-
Notifications
You must be signed in to change notification settings - Fork 2
/
README.orig
65 lines (47 loc) · 3.07 KB
/
README.orig
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
README:
SIMbrush is a new open-source tool usable to extract all observable memory from SIM/USIM cards compatible with T_0 protocol.
This program is capable of acquiring standard and nonstandard files present into every GSM/GPRS/UMTS SIM card. The operation
of dumping all files is time consuming and the extraction time is proportional to the number of dedicated files present in
the filesystem. The output of program is an XML file representing the SIM/USIM card filesystem. Actually the program
functions only on Linux platform, but is possible recompile it on Windows.
The program is highly experimental and has been created with the purpose to demostrate the presence of nonstandard elementary
files, usable also to conceal hidden data (steganography). It should be completed in order to be usable in an enterprise enviorement.
SIMbrush is composed of several files:
-- Makefile
-- SIMbrush.c
-- dirtree.c
-- dirtree.h
-- gsm-constant.h
-- pcsc-wrappers.c
-- pcsc-wrappers.h
-- utils.c
-- utils.h
-- xml-results.c
-- xml-results.h
INSTALLATION:
In order to use SIMBrush it is mandatory to install the pcsc-lite package (http://pcsclite.alioth.debian.org/),
together with the smartcard reader driver. After that, it is sufficient use the "make" command in order to
create the executable file.
1) Start, with root privileges, the pcscd deamon (i.e. /usr/local/sbin/pcscd -f -d)
2) Insert a SIM/USIM card in the smartcard reader. At this point you should be able to see the ATR response
home-server:/home/savoldi # /usr/local/sbin/pcscd -f -d
pcscdaemon.c:259:main() pcscd set to foreground with debug send to stderr
debuglog.c:211:DebugLogSetLevel() debug level=debug
pcscdaemon.c:464:main() pcsc-lite 1.3.2 daemon ready.
hotplug_libusb.c:407:HPAddHotPluggable() Adding USB device: 003:003
readerfactory.c:1093:RFInitializeReader()
Attempting startup of AseIIIeUSB 00 00 using /usr/local/pcsc/drivers/ifd-AseIIIeUSB.bundle/Contents/Linux/ifd-AseIIIeUSB
readerfactory.c:930:RFBindFunctions() Loading IFD Handler 2.0
eventhandler.c:419:EHStatusHandlerThread() Card inserted into AseIIIeUSB 00 00
Card ATR: 3B 9F 94 80 1F C3 80 31 E0 73 FE 21 11 63 3A 00 10 83 07 90 00 E6
3) Start SIMBrush, follow the instruction and choose the "dumping mode"
-- "0": Full dumping => the resulting xml file will contain all standard and nonstandard files present in the SIM/USIM
-- "1": Partial dumping => the resulting xml file will contain only the standard files, according to the ESTI 100977
standard
4) The extraction time for the "Partial" dumping is less then one minute, being the access to the standard elementary files
direct. Instead, for the "Full" dumping the extraction time is proportional to the numbers of dedicated time present in the
filesystem.
5) The resulting extracted image is present in the folder "./results/xml-results/" and it has the standard name "image.xml".
This represents the "raw" image related to the SIM/USIM card under analysis.
6) The subsequent step is to translate this image with the wrapper tools, in order to read the extracted data in an intellegible
form.