On Thu, Jul 25, 2019 at 01:05:54PM +0400, Emre Geckin wrote:
I would like to know How sim card is requesting IMEI
from mobile device
the [U]SIM application normally does not request the IMEI, nor any other information.
it is mainly a storage and key generation application.
it would be possible for a UICC (the card) to be "proactive" and use the
"card application toolkit" to interact with the mobile though (what vadim
mentioned).
to read out the IMEI, it could use the RUN AT COMMAND. see ETSI TS 102 223 for more
information.
to find out which mechanism is used, you would need to monitor the UICC-ME communication
(for example using SIMtrace).
and is it protected only by CHV ?
the CHV (aka PIN) only protects files on the SIM card, not on the mobile.
If so can I filter communication and change my mobile
device IMEI number to
something else ?
the SIMtrace hardware supports man-in-middle, but not the original firmware.
if you have a SIMtrace (v1) board (
https://osmocom.org/projects/simtrace/wiki/SIMtrace)
you can use the alternative firmware simlabtrace
(
https://github.com/kamwar/simlabTrace/wiki).
the SIMtrace v2 (
https://osmocom.org/projects/simtrace2/wiki) firmware does not support
MITM currently. there is also no ETA, but we are working on card emulation (you then just
need a separate card reader and custom filtering software).