|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source |
GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets. |
| LinkBack | Thread Tools | Display Modes |
10-16-2010, 08:44 | #1 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | Everything regarding unocking/reverse engeeing please post here!!! manufacturers. Network providers use this capability to restrict the use of these phones to specific countries and network providers. Generally, phones can be locked to accept only SIM cards based on the International Mobile Subscriber Identity, which has elements of: Mobile country code (MCC; e.g., will only work with SIMs issued in one country) Mobile network code (MNC; e.g., AT&T Mobility, T-Mobile, Vodafone, Bell Mobility etc.) Mobile station identification number (MSIN; i.e., only one SIM can be used with the phone) The unlock code is verified by the phone itself, and this code is calculated by the network provider, typically by a complex mathematical algorithm that involves the IMEI of the phone in question. The algorithms used in earlier Nokia brand phones (based on IMEI and MCC code) have been reverse-engineered, stolen or leaked, resulting in many people offering Nokia unlock codes for free or for a fee. Many other manufacturers have taken a more cautious approach, and embed a random number in the handset's firmware that is only retained by the network on whose behalf the lock was applied. Such phones can often still be unlocked, but need to be connected to special unlocking boxes, such as UFS or JAF and the Universal Box that will rewrite that part of its firmware where the lock status is kept, and often even recover a phone that is "bricked" or completely damaged in the software sense. Common characteristics of such phones include no response from the phone on attempting to switch it on, though in some cases it can be recovered or "unbricked" merely by holding some keys down while switching on the phone. Most phones have security measures built into their software that prevent users from entering the unlock code too many times. After that the phone becomes "hard-locked" and a special unlocking box (mentioned above) has to be used in order to unlock it. National codes Code (MCC) ISO 3166-1 Country 412 AF Afghanistan 276 AL Albania 603 DZ Algeria 544 AS American Samoa (US) 213 AD Andorra 631 AO Angola 365 AI Anguilla 344 AG Antigua and Barbuda 722 AR Argentine Republic 283 AM Armenia 363 AW Aruba (Netherlands) 505 AU Australia 232 AT Austria 400 AZ Azerbaijani Republic 364 BS Bahamas 426 BH Bahrain 470 BD Bangladesh 342 BB Barbados 257 BY Belarus 206 BE Belgium 702 BZ Belize 616 BJ Benin 350 BM Bermuda (UK) 402 BT Bhutan 736 BO Bolivia 218 BA Bosnia and Herzegovina 652 BW Botswana 724 BR Brazil 348 VG British Virgin Islands (UK) 528 BN Brunei Darussalam 284 BG Bulgaria 613 BF Burkina Faso 642 BI Burundi 456 KH Cambodia 624 CM Cameroon 302 CA Canada 625 CV Cape Verde 346 KY Cayman Islands (UK) 623 CF Central African Republic 622 TD Chad 730 CL Chile 460 CN China 461 CN China 732 CO Colombia 654 KM Comoros 629 CG Republic of the Congo 548 CK Cook Islands (NZ) 712 CR Costa Rica 612 CI Côte d'Ivoire 219 HR Croatia 368 CU Cuba 280 CY Cyprus 230 CZ Czech Republic 630 CD Democratic Republic of the Congo 238 DK Denmark 638 DJ Djibouti 366 DM Dominica 370 DO Dominican Republic 514 TL East Timor 740 EC Ecuador 602 EG Egypt 706 SV El Salvador 627 GQ Equatorial Guinea 657 ER Eritrea 248 EE Estonia 636 ET Ethiopia 750 FK Falkland Islands (Malvinas) 288 FO Faroe Islands (Denmark) 542 FJ Fiji 244 FI Finland 208 FR France 742 GF French Guiana (France) 547 PF French Polynesia (France) 628 GA Gabonese Republic 607 GM Gambia 282 GE Georgia 262 DE Germany 620 GH Ghana 266 GI Gibraltar (UK) 202 GR Greece 290 GL Greenland (Denmark) 352 GD Grenada 340 GP Guadeloupe (France) 535 GU Guam (US) 704 GT Guatemala 611 GN Guinea 632 GW Guinea-Bissau 738 GY Guyana 372 HT Haiti 708 HN Honduras 454 HK Hong Kong (PRC) 216 HU Hungary 274 IS Iceland 404 IN India 405 IN