catarrh/simtrace
1
0
Fork 0
mirror of https://gitea.osmocom.org/sim-card/simtrace.git synced 2026-03-16 21:28:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
adf48db1b35e0107526114a6c685977626e12f5c
simtrace/docs/chapters/using_sniff.xml
Holger Hans Peter Freyther adf48db1b3 usermanual: Obey the docbook schema for xmlto 
dblatex was more forgiving, add missing tags to make xmlto happy
2012-04-07 11:39:07 +02:00

73 lines
3.1 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<chapter id="chapter_sniff">
<title>Sniffing your SIM</title>
<section id="hw_setup">
<title>Connecting your device</title>
<para>You will need to put your SIM into the SIMtrace hardware, connect
one of the four flex cables to the SIMtrace hardware, put the other side
into the SIM socket of your phone. Use USB to connect the SIMtrace hardware
to the PC. On your PC you should be able to see the USB device now.</para>
<figure><title>Connecting the SIMtrace Hardware</title>
<mediaobject>
<imageobject>
<imagedata fileref="images/simtrace_hw_setup.png" width="15cm"/>
</imageobject>
<textobject><phrase>SIMtrace being connected</phrase></textobject>
</mediaobject>
</figure>
</section>
<section id="launching_simtrace">
<title>Launching SIMtrace</title>
<screen>
$ <command>./simtrace</command>
simtrace - GSM SIM and smartcard tracing
(C) 2010 by Harald Welte &lt;laforge@gnumonks.org&gt;
</screen>
<para>Launching the <command>simtrace</command> will try to find
the SIMtrace hardware and then try to claim the USB device. The
application will send the received data encapsulated in the GSMTAP
format on localhost and the IANA assigned GSMTAP port.</para>
</section>
<section id="launching_wireshark">
<title>Launching Wireshark</title>
<para>The <command>wireshark</command> application will start a GUI
and given the right permissions you should be able listen to the
localhost interface and filter for the GSMTAP port on 4729. You should
be able to see the decoded messages like in the figure below.</para>
<figure><title>GSMTAP in Wireshark</title>
<mediaobject>
<imageobject>
<imagedata fileref="images/wireshark-sim.png" width="16cm"/>
</imageobject>
<textobject><phrase>SIMtrace sending data</phrase></textobject>
</mediaobject>
</figure>
</section>
<section id="known_firmware_issues">
<title>Known Firmware Issues</title>
<para>For some SIM Cards the ATR and the first APDU are sent in the
same USB message and the host utility fails to split the APDUs
properly. A band-aid for the firmware exists.</para>
</section>
<section id="other_modes">
<title>Other modes</title>
<para>The hardware is capable to be used as an ordinary card reader,
provide Man-In-The-Middle (MITM) attacks, or operate as a SIM. The
firmware currently does not have support for these modes.</para>
<para>The SIMtrace hardware supports ISO7816 Part 3 T=0/T=1 protocols,
it basically can be used to intercept and analyze any traffic from (ISO7816)
smart cards. This includes SIM cards, Pay TV cards (smart card for CAM),
ATM cards, chip credit card, PKI smart cards, e-passport etc. etc. However
watch out: You have to make your chip card fitting in the "SIM card size"
ID-000 reader or build another adapter.</para>
</section>
</chapter>
Reference in New Issue View Git Blame Copy Permalink