Hi Gorka,
On Tue, Apr 21, 2015 at 10:47:10AM +0000, de Miguel, Gorka wrote:
Dear friends,
First of all, let me introduce myself. My name is Gorka De Miguel and I am working in my
master´s thesis right now. On it, I am
+trying to do a man in the middle attack to
my own cellphone and trying to obtain the data that reaches the SIM card. For that I am
+using a simtrace board. I have followed the user manual and the advises given in the web,
but I am not able to make it work properly.
+Once I have simtrace executable created with the libosmocom and the rest of libraries in
my computer in the way it is said in the
+web, I can execute it and some APDUs appear in the screen, but they seem to be not
useful.
"make it work properly" is a bit vague.
In these cases could you describe what your environment is (OS, simtrace version, phone,
...), what commands you are running, what
+output you are getting, and what you expected to have.
Some APDUs appearing on the screen is already a good result. Actually it's the main
purpose of SIMtrace.
> Then I wanted to log them by using HTerm,
to parse it and try to obtain the meaning of the APDUs. But the device is not recognized
+by the linux machine. I mean , it does not appear in the /dev directory. So it is
imposible to reach to it and log the APDUs using a
+different program. I also tried to recognize the device using a windows machine, but it
does not recognize it as there is not a
+simtrace driver for windows.
SIMtrace does not use the USB virtual serial port profile.
You have to talk to it using libusb directly.
I think someone managed to compile and run it under windows, but using cygwin.
Most of the users run it under linux.
> Reached this point, my questions are the
following ones; is there any way of logging de APDUS from the simtrace program?
you can directly use the text output of simtrace.
but the better way would be to use the network GSMTAP output provided by simtrace
Is there any simtrace driver for windows?
more details are available in the mailing list archive AFAIR
Do you know about anyone that was able to parse the
APDUs and understand them well?
there is a wireshark plugin to decode the SIM commands.
the APDU are well specified in ETSI TS 102.221.
Have anybody used HTerm?
no, because SIMtrace does not provide a serial port
Is anybody able to understand the APDUs obtained?
if you are looking for an example application, someone wrote a script that uses the GSMTAP
interface to get the terminal profile out
+of the traffic:
https://terminal-profile.osmocom.org/
If yes, would it be possible to obtain his/her
contact?
it should be on the web page.
but before contacting him, be sure to have understood this email and are familiar with the
cited specification.
Thank you in advance for all, every little advice will
be really helpful for me,
you're welcome