 8c 76 16 00 0e 43 6f 6e 74 65 6e 74 4d 61 6e 61 67 65 72 00 c0 4b 4e 7f bd 00 04 4d 53 43 4d 61 05 00 c0 00 00 05 c0 01 00 00 00 05 90 00 80 c2 00 00 12 c2 d8 00 05 6f 00 c0 4b 4e 7f bd de ec 00 04 4d 53 43 4d 61 0f 00 c0 00 00 0f c0 00 d2 5d 1c 11 27 00 07 37 2e 31 2e 30 2e 30 90 00 80 c2 00 00 14 c2 d8 00 05 6f 00 c0 4b 4e 1.) APDU: 80 c2 00 00 28 d8 00 01 6f 00 f5 ef bf b1 8c 76 16 00 0e 43 6f 6e 74 65 6e 74 4d 61 6e 61 67 65 72 00 c0 4b 4e 7f bd 00 04 4d 53 43 4d 61 05 2.) APDU: 00 c0 00 00 05 01 00 00 00 05 90 00 3.) APDU: 80 c2 00 00 12 d8 00 05 6f 00 c0 4b 4e 7f bd de ec 00 04 4d 53 43 4d 61 0f 4.) APDU: 00 c0 00 00 0f 00 d2 5d 1c 11 27 00 07 37 2e 31 2e 30 2e 30 90 00 b.) URB: 01 00 00 00 bd 81 00 04 4d 53 43 4d 05 00 61 1a 00 c0 00 00 1a c0 00 d2 5d 1c 45 a3 00 00 00 10 2e 4e 45 54 57 01 13 51 21 9c 77 14 27 14 ff ff 90 00 80 c2 00 00 12 c2 d8 00 05 6f 00 c0 4b 4e 7f bd fa 3b 00 04 4d 53 43 4d 61 12 00 c0 00 00 12 c0 00 d2 5d 1c 45 a3 00 00 00 08 83 17 65 55 19 7e a5 eb 90 00 80 c2 00 00 1e c2 d8 00 05 6f 00 c0 4b 4e 7f bd 24 fe 00 04 4d 53 43 4d 00 00 5.) APDU: 80 c2 00 00 14 d8 00 05 6f 00 c0 4b 4e bd 81 00 04 4d 53 43 4d 05 00 61 1a 00 c0 APDU: 00 00 1a c0 00 d2 5d APDU: 1c 45 a3 00 00 00 10 APDU: 2e 4e 45 54 57 01 13 APDU: 51 21 9c 77 14 27 14 APDU: ff ff 90 00 80 c2 00 APDU: 00 12 c2 d8 00 05 6f APDU: 00 c0 4b 4e 7f bd fa APDU: 3b 00 04 4d 53 43 4d APDU: 61 12 00 c0 00 00 12 APDU: c0 00 d2 5d 1c 45 a3 APDU: 00 00 00 08 83 17 65 APDU: 55 19 7e a5 eb 90 00 c.)URB: 01 04 00 00 08 fc 66 34 93 bd 58 68 54 d.)URB: 01 04 00 00 90 00 80 c2 00 00 13 c2 d8 00 05 6f 00 c0 4b 4e 7f bd 6d 08 00 04 4d 53 43 4d 02 61 0a 00 c0 00 00 0a c0 00 d2 5d 1c 61 c0 00 00 00 05 90 00 APDU: 80 c2 00 00 1e d8 00 05 6f 00 c0 4b 4e 7f bd 24 fe 00 04 4d 53 43 4d 00 00 08 fc 66 34 93 bd 58 68 54 90 00 80 APDU: c2 00 00 13 c2 d8 00 APDU: 05 6f 00 c0 4b 4e 7f APDU: bd 6d 08 00 04 4d 53 APDU: 43 4d 02 61 0a 00 c0 APDU: 00 00 0a c0 00 d2 5d APDU: 1c 61 c0 00 00 00 05 URB: 01 01 00 00 3b 16 96 41 73 74 72 69 64 ATR APDU: 3b 16 96 41 73 74 72 69 64 ========================================================== Is this a problem of simtrace or the firmware? Am I using a wrong firmware? Thanks, Ben

5 19

SIM Trace Appears to Stop Processing APDUs
by Jonathan Thomas 21 Mar '12

21 Mar '12

Environment: We have tested on three systems with both Ubuntu and OpenSUSE. Additionally, we have tested with both VMs and as a core system install. Software Installed: Installed the latest using the instructions from the user manual. Issue: With testing against all three of the SIMTrace modules we purchased we have found the trace appears to lock-up or freeze randomly through processing of the APDUs. Since the phone still functions properly I am assuming that the communication between the SIM and the phone are still intact, it is just an issue with the output to screen/file output. Has anyone else experienced this issue? We will try and flash the firmware, but since we saw this issue with all of the hardware we purchased we assumed there might be some other issue. Thank you. Jonathan

