sim cards cloning instructions - GSM-Forum

G-Man · 09-06-2001, 17:53

Ok I am going to buy a card programmer so I can clone sim cards can someone write me idiot proof instructions on how to do it please.

creamyUK · 09-07-2001, 00:08

THIS IS NOT MY WORK.

ALL thanks go to l4z4ru5 for this text, hope he doesn't mind.

Right then peeps, here goes........

Hardware

Goldcard programmer Phoenix / Smartmouse interface

The programs you will need are........

CARDinal 68 - For IMSI and Ki extraction TwinSIN - To generate PIC and EEPROM files. Based on Ronnys SimPic v6.5

or

Dejans SIM_Scan v1.21 - IMSI and Ki extraction Dejans GSM_PIC - PIC and EEPROM - note both contained in same hex for use in gold_pic Dejans Gold_PIC - To program goldcards with Dejans circuit

You can mix and match these a bit as I will explain

 The first thing you will have to do is extract Ki

**VERY IMPORTANT**

Extracting Ki involves brute force cracking. Post 2000 SIMs can be protected against this and can **** an internal fuse after so many attempts. SIM_Scan claims to work with 70% of all SIM cards due to a new algorithm. I have no idea about cardinal but cardinal did work with my contract SIM which is only 8 months old. PAYG SIMs are far more likely to die then contract SIMs.

The process can take upto 16 hours !!!!

DO NOT ATTEMPT TO EXTRACT KI IF YOU CARE ABOUT LOSING YOUR SIM.

Also back up all numbers etc etc

To extract Ki use Sim_Scan or cardinal. I cannot get the Ki extraction to work with simscan and my machine crashes so I cannot help with that.

I used cardinal, simply go to the security menu and then Ki extraction. You will of course need your phoenix/smartmouse for this stage as well.

Once it starts, best turn off the monitor and find something else to do for the rest of the day and night. It does save log files automatically and if anything happens you can just load up the last log and continue. It took about 9 hours on my PII 400 and the interface at 3.57MHz.

You will also need to get the IMSI from cardinal as well. There is a small fault in the program and the IMSI it displays is wrong. To get the correct one....

Say the IMSI number it displays is this...

356735378494435

split it like so

3 | 56 | 73 | 53 | 78 | 49 | 44 | 35

then add number at begining and flip rest as so...

Always add 08 at beginning and 9 after the first number

08 | 3+9 | 65 | 37 | 35 | 87 | 94 | 44 | 53

So your IMSI is

083965373587944453 -- hope that make sense

Once you have your Ki and IMSI fire up TwinSim, enter the numbers and generate the PIC and EEPROM. I'm sure everyone can handle it from there.

Dejans GSM_SIM on the other is different. The hex file contains the PIC code and internal and external eeprom. You will need to split this if you don't use gold_pic to program the card.

Once the card is programmed you need to run SIM_Scan and enter IMSI and Ki with the F6 function

I'm still playing with this but someone I know has got it working. It does appears to have a few bugs in it from what he has said.

TwinSim can only handle two accounts, GSM_PIC can handle four but there is not very much room for SMS, stored numbers etc. Not sure what happens with answerphone numbers etc....

As for SP Lock. The SIM will have no forbidden networks on it but I still think you would need to get the phone unlocked. Not really sure.

Hope I have explained everything ok

ONLY DO THIS WITH YOUR OWN SIMS, DO NOT TURN BOTH ON AT THE SAME TIME !!!!!

By l4z4ru5

forgezzi · 09-07-2001, 00:33

Hi, What would happend if the two SIM (cloned and the original) cards are ON at the same time but in different countries? Regards Forgezzi

d_bug · 09-07-2001, 02:34

well said creamyUK, credits to all sim buffs! *and master dejan got something new*

[ 07 September 2001: Message edited by: d_bug ]

Fludor · 09-07-2001, 03:45

Hi guys I have made two sim card reader interfaces an o one work, i have check the schematic and is corect, i use only new components but no hope, i always get the same error "card don't send answer to reset" Oh, i forgot to tell you that i have made shcemstic by dejan, what can you tell me about his schematic, is good or not?

