Smart Card Sniffing And Debugging Tool Wiki
Smart Card Sniffing And Debugging Tool for contact based SIM/ME comm.
Brought to you by:
gittebager
Menu
▾
▴
GettingStarted
Attachments
000000.png
(13684 bytes)
000001.png
(47951 bytes)
000002.png
(12969 bytes)
000003.png
(3102 bytes)
Short guide for using the SCSDT SW
Table of Contents
Short guide for using the SCSDT SW
What can the SCSDT software do?
Introduction
Smart Card Sniffing And Debugging Tool - SCSDT is an open source project
used within the smart card industry for logging, testing and debugging
the communication between a contact based Smart Card and a handset.
What can the SCSDT software do?
The SCSDT can sniff the communication between a handset and an ME. The
software was originally designed to be used with a piece of proprietary
hardware, called the Sniffer.
The Sniffer hardware was invented, designed and created by Dennis Vitus
Lajer Rasmussen.
The software was written by Gitte Bager – the author of this document.
In parallel with the work done for using the tool as a hardware logger,
the tool was also extended such that it could be used as a simulator,
i.e. by enabling the software to take recorded hardware data and use as
input.
In summary the SCSDT Software tool can be used in three different modes.
1) HW logging mode (when a hardware item is available):
SCSDT is used to log the communication between SIMME in high level or
Low level format.
2) Simulation mode: Used to emulate that data is sent from the Sniffer
hardware (used for testing only) and requires a data file of the form:
Data Status (explained later).
3) Converted bit file to IO mode: Used as a converter tool for
interpreting a converted low level log (previously recorded by the
hardware and stored as a .bit file) IO log with timing information.
Start the sniffer tool by double clicking: Sniffer.exe.
Below follows the instructions for how to use each of the modes.
HW logging
1) Choose HW logging
2) Choose to log either low or high level data. Currently there is only
support for one mode at the time.
High level data takes the form: [Data byte , status byte].
Low level data is stored in a binary file with the file extension
“.bit.”
3) Open the connection to the attached and installed Sniffer HW. The
Status should then change to Connected.
Simulation mode
1) Choose Sniffer Simulator
2) The Program will automatically enable that high level logging is
enabled as this is the only format supported.
3) Open the connection. You will then be asked to point to a .txt file
with the structure as illustrated below.
4) In the logging section, press “Start Logging”.
The format of the Sniffer simulator file is the same as that which would
be received from the hardware if running in hardware mode in high level
logging mode. The file takes the form:
Data\<space>status.
00 01\
3B 02\
16 02\
94 02\
60 02\
00 02\
07 02\
01 02\
02 02\
03 02\
00 01\
etc..
Where 00 01 indicates a HW reset (this is a special case).
After this follows the ATR, e.g. 3B 16 in the left column ..etc.
For each data byte, there is a status byte in the column to the right.
In this case, for each of the ATR bytes the data byte is 02 is ignored
and inside the USB2Simulator.cs it is set to 0x20, indicating that there
is more data to be fetched. This OR’ing is due to the fact that the
example above is from a recorded hardware log, but when used in the
simulator, to indicate that there is always more data to get, the data
is being OR’ed to indicate this.
(There are more thorough explanations on the status byte meaning in the
software Documentation).
Converted bit file mode
1) Select : Converted Bit file logging . Notice that the connection area
will gray out, this is because the tool will skip this part.
2) Press “ Start Logging “ and select a file that takes the format :
Frequency (Hz): 3252032
00 01 CLK= 477 ETU= 1.282258
3B 06 CLK= 5818 ETU= 15.639785
9F 02 CLK= 28148 ETU= 75.666664
96 02 CLK= 4840 ETU= 13.010753
80 06 CLK= 4841 ETU= 13.013441
Note: A file of that format is the output from the
TestEventTranslatorDLL.exe program which is yet another piece of
software developed to analyze a low level log file. Analyzing a low
level log file where there is much more data information (i.e. the
frequency and samples between each character and so on, allows to give
much more details about the data logged.
More about the low level format will follow in the software
documentation.
For now, this is just a walkthrough of what the SCSDT software is able
to process.
3) The analyzed data with elapsed ETUs and, CLKs and total time will
display in the window to the right.
Change log
+-------------------------+-------------------------+-------------------------+
| Date | Description | Author |
+-------------------------+-------------------------+-------------------------+
| 31-08-2013 | Initial document, | Gitte Bager |
| | version 1.00 | |
+-------------------------+-------------------------+-------------------------+
