GSM Mobile hacking - Using SIM Cloning!
* Security Tutorials
Let's talk about the fun stuff. The first trick I will discuss is an activity that is becoming quite prevalant, SIM cloning. If you have paid attention to any cell phone related tutorials in the past, then you may remember cloning being made popular by certain public figures like Kevin Mitnick in order to place calls on the bill of another subscriber. Well, even with GSM this trick still holds relevant. How could such a flaw exist in a system that is obviously concentrated on preventing such fraudulant use? The flaw is within the COMP128 authentication algorithm used as an instantiation of A3/A8 widely used by gsm providers. Unfortunately for these providers, the COMP128 algorithm is just not strong enough to prevent fraud. We attack the algorithm by using a chosen-challenge attack, which works by forming a number of specially-chosen challenges and querying the SIM card for each one. Then by analyzing the responses from these queries, we are able to determine the value of the secret key that is used for authentication. So how do we perform this attack?
Well there are a few things you need before you start. First you will need to buy a SIM card reader, a card programmer, empty silver pic 2 card, and an unregulated adapter, and if you don't have one a 9 pin male to female extension cable. You can probably put a bid on ebay for most of this hardware, or just google up some sites that sell them. You will also need some software for this trick. First you will need a SIM card editor. An excellent piece of software to use in this instance is Cardinal Sim Editor, which you can find (including the crack for it) at the below link...
Another tool you will is CardMaster, which once again you can find at the below link...
Finally what you will need is a SIM card emulator. An excellent example...
Please join StudyMode to read the full document