Reagards Fludor

Zianna · 09-07-2001, 08:58

To Fludor, i made this easy sim reader witer / phoenix compatible, worked first time .

realy easy schematic, realy cheap,realy works ...

have phun

[ 07 September 2001: Message edited by: Zianna ]

G-Man · 09-07-2001, 09:41

Ok it seems easy enough where can I get the programmer that I need to do the job? I don't want to make one I want an already setup and ready to go one. As cheap as possible.

TheEckoMan · 09-07-2001, 11:01

Zianna, i went to the site from the picture of your sim reader thing, i cant understand it. I only speak english and portuguese. Do u sell them ? Cause i like the one in the pic, can u sell it to me ? Thanks

Demon_Ok · 09-07-2001, 11:18

Hi TheEckoMan.

<a href="http://www.volny.cz/id2/main.htm" target="_blank">http://www.volny.cz/id2/main.htm</a>

Zianna · 09-07-2001, 12:14

hi there no, i dont sell them, i made that from the schematics from that site... very easy ..

 u dont have to understand it, just follow the wiring diagram on the site ....

hope this helps Zianna

Zianna · 09-07-2001, 12:17

TO G-man the programer u refer to, is that for pic and eeprom, for that iused a jdm programmer, found at <a href="http://www.jdm.homepage.dk," target="_blank">www.jdm.homepage.dk,</a> programmed it using ic prog link on jdm's site ...

i also build a paralell port programer from <a href="http://www.picallw.com" target="_blank">www.picallw.com</a> (realy cool and reliable) but pic pro cant do smart cards only physicla pics, the second schematic there can do iso cards, eeprom, pics avr's.....

have phune Zianna

[ 07 September 2001: Message edited by: Zianna ]

masterross · 09-07-2001, 16:30

You can find good LPT PIC/24cXX programmer <a href="http://programmers.hit.bg/" target="_blank">here</a> It's tested by me and work perfect <img src="smile.gif" border="0"> <img src="smile.gif" border="0"> <img src="smile.gif" border="0">

Neo's · 09-07-2001, 16:40

where can i buy sim reader witer / phoenix compatible <img src="biggrin.gif" border="0">

[ 07 September 2001: Message edited by: Neo's ]

G-Man · 09-07-2001, 17:16

Would an elvis do the job?

[ 07 September 2001: Message edited by: G-Man ]

l4z4ru5 · 09-07-2001, 20:05

[quote]Originally posted by creamyUK: THIS IS NOT MY WORK.

ALL thanks go to l4z4ru5 for this text, hope he doesn't mind.

<hr></blockquote>

hehehehehe

Is there a board around that someone has not pasted this to. It keeps turning up in the strangest of places and then ends up here which is where I found out most of the info in the first place.

Ummmm.........rate me.......lol <img src="biggrin.gif" border="0">

09-06-2001, 17:53	#1 (permalink)
G-Man No Life Poster Join Date: Apr 2001 Location: London, England Posts: 705 Member: 4168 Status: Offline Thanks Meter: 1	sim cards cloning instructions Ok I am going to buy a card programmer so I can clone sim cards can someone write me idiot proof instructions on how to do it please.