4 7

sysmosim - Greencard
by Arjen Smit 09 Mar '12

09 Mar '12

Dear all, Hopefully this is the right list for some questions on the SysmoSIM (aka Greencard). I have set the PIN1, PUK1, PIN1, PUK1, ADM1, AUK1, ADM2, AUK2 using the non-standard APDU (80 D4 ..) successfully using the cyberflex-shell. Verification of CHV1 and CHV2 are fine as well. (A0 20 00 01 08 ...) However verification of ADM2 (which I need because I want to change the Authentication algorithm) A0 20 00 0B 08 30 30 30 30 30 30 30 30 returns status : 98 02 (no chv initialized). It looks like I use the wrong APDU sequence for verifying ADM2 (I tried some other sequences as well (e.g A0 20 00 0A .. to A0 20 00 0D ..) but no luck. My main question is : What APDU sequence is needed to verify ADM2 ? Secondary less important questions: -When thinking about AUK1, AUK2, what are these used for ? -Do the cards support 03.48 OTA specs (if yes, can the Kic, Kid be set ?) -Are there actually any specs of these cards available ? (google gives www.elektroda.pl/rtvforum/download.php?id=351846 which matches the ATR of the card, however this spec is of little use though). Thanks in advance for your help. /Arjen

2 2

What can be logged?
by Florian Borggräfe 06 Mar '12

06 Mar '12

Hello, i have a question about the functionality of the Osmoscon SimTrace hardware system. Can I log everything, also packets like silent SMS (https://en.wikipedia.org/wiki/SMS#Silent_SMS)? Thank you for your request. Flo

3 3

1.1p board not recognized
by Martin Kaiser 19 Feb '12

19 Feb '12

Dear all, I'm struggling to get started with a 1.1p board. When I connect it via USB (with no simcard inserted and no connection to a phone), the red led is on. Sometimes, both leds remain off after connecting the board when I have a simcard inserted and a phone connected. On one box (debian lenny), the board is never recognized by lsusb or kernel messages. Do I need anything special (other than basic usb support) compiled into the kernel for libusb to do its work in user space? I tried dfu-util -l, the board wasn't listed. On a second box (debian squeeze) there's log messages when the usb is connected Feb 15 22:34:44 greta kernel: [186232.651806] usb 1-1.1: new full speed USB device using ehci_hcd and address 13 Feb 15 22:34:44 greta kernel: [186232.745566] usb 1-1.1: New USB device found, idVendor=16c0, idProduct=0762 Feb 15 22:34:44 greta kernel: [186232.745573] usb 1-1.1: New USB device strings: Mfr=4, Product=5, SerialNumber=0 Feb 15 22:34:44 greta kernel: [186232.745577] usb 1-1.1: Product: SimTrace SIM Sniffer - Runtime Mode Feb 15 22:34:44 greta kernel: [186232.745581] usb 1-1.1: Manufacturer: sysmocom - systems for mobile communications GmbH Feb 15 22:34:44 greta kernel: [186232.745694] usb 1-1.1: configuration #1 chosen from 1 choice lsusb doesn't show anything either the red led is on after connecting, simtrace (linked against libusb-1.0) says "can't open USB device" After some more tries, dfu-util recognizes the board root@greta:~# dfu-util -l dfu-util - (C) 2007-2008 by OpenMoko Inc. This program is Free Software and has ABSOLUTELY NO WARRANTY dfu-util does currently only support DFU version 1.0 Found DFU: [0x16c0:0x0762] devnum=17, cfg=0, intf=0, alt=0, name="SimTrace DFU Interface - Application Partition" Found DFU: [0x16c0:0x0762] devnum=17, cfg=0, intf=0, alt=1, name="SimTrace DFU Interface - Bootloader Partition" Found DFU: [0x16c0:0x0762] devnum=17, cfg=0, intf=0, alt=2, name="SimTrace DFU Interface - RAM" However, I'm not able to write a firmware. I tried the main_simtrace.bin that Harald posted to this list some days ago. root@greta:~# dfu-util -d 16c0:0762 -a0 -D /home/martin/tmp/main_simtrace.bin -R dfu-util - (C) 2007-2008 by OpenMoko Inc. This program is Free Software and has ABSOLUTELY NO WARRANTY dfu-util does currently only support DFU version 1.0 Opening USB Device 0x16c0:0x0762... Found Runtime: [0x16c0:0x0762] devnum=17, cfg=0, intf=0, alt=0, name="SimTrace DFU Interface - Application Partition" Claiming USB DFU Interface... Setting Alternate Setting #0 ... Determining device status: state = dfuERROR, status = 8 dfuERROR, clearing status Determining device status: state = dfuIDLE, status = 0 dfuIDLE, continuing Transfer Size = 0x0100 bytes_per_hash=417 Starting download: [#################################################dfu_download: usb_control_msg returned -32: error sending control message: Broken pipe Error during download Retrying multiple times, I always get the same error. I tried resetting the board with the bootloader button pressed, this didn't change anything. While trying to flash the firmware, there was no sim inserted and no phone connected. Does anyone have an idea what else I can try to track down the problems and get the board up and running? Thanks in advance, Martin