India 510 ID Indonesia 432 IR Iran 418 IQ Iraq 272 IE Ireland 425 IL Israel 222 IT Italy 338 JM Jamaica 441 JP Japan 440 JP Japan 416 JO ****** 401 KZ Kazakhstan 639 KE Kenya 545 KI Kiribati 467 KP Korea, North 450 KR Korea, South 419 KW Kuwait 437 KG Kyrgyz Republic 457 LA Laos 247 LV Latvia 415 LB Lebanon 651 LS Lesotho 618 LR Liberia 606 LY Libya 295 LI Liechtenstein 246 LT Lithuania 270 LU Luxembourg 455 MO Macau (PRC) 294 MK Republic of Macedonia 646 MG Madagascar 650 MW Malawi 502 MY Malaysia 472 MV Maldives 610 ML Mali 278 MT Malta 551 MH Marshall Islands 340 MQ Martinique (France) 609 MR Mauritania 617 MU Mauritius 334 MX Mexico 550 FM Federated States of Micronesia 259 MD Moldova 212 MC Monaco 428 MN Mongolia 297 ME Montenegro (Republic of) 354 MS Montserrat (UK) 604 MA Morocco 643 MZ Mozambique 414 MM Myanmar 649 NA Namibia 536 NR Nauru 429 NP Nepal 204 NL Netherlands 362 AN Netherlands Antilles (Netherlands) 546 NC New Caledonia (France) 530 NZ New Zealand 710 NI Nicaragua 614 NE Niger 621 NG Nigeria 534 MP Northern Mariana Islands (US) 242 NO Norway 422 OM Oman 410 PK Pakistan 552 PW Palau 423 PS Palestine 714 PA Panama 537 PG Papua New Guinea 744 PY Paraguay 716 PE Perú 515 PH Philippines 260 PL Poland 268 PT Portugal 330 PR Puerto Rico (US) 427 QA Qatar 647 RE Réunion (France) 226 RO Romania 250 RU Russian Federation 635 RW Rwandese Republic 356 KN Saint Kitts and Nevis 358 LC Saint Lucia 308 PM Saint Pierre and Miquelon (France) 360 VC Saint Vincent and the Grenadines 549 WS Samoa 292 SM San Marino 626 ST São Tomé and Príncipe 420 SA Saudi Arabia 608 SN Senegal 220 RS Serbia (Republic of) 633 SC Seychelles 619 SL Sierra Leone 525 SG Singapore 231 SK Slovakia 293 SI Slovenia 540 SB Solomon Islands 637 SO Somalia 655 ZA South Africa 214 ES Spain 413 LK Sri Lanka 634 SD Sudan 746 SR Suriname 653 SZ Swaziland 240 SE Sweden 228 CH Switzerland 417 SY Syria 466 TW Taiwan 436 TJ Tajikistan 640 TZ Tanzania 520 TH Thailand 615 TG Togolese Republic 539 TO Tonga 374 TT Trinidad and Tobago 605 TN Tunisia 286 TR Turkey 438 TM Turkmenistan 376 TC Turks and Caicos Islands (UK) 641 UG Uganda 255 UA Ukraine 424 AE United Arab Emirates 430 AE United Arab Emirates (Abu Dhabi) 431 AE United Arab Emirates (Dubai) 235 GB United Kingdom 234 GB United Kingdom 310 US United States of America 311 US United States of America 312 US United States of America 313 US United States of America 314 US United States of America 315 US United States of America 316 US United States of America 332 VI United States Virgin Islands (US) 748 UY Uruguay 434 UZ Uzbekistan 541 VU Vanuatu 225 VA Vatican City State 734 VE Venezuela 452 VN Viet Nam 543 WF Wallis and Futuna (France) 421 YE Yemen 645 ZM Zambia 648 ZW Zimbabwe The International Mobile Equipment Identity or IMEI (pronounced /aɪˈmiː/) is a number, usually unique,[1][2] to identify GSM, WCDMA, and iDEN mobile phones, as well as some satellite phones. It is usually found printed inside the battery compartment of the phone. It can also be displayed on the screen of the phone by entering *#06# into the keypad on most phones. The IMEI number is used by the GSM network to identify valid devices and therefore can be used for stopping a stolen phone from accessing the network in that country. For example, if a mobile phone is stolen, the owner can call his or her network provider and instruct them to "ban" the phone using its IMEI number. This renders the phone useless in that country, whether or not the phone's SIM is changed. However, the phone can be used abroad As of 2004[update], the format of the IMEI is AA-BBBBBB-CCCCCC-D, although it may not always be displayed this way. The IMEISV drops the Luhn check digit in favour of an additional two digits for the Software Version Number (SVN), making the format AA-BBBBBB-CCCCCC-EE SHADAB/ANGEL PLEASE POST HERE!!!WE ALL NEED THE SAME THING!!! Last edited by coolvenom; 10-16-2010 at 08:50. |
The Following 2 Users Say Thank You to coolvenom For This Useful Post: |
