11 Jan
2012
11 Jan
'12
1:42 p.m.
Hi,
as I could not find any udpates since July 2011 about MitM capable firmware here, or on
the Wiki page I wanted to check if there is currently active development of a MitM
firmware ?
I would like to use it to manipulate fields from a physical SIM / UICC in real-time, e.g.
non user editable fields like EF OPLMNwAcT.
As a next step I would like to develop a tool that simulates a UICC with several
applications on it, so that only the authentication is being made by the real UICC / SIM
and utilize the simtrace HW as the physical interface.
However the key to this is a proper firmware to interact with the ME <-> UICC
communication in real time.
I have written some classes and decoder for specific fields in Python (using Smartcard and
a PCSC compatible reader) that can read and write, authenticate etc. however I lack the
ability to write the firmware on my own.
Regards,
Dominique
11 Jan
11 Jan
3:31 p.m.
On 01/11/2012 01:42 PM, Dominique Parolin wrote:
Hi,
Hi,
it is not implemented, regarding SIM emulation there is Kevin's softsim[1].
holger
[1] http://cgit.osmocom.org/cgit/softsim/
12 Jan
12 Jan
4:58 a.m.
If you have Ki of some real SIM I believe you could get some programmable
SIM like those which were on cccamp 2011 and make those files there.
i just think it might be less time consuming than implementing all the
commands phone may be using (not sure what's implemented in softsim tho,
never used it).
cheers,
lukash
On Wed, Jan 11, 2012 at 1:42 PM, Dominique Parolin <D.Parolin(a)gmx.net>wrote;wrote:
Hi,
as I could not find any udpates since July 2011 about MitM capable
firmware here, or on the Wiki page I wanted to check if there is currently
active development of a MitM firmware ?
I would like to use it to manipulate fields from a physical SIM / UICC in
real-time, e.g. non user editable fields like EF OPLMNwAcT.
As a next step I would like to develop a tool that simulates a UICC with
several applications on it, so that only the authentication is being made
by the real UICC / SIM and utilize the simtrace HW as the physical
interface.
However the key to this is a proper firmware to interact with the ME <->
UICC communication in real time.
I have written some classes and decoder for specific fields in Python
(using Smartcard and a PCSC compatible reader) that can read and write,
authenticate etc. however I lack the ability to write the firmware on my
own.
Regards,
Dominique
11:04 a.m.
here more general info about softsim:
- to use it you must first dump the sim card data (tool available). softsim
will use this dump.
- it can not handle Ki. it either uses the auth-tuples it dumped, or
forwards the requests to the real sim.
- it implements most (used) SIM commands (but not USIM at all).
happy to help,
kevin
Excerpts from Lukas Kuzmiak's message of Thu Jan 12 04:58:02 +0100 2012:
If you have Ki of some real SIM I believe you could
get some programmable
SIM like those which were on cccamp 2011 and make those files there.
i just think it might be less time consuming than implementing all the
commands phone may be using (not sure what's implemented in softsim tho,
never used it).
cheers,
lukash
On Wed, Jan 11, 2012 at 1:42 PM, Dominique Parolin <D.Parolin(a)gmx.net>wrote;wrote:
> Hi,
>
> as I could not find any udpates since July 2011 about MitM capable
> firmware here, or on the Wiki page I wanted to check if there is currently
> active development of a MitM firmware ?
>
> I would like to use it to manipulate fields from a physical SIM / UICC in
> real-time, e.g. non user editable fields like EF OPLMNwAcT.
>
> As a next step I would like to develop a tool that simulates a UICC with
> several applications on it, so that only the authentication is being made
> by the real UICC / SIM and utilize the simtrace HW as the physical
> interface.
>
> However the key to this is a proper firmware to interact with the ME <->
> UICC communication in real time.
>
> I have written some classes and decoder for specific fields in Python
> (using Smartcard and a PCSC compatible reader) that can read and write,
> authenticate etc. however I lack the ability to write the firmware on my
> own.
>
> Regards,
> Dominique
>
>
>
>
>
>
11:18 a.m.
Thanks Lukash,
If you have Ki of some real SIM I believe you could
get some programmable
SIM like those which were on cccamp 2011 and make those files there.
I am actually less interested in cloning a SIM, rather than the development of the actual
SW than can do this stuff.
As it is yet impossible to extract the Ki of current SIMs / UICCs and the algorithm used
can be a modified one, there won't be any use for such an emulated one in a real NW.
However to get full control over fields that the actual SIM/UICC holds and that are only
editable by using ADM codes the MitM firmware would be a great tool.
You could force certain roaming scenarios, force failures for testing etc.
I understand that this might not really be useful in the scope of what simtrace is
intended for.
Will look deeper into softsim, maybe start reimplementing it in Python in the scope of
"RFC: Generic (U)SIM software"
Already have certain Python functionality to read/write/decode EFs on SIM and USIM, I am
yet lacking the physical interface to an actual phone.
Regards,
Dominique
4494
days inactive
4495
days old
5 comments
5 participants
participants (5)
-
Dominique Parolin -
Holger Hans Peter Freyther -
Kevin Redon -
Lukas Kuzmiak -
Peter Stuge