09-07-2001, 00:08	#2 (permalink)
creamyUK Insane Poster Join Date: Jul 2001 Location: UK Posts: 59 Member: 5229 Status: Offline Thanks Meter: 1	THIS IS NOT MY WORK. ALL thanks go to l4z4ru5 for this text, hope he doesn't mind. Right then peeps, here goes........ Hardware Goldcard programmer <br />Phoenix / Smartmouse interface The programs you will need are........ CARDinal 68 - For IMSI and Ki extraction <br />TwinSIN - To generate PIC and EEPROM files. Based on Ronnys SimPic v6.5 or Dejans SIM_Scan v1.21 - IMSI and Ki extraction <br />Dejans GSM_PIC - PIC and EEPROM - note both contained in same hex for use in gold_pic <br />Dejans Gold_PIC - To program goldcards with Dejans circuit You can mix and match these a bit as I will explain <br />The first thing you will have to do is extract Ki VERY IMPORTANT Extracting Ki involves brute force cracking. Post 2000 SIMs can be protected against this and can **** an internal fuse after so many attempts. SIM_Scan claims to work with 70% of all SIM cards due to a new algorithm. I have no idea about cardinal but cardinal did work with my contract SIM which is only 8 months old. PAYG SIMs are far more likely to die then contract SIMs. The process can take upto 16 hours !!!! DO NOT ATTEMPT TO EXTRACT KI IF YOU CARE ABOUT LOSING YOUR SIM. Also back up all numbers etc etc To extract Ki use Sim_Scan or cardinal. I cannot get the Ki extraction to work with simscan and my machine crashes so I cannot help with that. I used cardinal, simply go to the security menu and then Ki extraction. You will of course need your phoenix/smartmouse for this stage as well. Once it starts, best turn off the monitor and find something else to do for the rest of the day and night. It does save log files automatically and if anything happens you can just load up the last log and continue. It took about 9 hours on my PII 400 and the interface at 3.57MHz. You will also need to get the IMSI from cardinal as well. There is a small fault in the program and the IMSI it displays is wrong. To get the correct one.... Say the IMSI number it displays is this... 356735378494435 split it like so 3 \| 56 \| 73 \| 53 \| 78 \| 49 \| 44 \| 35 then add number at begining and flip rest as so... Always add 08 at beginning and 9 after the first number 08 \| 3+9 \| 65 \| 37 \| 35 \| 87 \| 94 \| 44 \| 53 So your IMSI is 083965373587944453 -- hope that make sense Once you have your Ki and IMSI fire up TwinSim, enter the numbers and generate the PIC and EEPROM. I'm sure everyone can handle it from there. Dejans GSM_SIM on the other is different. The hex file contains the PIC code and internal and external eeprom. You will need to split this if you don't use gold_pic to program the card. Once the card is programmed you need to run SIM_Scan and enter IMSI and Ki with the F6 function I'm still playing with this but someone I know has got it working. It does appears to have a few bugs in it from what he has said. TwinSim can only handle two accounts, GSM_PIC can handle four but there is not very much room for SMS, stored numbers etc. Not sure what happens with answerphone numbers etc.... As for SP Lock. The SIM will have no forbidden networks on it but I still think you would need to get the phone unlocked. Not really sure. Hope I have explained everything ok ONLY DO THIS WITH YOUR OWN SIMS, DO NOT TURN BOTH ON AT THE SAME TIME !!!!! By l4z4ru5

09-07-2001, 00:33	#3 (permalink)
forgezzi Junior Member Join Date: Sep 2001 Posts: 1 Member: 6187 Status: Offline Thanks Meter: 0	Hi,<br />What would happend if the two SIM (cloned and the original) cards are ON at the same time but in different countries?<br />Regards<br />Forgezzi

09-07-2001, 02:34	#4 (permalink)
d_bug Freak Poster Join Date: Jan 2001 Location: 13 00 N, 122 00 E (PH) Posts: 364 Member: 3156 Status: Offline Thanks Meter: 63	well said creamyUK, credits to all sim buffs! and master dejan got something new<br /> [ 07 September 2001: Message edited by: d_bug ]</p>

09-07-2001, 03:45	#5 (permalink)
Fludor Freak Poster Join Date: Jan 2001 Location: Be Age: 48 Posts: 467 Member: 3081 Status: Offline Thanks Meter: 8	Hi guys<br /> <br /> I have made two sim card reader interfaces an o one work, i have check the schematic and is corect, i use only new components but no hope, i always get the same error "card don't send answer to reset"<br /> Oh, i forgot to tell you that i have made shcemstic by dejan, what can you tell me about his schematic, is good or not? Reagards Fludor

09-07-2001, 08:58	#6 (permalink)
Zianna Major Poster Join Date: Jan 2001 Location: South Africa Posts: 49 Member: 3068 Status: Offline Thanks Meter: 0	To Fludor, i made this easy sim reader witer / phoenix compatible, worked first time . realy easy schematic, realy cheap,realy works ... have phun [ 07 September 2001: Message edited by: Zianna ]</p>

09-07-2001, 09:41	#7 (permalink)
G-Man No Life Poster Join Date: Apr 2001 Location: London, England Posts: 705 Member: 4168 Status: Offline Thanks Meter: 1	Ok it seems easy enough where can I get the programmer that I need to do the job? I don't want to make one I want an already setup and ready to go one. As cheap as possible.

