we shouldn't re-use the vendor/device ID usd by simtrace1, as the
protocol is incompatible and applications for simtrace 1 don't work with
simtrace2. Also, there's a different processor architecutre in the
hardware.
Moved the replace function from mitm.py to replace.py.
This implementation is context insensitive for now. It would be
better, to have a mitm class or to pass state information to the
function. Because how else can the MITM code know, whether it gets
passed data to or from the sim card, to or from the phone?
There are more instruction codes, after which data is expected
from the SIM card. Therefore, the array with commands known to
expect SIM card data has been extended. Feel free to extend it
even further.
!! ATTENTION !!
The only synchronization mechanism for parsing APDUs
(naively looking for a 0xA0 byte) is deactivated! It only worked
well for the sniffing mode, but getting out of sync is fatal for
the MITM mode.
!! A NEW MEANS OF SYNCHRONISATION HAS TO BE FOUND !!
When the command a0 c0 00 00 16 was send, and the the bytes
a0 c0 00 00 where read first, and then only the byte 16 was read
from simtrace, the code never entered the if condition if cmd is not
None, and therefore never executed send_receive_cmd.
Bug fix: Check for state APDU_S_SEND_DATA after apdu_split (parsing)
the ACK-instruction byte, in case it was an instruction which requires
an answer from the SIM card.
SCardTransmit expects the last function parameter cmd (the bytes
to be send) to be of type list, but we pass a binary array to
send_receive_cmd.
Therefore, the cmd array has to be converted using its function
tolist().
The code was used as early debug code to read different files from
the SIM card and therefore acquire the IMSI, and other SIM card
specific information.
This only was useful for testing that the firmware worked properly.
Is is not needed for regular use cases.
The commands "cmd1", "cmd2", "cmd_poweron", "cmd_poweroff",
"cmd_get_slot_stat", "cmd_get_param" where early test commands,
but have not been used as such in moths.
A programmer, who wants to send commands to the smartcard, should
use the functions of ccid_raw.py (e.g. send_receive_cmd) instead.
With the python module scapy the headers of each layer have to be created
by hand. Furthermore, in order to use it, the program would have to be
started as root.
Using sockets would be the better. The reason for using scapy was, that
it was the first best thing that I found when searching for python
socket communication.
The next step would be to open and close the socket only once instead
of every time an APDU is send to wireshark.
Furthermore, the ATR probably has to be treated differently from APDU packets.
The data type of incoming and outgoing data should be the same
at all points of the program to make it consistent.
For this program the data type is array.array.
The code used a vendor and product id taken from Atmel example code.
Now it is changed to the vendor and product id, which was also previously
used in the original SIMtrace code.
* Sniffer uses phone endpoints for communication and the ringbuffer
routines the phone communication uses
* Most times the Usart1 interrupt is not triggered, and therefore
no values are recorded