10-16-2010, 09:05 | #2 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | Hash tree A binary hash treeIn cryptography and computer science Hash trees or Merkle trees are a type of data structure which contains a tree of summary information about a larger piece of data – for instance a file – used to verify its contents. Hash trees are an extension of hash lists, which in turn are an extension of hashing. Hash trees in which the underlying hash function is Tiger are often called Tiger trees or Tiger tree hashes. Contents [hide] 1 Uses 2 How hash trees work 3 Tiger tree hash 4 See also 5 References 6 External links [edit] Uses Hash trees can be used to protect any kind of data stored, handled and transferred in and between computers. Currently the main use of hash trees is to make sure that data blocks received from other peers in a peer-to-peer network are received undamaged and unaltered, and even to check that the other peers do not lie and send fake blocks. Suggestions have been made to use hash trees in trusted computing systems. Sun Microsystems has used Hash Trees in the ZFS filesystem.[1] Hash Trees are used in Google Wave protocol[2] and in tarsnap backup system. Hash trees were invented in 1979 by ***** Merkle.[3] The original purpose was to make it possible to efficiently handle many Lamport one-time signatures. Lamport signatures are believed to still be secure in the event that quantum computers become reality. Unfortunately each Lamport key can only be used to sign a single message. But combined with hash trees they can be used for many messages and then become a fairly efficient digital signature scheme. [edit] How hash trees work A hash tree is a tree of hashes in which the leaves are hashes of data blocks in, for instance, a file or set of files. Nodes further up in the tree are the hashes of their respective children. For example, in the picture hash 0 is the result of hashing hash 0-0 and then hash 0-1. That is, hash 0 = hash( hash 0-0 + hash 0-1 ) where + denotes concatenation. Most hash tree implementations are binary (two child nodes under each node) but they can just as well use many more child nodes under each node. Usually, a cryptographic hash function such as SHA-1, Whirlpool, or Tiger is used for the hashing. If the hash tree only needs to protect against unintentional damage, much less secure checksums such as CRCs can be used. In the top of a hash tree there is a top hash (or root hash or master hash). Before downloading a file on a p2p network, in most cases the top hash is acquired from a trusted source, for instance a friend or a web site that is known to have good recommendations of files to download. When the top hash is available, the hash tree can be received from any non-trusted source, like any peer in the p2p network. Then, the received hash tree is checked against the trusted top hash, and if the hash tree is damaged or fake, another hash tree from another source will be tried until the program finds one that matches the top hash. The main difference from a hash list is that one branch of the hash tree can be downloaded at a time and the integrity of each branch can be checked immediately, even though the whole tree is not available yet. This can be an advantage since it is efficient to split files up in very small data blocks so that only small blocks have to be redownloaded if they get damaged. If the hashed file is very big, such a hash tree or hash list becomes fairly big. But if it is a tree, one small branch can be downloaded quickly, the integrity of the branch can be checked, and then the downloading of data blocks can start. There are several additional tricks, benefits and details regarding hash trees. See the references and external links below for more in-depth information. [edit] Tiger tree hash The Tiger tree hash is a widely used form of hash tree. It uses a binary hash tree (two child nodes under each node), usually has a data block size of 1024-bytes and uses the cryptographically secure Tiger hash. Tiger tree hashes are used in the Gnutella, Gnutella2, and Direct Connect P2P file sharing protocols and in file sharing applications such as Phex, BearShare, LimeWire, Shareaza, DC++[4] and Valknut.[citation needed] |
