 |
bladox.com
Turbo SIM Toolkit Adapter Forums
|
| View previous topic :: View next topic |
| Author |
Message |
edgar
Guest
|
 Posted: Fri Mar 12, 2004 5:52 pm Post subject: fakesim |
 |
|
As of the fakesim application, how many cards can be stored/emulated?
Ed |
|
| Back to top |
|
 |
pz
Guest
|
| Posted: Sat Mar 13, 2004 5:42 am Post subject: only memory limited |
|
|
The number of SIM cards emulated depends only on free eeprom (internal memory). We haven't measured it but it could be 60-80. So enough for most of worlwide operators. 
P. |
|
| Back to top |
|
|
mitchy_g
Guest
|
| Posted: Sat Mar 13, 2004 11:37 am Post subject: |
|
|
What is the process in switching between SIMs?
Can the turbo store a SIM just by placing into the unit and storing it?
Mitch |
|
| Back to top |
|
|
pz
Guest
|
| Posted: Sat Mar 13, 2004 5:13 pm Post subject: |
|
|
| mitchy_g wrote: | | What is the process in switching between SIMs? |
Enter the IMSI and Kc number via application menu, that makes new item which when
selected initializes phone with given values - reconnects to the given operator.
So it ithe switching is done via menu.
| Quote: | Can the turbo store a SIM just by placing into the unit and storing it?
Mitch |
You must to find out the Kc - secret key stored in SIM. This key is locked and known to operator only. There are tools to reveal the number from card but it takes time - it is semi brute force search. Turbo cannot do it itself, though the programmer would do.
You need also IMSI number, it is stored on SIM but it's readable.
p. |
|
| Back to top |
|
|
Marshall
Guest
|
| Posted: Sun Sep 12, 2004 6:55 pm Post subject: STK Applications or SIM Application Toolkit basics |
|
|
Hello,
Seems I am not much familiar with how the STK Menus basically got there in the SIM card! What steps/prameters are necessary for me to insert or program an STK menu of my own into a Phase 2+ SIM card?
You can list me all required tools(development kits/software/hardware etc etc) for me to be able to insert an STK menu into my SIM card.
Please try to help me as much as you can
Mr. Marshall
Thank you in advance |
|
| Back to top |
|
|
igabriel_00
Guest
|
| Posted: Fri Jan 14, 2005 2:59 pm Post subject: |
|
|
Hi
I used sim_dump.exe utility and Turbo Programmer to read informations from SIM Card, but I didn't find nothing related to Ki
in the result from sim_dump.exe.
Wich tool from turbo-prog-utils-2.2.0 can I use to find Ki ?
Thank you |
|
| Back to top |
|
|
pz
Guest
|
| Posted: Fri Jan 14, 2005 5:17 pm Post subject: |
|
|
| igabriel_00 wrote: | Hi
I used sim_dump.exe utility and Turbo Programmer to read informations from SIM Card, but I didn't find nothing related to Ki
in the result from sim_dump.exe.
Wich tool from turbo-prog-utils-2.2.0 can I use to find Ki ?
Thank you |
sim_dump reads just known and readable files, Ki is none of these. There are tools (asim) for sim cloning that can (semi brute force) find Ki of comp128 v1 algorithm. It would be possible to implement this with turbo programmer but because new sim cards use comp123 v 2 or 3 we think it's waste of time (esp. if other tools freely available on net can be used). |
|
| Back to top |
|
|
Baz
Guest
|
| Posted: Wed Jul 06, 2005 1:49 pm Post subject: Ki from a SIM |
|
|
The second version of SIM SCAN by Dejan might help, the first was for all SIMs before 01.01.2000 and couldnīt get the Ki if the SIM was later - tried it for 9 hours for educational purposes with no success. The second works for COMP 128-1 which although has a limited number of SRES responses, Dejan found a new way around it, he said "Since almost all new SIM cards from 2000-2002 have limited running of A38 to 65536, old method for finding Ki is useless. I've found new method for finding Ki that can find Ki in range from 3000 to 36000 cipher text". FYI Ronnyīs Sim Pic brilliant piece of work and Janusī ASIM both got taken down off the net (in 1997 I think) as operators donīt like SIM cloning.
One question to the forum: did anybody see the film "Bourne Identity II"? when he escapes from the airport security area, he quickly puts the SIM card of the security agentīs mobile phone into a "box" and seems to clone it.
When the guy wakes up and calls his boss, Jason Bourne is listening to the call on his own mobile - using the cloned sim - just as if he was picking up the fixed line phone in a house which has an extension.
AFAIK this is NOT possible for three reasons: the cloning needs that the "cloner" knows the PIN, and being that he took the SIM out of the phone, would have no idea what that was (and the guy was out cold so he wasnīt going to tell him right ;O)?
Second, it would take far longer than the 4 seconds in the film to get the Ki, as the processor on the SIM has a limited bus frequency, even if Jasonīs box had two Pentiums in it.
Last but most importantly, if one phone logs into the network with the same IMSI / Ki combo as another one but in a different cell, the mobile network shuts both out.
Right?? or did I miss a trick here?
P.S. - and I guess its the same for Enemy of the State film with Gene Hackman and Will Smith - although that looked like a (pre GSM) ESN old network thing.... |
|
| Back to top |
|
|
pz
Guest
|
| Posted: Fri Jul 08, 2005 1:42 pm Post subject: Re: Ki from a SIM |
|
|
| Baz wrote: | The second version of SIM SCAN by Dejan might help, the first was for all SIMs before 01.01.2000 and couldnīt get the Ki if the SIM was later - tried it for 9 hours for educational purposes with no success. The second works for COMP 128-1 which although has a limited number of SRES responses, Dejan found a new way around it, he said "Since almost all new SIM cards from 2000-2002 have limited running of A38 to 65536, old method for finding Ki is useless. I've found new method for finding Ki that can find Ki in range from 3000 to 36000 cipher text". FYI Ronnyīs Sim Pic brilliant piece of work and Janusī ASIM both got taken down off the net (in 1997 I think) as operators donīt like SIM cloning.
|
Besides the limit of gsm_algorithm challenges the problems are:
1. there is key space that is more prone to collisions
2. comp 128-2/3 (and who knows what else is being used).
| Quote: |
One question to the forum: did anybody see the film "Bourne Identity II"? when he escapes from the airport security area, he quickly puts the SIM card of the security agentīs mobile phone into a "box" and seems to clone it.
When the guy wakes up and calls his boss, Jason Bourne is listening to the call on his own mobile - using the cloned sim - just as if he was picking up the fixed line phone in a house which has an extension.
AFAIK this is NOT possible for three reasons: the cloning needs that the "cloner" knows the PIN, and being that he took the SIM out of the phone, would have no idea what that was (and the guy was out cold so he wasnīt going to tell him right ;O)?
|
Many people don't use PIN, there are operators that even sell sim cards
without PIN as default.
| Quote: |
Second, it would take far longer than the 4 seconds in the film to get the Ki, as the processor on the SIM has a limited bus frequency, even if Jasonīs box had two Pentiums in it.
|
The speed limitation lies in the SIM itself and the slow bus.
| Quote: |
Last but most importantly, if one phone logs into the network with the same IMSI / Ki combo as another one but in a different cell, the mobile network shuts both out.
Right?? or did I miss a trick here?
|
Yes, you are right, net would kill the imsi. Pure fiction.
| Quote: |
P.S. - and I guess its the same for Enemy of the State film with Gene Hackman and Will Smith - although that looked like a (pre GSM) ESN old network thing.... |
Don't know this movie, pre-gsm mobiles could be tuned/eavesdropped with normal receiver. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
