Smart Card Sniffing And Debugging Tool Wiki
Smart Card Sniffing And Debugging Tool for contact based SIM/ME comm.
Brought to you by:
gittebager
Menu
▾
▴
HWInstallationGuide
Attachments
000000.png
(12969 bytes)
000001.png
(11742 bytes)
000002.png
(46410 bytes)
00003.jpeg
(44796 bytes)
00004.jpeg
(127770 bytes)
00005.jpeg
(31881 bytes)
SCSDT – Smart Card Sniffing And Debugging Tool - Installation Guide
The hardware for the SCSDT is called the “Sniffer” and will be referred
to as this, hereafter. All hardware design and implementation was done
by Dennis Vitus Lajer Rasmussen.
Figure 1: Setup for logging communication between (U)SIM and ME. The
Sniffer sits in between SIM/Mobile. A PC is used to transfer the logged
data.
Contents
[SCSDT – Smart Card Sniffing And Debugging Tool - Installation]
Guide
A detailed view of the Sniffer
Introduction
The Sniffer is a device that is able to monitor the communication
between a (Universal) Subscriber Identification Module (U)SIM and a
Mobile Entity (ME).
During a logging session
- Data is stored to a file.
- Data logged in high level mode, is displayed real-time in
Application Protocol Data Units (APDU) manner with a short
description of the APDU, e.g. : Select, Get Response etc. - Proprietary (unknown) APDUs can be added and thereby interpreted as
well, by a simple editing of an xml file (CommandInfo.xml) lying
next to the executable. - Warnings are given if parity errors are detected during logging.
- Warnings are given if data loss during the session is detected. (If
excessive data amounts are to be processed during a very short
period).
A detailed view of the Sniffer
Front side:
On the front side of the Sniffer there is a card slot and a connector
for attaching the mobile phone’s SIM card slot via a flex cable.
Figure 2:Front side of the Sniffer
Back side
On the back side of the Sniffer there is a single USB2 connector for
connecting the Sniffer to a PC.
Figure 3: Back side of the Sniffer
Installation Guide
-
Connect the Sniffer via an USB cable to the PC.
-
The PC will detect that the new hardware is found and following will
appear. In Windows 8 inside the device manager you will get a view
like this:
- Right click the Opal Kelly xxx device and navigate to the okusb.inf
file from Opalkelly for the XEM3001 board. In case you are running
Windows 8, you will need to have a signed driver and since this
driver isn’t signed – you will need to disable this check in
startup. The below procedure is for those using WIN8 (that needs to
deactivate the signature). Others can go directly to step 4.
Metro Start Screen, open Settings (move your mouse to the
bottom-right-corner of the screen and wait for the pop-out bar to
appear, then click the Gear icon).
Click ‘More PC Settings’.
Click ‘General’.
Scroll down, and click ‘Restart now’ under ‘Advanced startup’.
‘Troubleshoot’.
Click ‘Advanced Options’
Click ‘Windows Startup Settings’
Choose option number 7 for disabling the driver signature
- Restart the PC and go to the device manager- and select the path to
the inf file once again. A pop up will appear stating that the
driver cannot be verified, ignore this and continue. After this the
driver should be installed correctly and you should see the Opal
Kelly Xem3001 device appear as below.
Once everything is installed, you should be able to run the sniffer.
- Start the Sniffer.exe. Choose the radio button with the option “USB
(hardware) Logging. Indicated with 1) below. - Then choose whether you want to log high level or low level data.
For the moment being, it is not possible to log both types of data.
A note of caution here. High level data is normally what you would
want if you need to log data on a format like:
//Select
I: A0 A4 00 00 02 3F 00
O: 9F 16
//Get Response
I: A0 C0 00 00 16
O: 85 14 1A 36 3F 00 01 00 FF FB AA 83 09 33 03 04 08 00 83 8A 83 8A 90
00
Etc.
In case you need to identify more details however, i.e. not only the
individual APDUs – but also CLKs between each character and so on, you’d
want the low level logging..
- Select Open connect and verify that the text “Connected
successfully” appears. - Press start logging.
- If you have selected high level logging, the interpreted I: O: log
will appear to the right. It will display the different APDU’s as
specified and recognized from the command.xml file. At any time you
can stop the logging and save the file (by pressing save under the
log window). You can clear the log window by pressing clear. If you
choose to log low level data, the data will be stored as low level
data that is not interpreted directly but is instead stored as a bit
file. In that case there is no live view.
Technical Data:
- Supports logging of data between (U)SIM/ME down to 8 clk/ETU.
- Quick and easy set up using a USB2.0 port
- No need for additional power supply. The Sniffer draws power from
the USB.
Change log
+-------------------------+-------------------------+-------------------------+
| Date | Description | Author |
+-------------------------+-------------------------+-------------------------+
| 31-08-2013 | Initial document | Gitte Bager |
+-------------------------+-------------------------+-------------------------+