The Following 2 Users Say Thank You to coolvenom For This Useful Post: |
10-16-2010, 09:11 | #3 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | POSTED ORIGINALLY BY ANGEL...I AM COPYING IT HERE TO MAKE THINGS EASY Nokia Permanent Memory..! -------------------------------------------------------------------------------- Hi, Here is little discription about Nokia PM file..! Quote: PM field [1] - RF tunning Protected pm field for phone RF tunning, callibration data Quote: PM field [4,3] - Production SN [4] 3=4D564834383034393300 - MVH480493 convert this hex data to ascii and cut null char. 4D = M 56 = V 48 = H 34 = 4 38 = 8 30 = 0 34 = 4 39 = 9 33 = 3 Quote: PM field [4,4] - Product code. 5=3035373530363900 - 0569445 Quote: PM field [4,5] - Basic production code 3035373530363900 - 0575069 Quote: PM field [4,6] - Module code 6=3032303431393700 - 0204197 Quote: PM field [4,9] - HardWare ID 9=3330303000 - 3000 Quote: PM field [4,18] - Phone oryginal IMEI 18=33353135343130343035323331393100555555555555555 55555555555555555555555555555555555555555555555555 55555555555555555555555555555555555555555555555555 5555555555555 351541040523191 - 55 55 55 are useless, when convert to ascii its UUU and two 00 are null char. Quote: PM [58, 59, 60, 61] - Phonebook contacts, old saved contacts will be in PM 58 and recently added contacts will be saved to rest fields. if PM 58 has 250 entires mean it has 250 contacts stored. Quote: PM [88,0] - life timer is stored here Quote: PM field [120] - Phone SIMLock data and SIMLock data key are stored here Quote: PM [239] - Phone MCU version, MCU release date, and all other details are stored here [239] 1=0D001D52303478524D343431303130303931323031303930 30303030312E584608001A00000000000000002F0000520478 09000000010CD907010009020900AC00080030003315450104 251319FFFFFFFFFFFFFFFF0000007076010001000156203130 2E31300A31382D31312D30390A524D2D3434330A286329204E 6F6B696120003A 2031302E31300A31382D31312D30390A - ' 10.10.18-11-09' and 524D2D3434330A286329204E6F6B6961 - RM-443.(c) Nokia Quote: PM [302] - MMC lock code Quote: PM [308,1] - Old BB5 Phone SIMLock, Superdongel, MCU, DSP signatures and phone code in newer rapido phone! Quote: PM [308,5] - Phone security code, old one :d 32323232320000000000 - 22222 Quote: PM [309] - battery callibration Quote: PM field [355,1] - Dynamic camera configratoin - back Camera [355] 1=00000014000007EC4E494D4D494949495252464630413032 3130303100000000000000000000000007D80C113030320030 30370000000000000000013FFFFFFF3FFFFFFF3FFFFFFF3FFF FFFF 3FFFFFFF3FFFFFFF3FFFFFFF3FFFFFFF3FFFFFFF3FFFFFFF00 0000000000000000000000000000003FFFFFFF3FFFFFFF3FFF FFFF3FFFFFFF3FFFFFFF3FFFFFFF3FFFFFFF3FFFFFFF3FFFFF FF3FFFFFFF3FFFFFFF3FFFFFFF3 4E494D4D494949495252464630413032313030310000000000 0000000000000007D80C1130303200303037 - NIMMIIIIRRFF0A021001_002007 4E = M 49 = I 4D = M And.... just convert them and you will get DCC file name and version. Quote: PM field [355,0] - Dynamic camera configratoin - front Camera In DCT4 phone PM fields are almost same. Just some fields are change. Hope this helps to users. And sorry for the long post BR |
The Following 4 Users Say Thank You to coolvenom For This Useful Post: |
10-17-2010, 08:07 | #4 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | What is SIM-LOCK? Sim-lock, SP-lock, “coding” - all these words have similar meaning: a programmed limit in the phone to work with a single network. A sim lock allows a network provider to prevent handsets from being used on other GSM networks. Usually those handsets are sold with a discount, and the provider covers the price difference. The handset stays inside the same network and within a year pays back the expenses of the service provider. SIM-LOCK could be installed by the manufacturing or distributing company. The network provider orders some quantity of handsets from manufacturer. The producing company supplies the phones along with the SIM-LOCK removing codes. The physical sense of Sim-lock: there is a unique MCC/NCC code of the country and network saved in the SIM-Card. Phone detects those codes when it's powered on. If they have coincided, the telephone works normally, other ways on display appears the following massage: “Invalid SIM” or “Enter the SIM-Lock code”. There are some other methods of coding the handsets, but the considered above – is the most widespread. |
