IMEI filtering

Kévin Redon ml at mail.tsaitgaist.info
Thu Jul 25 11:31:09 UTC 2019


On Thu, Jul 25, 2019 at 01:05:54PM +0400, Emre Geckin wrote:
> I would like to know How sim card is requesting IMEI from mobile device

the [U]SIM application normally does not request the IMEI, nor any other information.
it is mainly a storage and key generation application.
it would be possible for a UICC (the card) to be "proactive" and use the "card application toolkit" to interact with the mobile though (what vadim mentioned).
to read out the IMEI, it could use the RUN AT COMMAND. see ETSI TS 102 223 for more information.
to find out which mechanism is used, you would need to monitor the UICC-ME communication (for example using SIMtrace).

> and is it protected only by CHV ?

the CHV (aka PIN) only protects files on the SIM card, not on the mobile.

> If so can I filter communication and change my mobile device IMEI number to
> something else ?

the SIMtrace hardware supports man-in-middle, but not the original firmware.
if you have a SIMtrace (v1) board (https://osmocom.org/projects/simtrace/wiki/SIMtrace) you can use the alternative firmware simlabtrace (https://github.com/kamwar/simlabTrace/wiki).
the SIMtrace v2 (https://osmocom.org/projects/simtrace2/wiki) firmware does not support MITM currently. there is also no ETA, but we are working on card emulation (you then just need a separate card reader and custom filtering software).


More information about the simtrace mailing list