09-07-2001, 11:01	#8 (permalink)
TheEckoMan No Life Poster Join Date: Mar 2001 Location: Australia, Melbourne Age: 37 Posts: 548 Member: 3902 Status: Offline Thanks Meter: 19	Zianna, i went to the site from the picture of your sim reader thing, i cant understand it.<br />I only speak english and portuguese. <br />Do u sell them ? Cause i like the one in the pic, can u sell it to me ?<br />Thanks

09-07-2001, 11:18	#9 (permalink)
Demon_Ok No Life Poster Join Date: Mar 2001 Location: Kazakhstan Age: 48 Posts: 522 Member: 3528 Status: Offline Thanks Meter: 5	Hi TheEckoMan. <a href="http://www.volny.cz/id2/main.htm" target="_blank">http://www.volny.cz/id2/main.htm</a>

09-07-2001, 12:14	#10 (permalink)
Zianna Major Poster Join Date: Jan 2001 Location: South Africa Posts: 49 Member: 3068 Status: Offline Thanks Meter: 0	hi there no, i dont sell them, i made that from the schematics from that site... very easy .. <br />u dont have to understand it, just follow the wiring diagram on the site .... hope this helps<br />Zianna

09-07-2001, 12:17	#11 (permalink)
Zianna Major Poster Join Date: Jan 2001 Location: South Africa Posts: 49 Member: 3068 Status: Offline Thanks Meter: 0	TO G-man the programer u refer to, is that for pic and eeprom, for that iused a jdm programmer, found at <a href="http://www.jdm.homepage.dk," target="_blank">www.jdm.homepage.dk,</a> programmed it using ic prog link on jdm's site ... i also build a paralell port programer from <a href="http://www.picallw.com" target="_blank">www.picallw.com</a> (realy cool and reliable) but pic pro cant do smart cards only physicla pics, the second schematic there can do iso cards, eeprom, pics avr's..... have phune <br />Zianna [ 07 September 2001: Message edited by: Zianna ]</p>

09-07-2001, 16:30	#12 (permalink)
masterross No Life Poster Join Date: Mar 2001 Location: Earth Posts: 919 Member: 3506 Status: Offline Thanks Meter: 6	You can find good LPT PIC/24cXX programmer <a href="http://programmers.hit.bg/" target="_blank">here</a><br />It's tested by me and work perfect <br /> <img src="smile.gif" border="0"> <img src="smile.gif" border="0"> <img src="smile.gif" border="0">

09-07-2001, 16:40	#13 (permalink)
Neo's Freak Poster Join Date: Apr 2001 Location: Switzerland Age: 46 Posts: 272 Member: 4172 Status: Offline Thanks Meter: 0	where can i buy sim reader witer / phoenix compatible <img src="biggrin.gif" border="0"> [ 07 September 2001: Message edited by: Neo's ]</p>

09-07-2001, 17:16	#14 (permalink)
G-Man No Life Poster Join Date: Apr 2001 Location: London, England Posts: 705 Member: 4168 Status: Offline Thanks Meter: 1	Would an elvis do the job? [ 07 September 2001: Message edited by: G-Man ]</p>

09-07-2001, 20:05	#15 (permalink)
l4z4ru5 Junior Member Join Date: Aug 2001 Posts: 5 Member: 5818 Status: Offline Thanks Meter: 0	[quote]Originally posted by creamyUK:<br /><strong>THIS IS NOT MY WORK. ALL thanks go to l4z4ru5 for this text, hope he doesn't mind. </strong><hr></blockquote> hehehehehe Is there a board around that someone has not pasted this to. It keeps turning up in the strangest of places and then ends up here which is where I found out most of the info in the first place. Ummmm.........rate me.......lol <img src="biggrin.gif" border="0">

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Sim Card Cloning and Sim Card copying explained	pager12	Sim Cloning and Scaning	11	08-23-2008 21:09
Sim Card Cloning Instructions Here	GSM Solutions Ireland	Sim Cloning and Scaning	12	06-17-2003 15:10
SIM card cloning	messiah	Old Ericsson Phones & Sony Phones	6	09-27-2001 11:28
READY TO BUY SIM CARD CLONING SOFTWARE AND HARDWARE	NASSAN	Main Sales Section	5	07-23-2001 13:04
Ready to buy gsm SIM CARD CLONING software and hardware	NASSAN	Main Sales Section	1	07-22-2001 08:43