The Following User Says Thank You to coolvenom For This Useful Post: |
10-17-2010, 08:48 | #5 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | /* An implementation of the GSM A3A8 algorithm. (Specifically, COMP128.) * * Copyright 1998, Marc Briceno, Ian Goldberg, and David Wagner. * All rights reserved. * * For expository purposes only. Coded in C merely because C is a much * more precise, concise form of expression for these purposes. See Judge * Patel if you have any problems with this... * Of course, it's only authentication, so it should be exportable for the * usual boring reasons. * * * This software is free for commercial and non-commercial use as long as * the following conditions are aheared to. * Copyright remains the authors' and as such any Copyright notices in * the code are not to be removed. * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The license and distribution terms for any publicly available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution license * [including the GNU Public License.] */ typedef unsigned char Byte; #include <stdio.h> /* #define TEST */ /* * rand[0..15]: the challenge from the base station * key[0..15]: the SIM's A3/A8 long-term key Ki * simoutput[0..11]: what you'd get back if you fed rand and key to a real * SIM. * * The GSM spec states that simoutput[0..3] is SRES, * and simoutput[4..11] is Kc (the A5 session key). * (See GSM 11.11, Section 8.16. See also the leaked document * referenced below.) * Note that Kc is bits 74..127 of the COMP128 output, followed by 10 * zeros. * In other words, A5 is keyed with only 54 bits of entropy. This * represents a deliberate weakening of the key used for voice privacy * by a factor of over 1000. * * Verified with a Pacific Bell Schlumberger SIM. Your mileage may vary. * * Marc Briceno <[email protected]>, Ian Goldberg <[email protected]>, * and David Wagner <[email protected]> */ void A3A8(/* in */ Byte rand[16], /* in */ Byte key[16], /* out */ Byte simoutput[12]); /* The compression tables. */ static const Byte table_0[512] = { 102,177,186,162, 2,156,112, 75, 55, 25, 8, 12,251,193,246,188, 109,213,151, 53, 42, 79,191,115,233,242,164,223,209,148,108,161, 252, 37,244, 47, 64,211, 6,237,185,160,139,113, 76,138, 59, 70, 67, 26, 13,157, 63,179,221, 30,214, 36,166, 69,152,124,207,116, 247,194, 41, 84, 71, 1, 49, 14, 95, 35,169, 21, 96, 78,215,225, 182,243, 28, 92,201,118, 4, 74,248,128, 17, 11,146,132,245, 48, 149, 90,120, 39, 87,230,106,232,175, 19,126,190,202,141,137,176, 250, 27,101, 40,219,227, 58, 20, 51,178, 98,216,140, 22, 32,121, 61,103,203, 72, 29,110, 85,212,180,204,150,183, 15, 66,172,196, 56,197,158, 0,100, 45,153, 7,144,222,163,167, 60,135,210,231, 174,165, 38,249,224, 34,220,229,217,208,241, 68,206,189,125,255, 239, 54,168, 89,123,122, 73,145,117,234,143, 99,129,200,192, 82, 104,170,136,235, 93, 81,205,173,236, 94,105, 52, 46,228,198, 5, 57,254, 97,155,142,133,199,171,187, 50, 65,181,127,107,147,226, 184,218,131, 33, 77, 86, 31, 44, 88, 62,238, 18, 24, 43,154, 23, 80,159,134,111, 9,114, 3, 91, 16,130, 83, 10,195,240,253,119, 177,102,162,186,156, 2, 75,112, 25, 55, 12, 8,193,251,188,246, 213,109, 53,151, 79, 42,115,191,242,233,223,164,148,209,161,108, 37,252, 47,244,211, 64,237, 6,160,185,113,139,138, 76, 70, 59, 26, 67,157, 13,179, 63, 30,221, 36,214, 69,166,124,152,116,207, 194,247, 84, 41, 1, 71, 14, 49, 35, 95, 21,169, 78, 96,225,215, 243,182, 92, 28,118,201, 74, 4,128,248, 11, 17,132,146, 