Sim Cloning TUT

Discussion about hacker.org's server
Post Reply
Dicem
Posts: 4
Joined: Thu Jun 04, 2009 12:23 pm
Location: C.C

Sim Cloning TUT

Post by Dicem »

Clone any sim card



The following guide enables us to make clones of sims used in india
........... unlike the complicated guides you find on the net ....... i
have compiled them all together and made one simple guide which can be
followed even by beginners..covering only the relevant things needed to
know rather than going technically deep



Before i start off with this guide ..... i would like to make one thing
clear .......... SIM CLONING is illegal ..... there have been many
cases in india where people have been caught...... for cloning others
sims .......... and making calls worth thousands through it
............ recently many gsm operators in india have set up
surveillance techniques to trap people who use cloned sims............
So i once again request to everyone that please use this guide for
personal purpose only,do not use this guide for cheating ......



First off a little introduction about SIM CARDS.......



Our sim cards contain ......... two secret codes or keys called (imsi
value and ki value) which enables the operator in identifying the sim
card number and authenticate the customer ...... these codes are
related to our mobile numbers which...... the operators store in their
vast data base......... it is based on these secret keys that enables
the billing to be made to that customer. now what we do in sim cloning
is extract these two secret codes from the sim and programme it into a
new blank smart card often known as wafer........ since the operator
authentication on sims is based on these values..... it enables us to
fool the operators in thinking that its the original sim......... this
authentication is a big flaw concerning GSM technology.........



Now which sim cards can be cloned



Sim cards are manufactured on the basis of 3 algorithms....... COMP128v1,COMP128v2 and COMP128v3

now an important note currently only COMP128v1 version sim cards can be
cloned .... since this is the only algorithm which has been cracked by


users......... bear in mind that 70% of all the sim cards we use are
COMP128v1...... now which gsm operators use what algorithms..... they
are as follows:





Airtel-90% can be cloned



Hutch-75% can be cloned



bpl mobile-90% can be cloned



idea-numbers before Aug 2005 can be cloned newer cards very rare



BSNL- 0% say no - reason not comp128v1 version







OK thats it about the background..... now lets get to the Main Part





1.ITEMS NEEDED





a)Sim card Reader (phoenix or smartmouse reader)

b)Plain or Blank silver wafer card or smart card

c)Software to Extract Ki and imsi (Woron scan 1.09 is the best) DL here: http://www.easy-share.com/1905592029/wo ... 09_eng.exe

d)Wafer Card Programmer (is a hardware chipset needed to programme smart card Millenium 2000VX MAX)

e)Software to make the PIC and EEPROM files (Sim Emu 1.06 configurator by pic-ador) DL here: http://www.easy-share.com/1905592623/SI ... G_v2.2.exe

f)Software to write the PIC and EEPROM files to blank card (card master 2.1) DL here: http://www.easy-share.com/1905592645/CM21b3.exe







2.GETTING STARTED





a)Extracting the Ki and IMSI



first connect the sim card reader to the pc's com port insert your
original sim card..... run woron scan 1.06........ click on the menu
"card reader" and click settings and select the com port which the card
reader is connected to....dont change any thing else in
settings.....click ok



if you have a phoenix card reader checkmark pheonix in the card reader menu.....


now click on "IMSI select" on the task menu...... the program will now
communicate with the sim card and retrieve the imsi value........ once
u got the imsi value..... write that on a piece of paper

now in the same way retrieve the "icc value" and write that down too

now click on "Ki search" now the program hacks the sim and retrieves
the the ki value which consists of 32 numbers......... Note that it may
take up to 8 hrs to completely get the ki value....... no matter how
much faster the comp is...... this is because the sim is only capable
of recieving and sending data@9600 bits/sec...

so goto sleep.... for now.....

After u wake up ....make sure u write down the Ki value safely in a
piece of paper like u did for the imsi value........ exit woron scan....



yaaahhoooo now u can stand up and proudly say that u hacked the sim









b)Making the PIC and EEPROM files with SIM EMU configurator



first uncheck the A3A8 checkbox under security........... Please dont
enable this even from the sim services menu. If enabled, it countsback
to zero and when it reaches zero,........ it will corrupt your simcard.
In the configurator you can set the number of ADN, FDN and SMS.
...........You can use the formulae ?16448 = (ADN - 51 ) x 32 +SMS x
176 + FDN x 32 must be less than 6480? for silver wafer cards.

Then generate the Hex files forPIC and EEPROM by clicking the Generate
Hex file. With this configurator, in addition to the 16 number

slots, you can make the simcard a Motorola Test card too. In 16 in 1 configurator the positions are from

0-9 and from A-F. Each position can be customised by induvidual PIN an
PUK codes. finished making the files now next step copy these files to
the blank card using the programmer......



c)Write the files to the SILVER WAFER card



Now we have the files to be written to the Silver Wafer card. For this we need the Wafer

card programmer and the software for programming. Here i am using the Millenium 2000VX Max programmer

and the Cardmaster 2.1 software. Connect the programmer and run the software. Select the type

of card you are using. Select the port by clicking setup > port. If the port set by you is correct the red

colour with message on ststus bar changes to yellow and shows no simcard. Insert the simcard and load

the files for PIC and EEPROM in the file to PIC and file to EEPROM fields respectively. Dont change any

other settings. Now you are at the last stage.



Press F3 or click edit > Auto Program. You can watch the

status bar about what is happening. Programming the pic.. programming the eeprom... programming the

pic.... verifying.... and atlast you will get the message that the card is programmed succesfully. Here

you may ask the question why the PIC is programmed again after programming the EEPROM?. The PIC is

first programmed with the eeprom loader to program the EEPROM. then the EEPROM is programmed

through the pic. After that the contents in the pic is erased and the actual file is programmed in the PIC







d) Cutting the smart card into a Sim card...... and settings on the phone



The card which we have made is a 16 in 1 sim card....... means we can store 16 different sim card numbers in one

This is the last step guys...... cut the smart card in the shape of ur sim card...... insert the sim card in the phone.....



switch on the handset...... the phone asks for the PIN..... type ne 4
digit number this is for the first slot 0...... now the phone asks for
the PUK code again type ne 4 digit number again for the first
slot....... now the phone switches on with no network coverage...... a
network error message will appear....... this is usual because........
the main values (ki and imsi) have not entered....... so the network
operator cannot authenticate the sim.........



now the Finallee....... u would have noticed by now that a new menu
called the "sim emu 6.01" has appeared....... select it......you can
see the menus Configure, Select Phone and Information. Select Configure
and go to config postion. It asks for the position. You can select any
position from 0-9 and A-F. After selecting the position it asks for a
PIN and PUK. Always provide different PIN and PUK for each positions.
It helps us to switch to a number directly when the handset is switched
on. After PIN and PUK it asks for KI,IMSI and ICCID. You can now recall
the extracted values from STEP1 and enter it to appropriate fileds.







After doing all this..... u should now posses ur newly cloned sim
card...... u earned it congratulations..... ............. If not
then...... u must beat urself 10 times ........ and reapeat the entire
process.....

--3nj0y
AL
Post Reply