3 5

Corrupted git repository?
by Myonium 16 Feb '12

16 Feb '12

Hi I’m not very familiar with git, but there is something strange with the git repository “git://git.gnumonks.org/openpcd.git”: First of all the the identical revision number “4f7ca20bf40b911c035264d86ef0359d20e7ac88” appears several times: git rev-parse --all 4f7ca20bf40b911c035264d86ef0359d20e7ac88 4f7ca20bf40b911c035264d86ef0359d20e7ac88 4f7ca20bf40b911c035264d86ef0359d20e7ac88 f49cbc1f2503f737a96296993133aec065910935 4f7ca20bf40b911c035264d86ef0359d20e7ac88 3aa065ac48f21ce7c4d0879686fb07b04a60771f 45c13574ff89e3139567943e6a6cae82e754eab0 0febfc567d3f9441811a5490f0ea4d960798d313 Compiling “4f7ca20bf40b911c035264d86ef0359d20e7ac88” results in a not working firmware, even so the changes (PPS changes from Harald) are all correct. (I applied these changes to the v0.4 firmware (revision ebf16b4ddf0dcbadf96aebdec3304f703917fdc7) and it works all nicely.) Could somebody have a look ... Regards, Ben

1 0

SIM dissector now wireshark mainline
by Harald Welte 06 Feb '12

06 Feb '12

Hi all! JFYI, the SIM protocol dissector has finally been merged into wirshark mainline (svn rev. 40854). This means that the daily builds from https://www.wireshark.org/download/automated/osx/ and https://www.wireshark.org/download/automated/win32/ will now work out-of-the-box for SIM card tracing, without applying any patches. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

Getting started - unable to connect to the device
by Mat 31 Jan '12

31 Jan '12

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, I have a v1.1p production board, and I am having problems getting started. I am running Arch Linux, so some things may be different from a Debian base. I have not yet tried interfacing the board from a Ubuntu/Debian workstation. I have succesfully compiled SIMtrace and its dependencies. The problem is at no point have I gotten a connection to the board. dmesg shows nothing and lsusb never shows the device. I have libusb configured on this system and programmed other avr devices. I tried to access the board with SAM-BA by following the firmware page. I only see the red LED faintly light when I'm jumping VCC to test, but nothing once I reconnect USB. I am right to assume that with a newly acquired board, I have to flash it with the firmware? Do you have any clues to help me talk to the SIMTrace board? I haven't found much explanation of bootloader and reset buttons on the wiki... Should I simply try with and Ubuntu/Debian workstation? Thanks, Mat -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iF4EAREIAAYFAk8ks/kACgkQsluIOvRklphpcQEAvZNvtBPS376K5emsLfsYQhhk pQTKYwNy7US8/W8Z4GwBAKE8Qyu8URJmF4gZ1kzJgdzFQuo2918GmNaXSCTvT0nS =5g4w -----END PGP SIGNATURE-----

6 10

Problems
by Martin Paljak 29 Jan '12

29 Jan '12

Hello, I have a v1.1p running Version 0.4 compiled 20120113-094258 by ich@sanmingze, connected between a Nokia 1616 and a macbook pro. Host side software (including libusb) is from Git and running inside a VMWare Fusion Debian 6 32bit VM. The SIM card is: http://smartcard-atr.appspot.com/parse?ATR=3b9f95801f438031e073362113574a33… Everything seems to work every now and then (I got a successful trace of the things that interest me yesterday) but it doesn't seem to be predictable. After following the "a problematic sim" thread I added more logging to the simtrace application and generated a log. The symptom is that everything works from phone startup, but then stalls. After some time (when starting the OTA SIM application) simtrace ends with "error usb bulk in .. -9" The serial debug console doesn't show more than the initial startup. Do I understand correctly that the fix proposed in "a problematic sim" is for the firmware, which is not yet present in my version? I attach the output from simtrace with the additional logging. Any ideas? Is it OK to use simtrace from virtual machine or is bare hardware required/best ? Thanks, Martin

4 9

LTE SIM traces, anyone?
by Harald Welte 25 Jan '12

25 Jan '12

Hi all, I was wondering if anyone has access to a LTE device (like a 4G USB dongle) and has been able to trace the communication between the SIM card and the device yet. If so, it would be great to get some traces. Feel free to patch out the IMSI, PIN number or any other private details (or simply filter those messages, if you care to). Thanks in advance, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

3 4

← Newer
1
...
26
27
28
29
30
31
32
...
35
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

simtrace