48,245, 90,149, 39,120,230, 87,232,106, 19,175,190,126,141,202,176,137, 27,250, 40,101,227,219, 20, 58,178, 51,216, 98, 22,140,121, 32, 103, 61, 72,203,110, 29,212, 85,204,180,183,150, 66, 15,196,172, 197, 56, 0,158, 45,100, 7,153,222,144,167,163,135, 60,231,210, 165,174,249, 38, 34,224,229,220,208,217, 68,241,189,206,255,125, 54,239, 89,168,122,123,145, 73,234,117, 99,143,200,129, 82,192, 170,104,235,136, 81, 93,173,205, 94,236, 52,105,228, 46, 5,198, 254, 57,155, 97,133,142,171,199, 50,187,181, 65,107,127,226,147, 218,184, 33,131, 86, 77, 44, 31, 62, 88, 18,238, 43, 24, 23,154, 159, 80,111,134,114, 9, 91, 3,130, 16, 10, 83,240,195,119,253 }, table_1[256] = { 19, 11, 80,114, 43, 1, 69, 94, 39, 18,127,117, 97, 3, 85, 43, 27,124, 70, 83, 47, 71, 63, 10, 47, 89, 79, 4, 14, 59, 11, 5, 35,107,103, 68, 21, 86, 36, 91, 85,126, 32, 50,109, 94,120, 6, 53, 79, 28, 45, 99, 95, 41, 34, 88, 68, 93, 55,110,125,105, 20, 90, 80, 76, 96, 23, 60, 89, 64,121, 56, 14, 74,101, 8, 19, 78, 76, 66,104, 46,111, 50, 32, 3, 39, 0, 58, 25, 92, 22, 18, 51, 57, 65,119,116, 22,109, 7, 86, 59, 93, 62,110, 78, 99, 77, 67, 12,113, 87, 98,102, 5, 88, 33, 38, 56, 23, 8, 75, 45, 13, 75, 95, 63, 28, 49,123,120, 20,112, 44, 30, 15, 98,106, 2,103, 29, 82,107, 42,124, 24, 30, 41, 16,108,100,117, 40, 73, 40, 7,114, 82,115, 36,112, 12,102,100, 84, 92, 48, 72, 97, 9, 54, 55, 74, 113,123, 17, 26, 53, 58, 4, 9, 69,122, 21,118, 42, 60, 27, 73, 118,125, 34, 15, 65,115, 84, 64, 62, 81, 70, 1, 24,111,121, 83, 104, 81, 49,127, 48,105, 31, 10, 6, 91, 87, 37, 16, 54,116,126, 31, 38, 13, 0, 72,106, 77, 61, 26, 67, 46, 29, 96, 37, 61, 52, 101, 17, 44,108, 71, 52, 66, 57, 33, 51, 25, 90, 2,119,122, 35 }, table_2[128] = { 52, 50, 44, 6, 21, 49, 41, 59, 39, 51, 25, 32, 51, 47, 52, 43, 37, 4, 40, 34, 61, 12, 28, 4, 58, 23, 8, 15, 12, 22, 9, 18, 55, 10, 33, 35, 50, 1, 43, 3, 57, 13, 62, 14, 7, 42, 44, 59, 62, 57, 27, 6, 8, 31, 26, 54, 41, 22, 45, 20, 39, 3, 16, 56, 48, 2, 21, 28, 36, 42, 60, 33, 34, 18, 0, 11, 24, 10, 17, 61, 29, 14, 45, 26, 55, 46, 11, 17, 54, 46, 9, 24, 30, 60, 32, 0, 20, 38, 2, 30, 58, 35, 1, 16, 56, 40, 23, 48, 13, 19, 19, 27, 31, 53, 47, 38, 63, 15, 49, 5, 37, 53, 25, 36, 63, 29, 5, 7 }, table_3[64] = { 1, 5, 29, 6, 25, 1, 18, 23, 17, 19, 0, 9, 24, 25, 6, 31, 28, 20, 24, 30, 4, 27, 3, 13, 15, 16, 14, 18, 4, 3, 8, 9, 20, 0, 12, 26, 21, 8, 28, 2, 29, 2, 15, 7, 11, 22, 14, 10, 17, 21, 12, 30, 26, 27, 16, 31, 11, 7, 13, 23, 10, 5, 22, 19 }, table_4[32] = { 15, 12, 10, 4, 1, 14, 11, 7, 5, 0, 14, 7, 1, 2, 13, 8, 10, 3, 4, 9, 6, 0, 3, 2, 5, 6, 8, 9, 11, 13, 15, 12 }, *table[5] = { table_0, table_1, table_2, table_3, table_4 }; /* * This code derived from a leaked document from the GSM standards. * Some missing pieces were filled in by reverse-engineering a working SIM. * We have verified that this is the correct COMP128 algorithm. * * The first page of the document identifies it as * _Technical Information: GSM System Security Study_. * 10-1617-01, 10th June 1988. * The bottom of the title page is marked * Racal Research Ltd. * Worton Drive, Worton Grange Industrial Estate, * Reading, Berks. RG2 0SB, England. * Telephone: Reading (0734) 868601 Telex: 847152 * The relevant bits are in Part I, Section 20 (pages 66--67). Enjoy! * * Note: There are three typos in the spec (discovered by * reverse-engineering). * First, "z = (2 * x[n] + x[n]) mod 2^(9-j)" should clearly read * "z = (2 * x[m] + x[n]) mod 2^(9-j)". * Second, the "k" loop in the "Form bits from bytes" section is severely * botched: the k index should run only from 0 to 3, and clearly the range * on "the (8-k)th bit of byte j" is also off (should be 0..7, not 1..8, * to be consistent with the subsequent section). * Third, SRES is taken from the first 8 nibbles of x[], not the last 8 as * claimed in the document. (And the document doesn't specify how Kc is * derived, but that was also easily discovered with reverse engineering.) * All of these typos have been corrected in the following code. */ void A3A8(/* in */ Byte rand[16], /* in */ Byte key[16], /* out */ Byte simoutput[12]) { Byte x[32], bit[128]; int i, j, k, l, m, n, y, z, next_bit; /* ( Load RAND into last 16 bytes of input ) */ for (i=16; i<32; i++) x[i] = rand[i-16]; /* ( Loop eight times ) */ for (i=1; i<9; i++) { /* ( Load key into first 16 bytes of input ) */ for (j=0; j<16; j++) x[j] = key[j]; /* ( Perform substitutions ) */ for (j=0; j<5; j++) for (k=0; k<(1<<j); k++) for (l=0; l<(1<<(4-j)); l++) { m = l + k*(1<<(5-j)); n = m + (1<<(4-j)); y = (x[m]+2*x[n]) % (1<<(9-j)); z = (2*x[m]+x[n]) % (1<<(9-j)); x[m] = table[j][y]; x[n] = table[j][z]; } /* ( Form bits from bytes ) */ for (j=0; j<32; j++) for (k=0; k<4; k++) bit[4*j+k] = (x[j]>>(3-k)) & 1; /* ( Permutation but not on the last loop ) */ if (i < 8) for (j=0; j<16; j++) { x[j+16] = 0; for (k=0; k<8; k++) { next_bit = ((8*j + k)*17) % 128; x[j+16] |= bit[next_bit] << (7-k); } } } /* * ( At this stage the vector x[] consists of 32 nibbles. * The first 8 of these are taken as the output SRES. ) */ /* The remainder of the code is not given explicitly in the * standard, but was derived by reverse-engineering. */ for (i=0; i<4; i++) simoutput[i] = (x[2*i]<<4) | x[2*i+1]; for (i=0; i<6; i++) simoutput[4+i] = (x[2*i+18]<<6) | (x[2*i+18+1]<<2) | (x[2*i+18+2]>>2); simoutput[4+6] = (x[2*6+18]<<6) | (x[2*6+18+1]<<2); simoutput[4+7] = 0; } #ifdef TEST int hextoint(char x) { x = toupper(x); if (x >= 'A' && x <= 'F') return x-'A'+10; else if (x >= '0' && x <= '9') return x-'0'; fprintf(stderr, "bad input.\n"); exit(1); } int main(int argc, char **argv) { Byte rand[16], key [16], simoutput[12]; int i; if (argc != 3 || strlen(argv[1]) != 34 || strlen(argv[2]) != 34 || strncmp(argv[1], "0x", 2) != 0 || strncmp(argv[2], "0x", 2) != 0) { fprintf(stderr, "Usage: %s 0x<key> 0x<rand>\n", argv[0]); exit(1); } for (i=0; i<16; i++) key[i] = (hextoint(argv[1][2*i+2])<<4) | hextoint(argv[1][2*i+3]); for (i=0; i<16; i++) rand[i] = (hextoint(argv[2][2*i+2])<<4) | hextoint(argv[2][2*i+3]); A3A8(key, rand, simoutput); printf("simoutput: "); for (i=0; i<12; i++) printf("%02X", simoutput[i]); printf("\n"); return 0; } #endif |
The Following 2 Users Say Thank You to coolvenom For This Useful Post: |
10-17-2010, 09:04 | #6 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | Terms AIK CA CEK CI CMLA CRTM CRTV DAA DCF DMP DoS DRM EMV ETSI SPC EU GSM HW IC card IMEI IMSI ME MeT MLTM MNO MRTM MTM MPWG NFC OEM OMA OS Description Attestation Identity Key Certification Authority Content Encryption Key Content Issuer Content Management License Administrator CMLA Home Core Root of Trust for Measuring Core Root of Trust for Verification Direct Anonymous Attestation DRM Content Format Digital Media Project Denial of Service Digital Rights Management Europay Mastercard Visa European Telecommunications Standards Institute – Smart Card Platform European Union Global System Mobile Hardware Integrated Circuit card or smart card International Mobile Equipment Identity International Mobile Subscriber Identity Mobile Equipment Mobile Electronic Transactions organization. See Mobile Transactions - SMS Payment for Your Web Site. Mobile Local-Owner Trusted Module Mobile Network Operator Mobile Remote-Owner Trusted Module Mobile Trusted Module Mobile Phone Workgroup Near Field Communication Original Equipment Manufacturer Open Mobile Alliance Operating System |
The Following 2 Users Say Thank You to coolvenom For This Useful Post: |
10-17-2010, 16:11 | #8 (permalink) |
No Life Poster Join Date: Mar 2006 Location: .: India :. Heaven on Earth
Posts: 2,496
Member: 238812 Status: Offline Sonork: 100.1602669 Thanks Meter: 1,443 | Bro, you have nicely posted many valuable informations here. Thanks for them. I am currently looking behind chinese phones but if i get something worth posting in this yhread, i will surely do. Br, Shadab Ahmad |
The Following User Says Thank You to [Shadab_M] For This Useful Post: |
10-21-2010, 15:25 | #9 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | DCT-4 Algo In cryptography, SHA-1 is a cryptographic hash function designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. SHA stands for Secure Hash Algorithm. The three SHA algorithms are structured differently and are distinguished as SHA-0, SHA-1, and SHA-2. SHA-1 is very similar to SHA-0, but corrects an error in the original SHA hash specification that led to significant weaknesses. The SHA-0 algorithm was not adopted by many applications. SHA-2 on the other hand significantly differs from the SHA-1 hash function. SHA-1 is the most widely used of the existing SHA hash functions,. |
The Following 2 Users Say Thank You to coolvenom For This Useful Post: |
10-21-2010, 15:27 | #10 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | In cryptography, SAFER (Secure And Fast Encryption Routine) is the name of a family of block ciphers designed primarily by James Massey (one of the designers of IDEA) on behalf of Cylink Corporation. The early SAFER K and SAFER SK designs share the same encryption function, but differ in the number of rounds and the key schedule. More recent versions — SAFER+ and SAFER++ — were submitted as candidates to the AES process and the NESSIE project respectively. All of the algorithms in the SAFER family are unpatented and available for unrestricted use. |
The Following 2 Users Say Thank You to coolvenom For This Useful Post: |
10-21-2010, 15:34 | #11 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | The BNF below shows how a SHA1 digest is encoded in a Resource Reference Information Extension. resinfo-data ::= '(' HashAlgoURL resource-hash hash-date*1 ')' HashAlgoURL ::= '"http://www.w3.org/PICS/DSig/SHA1_1_0.html"' resource-hash ::= '"base64-string encoding of 160 bit SHA1 message digest of the information resource."' hash-date ::= quoted-ISO-date quoted-ISO-date ::= '"'YYYY'.'MM'.'DD'T'hh':'mmStz'"' based on the ISO 8601:1988 date and time standard, restricted to the specific form described here: YYYY ::= four-digit year MM ::= two-digit month (01=January, etc.) DD ::= two-digit day of month (01 through 31) hh ::= two digits of hour (00 through 23) (am/pm NOT allowed) mm ::= two digits of minute (00 through 59) S ::= sign of time zone offset from UTC ('+' or '-') tz ::= four digit amount of offset from UTC (e.g., 1512 means 15 hours and 12 minutes) For example, "1994.11.05T08:15-0500" is a valid quoted-ISO-date denoting November 5, 1994, 8:15 am, US Eastern Standard Time Note: The ISO standard allows considerably greater flexibility than that described here. PICS requires precisely the syntax described here -- neither the time nor the time zone may be omitted, none of the alternate formats are permitted, and the punctuation must be as specified here. base64-string ::= as defined in RFC-1521.hash-date is optional. There may be zero or one dates included here at the signer's behest. The following example shows a valid DSig 1.0 SHA1 resinfo extension with two SHA1 hashes of the referenced information resource. The first without a date, the second with a date. extension ( optional "http://www.w3.org/PICS/DSig/resinfo-1_0.html" ( "http://www.w3.org/PICS/DSig/SHA1_1_0.html" "base64-hash" ) ( "http://www.w3.org/PICS/DSig/SHA1_1_0.html" "base64-hash" "1997.02.05T08:15-0500" ) ) -------------------------------------------------------------------------------- I SEE NO ONE IS CONTRIBUTING...REALLY SAD... |
The Following 2 Users Say Thank You to coolvenom For This Useful Post: |
10-21-2010, 15:46 | #12 (permalink) |
Freak Poster Join Date: Sep 2006
Posts: 119
Member: 345321 Status: Offline Thanks Meter: 37 | I just decompiled a file and it is same as Cracking a pc software same hex jumps Viola Some stupid commented its different... |
The Following 3 Users Say Thank You to coolvenom For This Useful Post: |
Bookmarks |
| |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
"Deskey Device driver not found" ?? Please help | DivAdonis | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 1 | 06-08-2017 13:21 |
my 8810 is phone locked ,can somebody please help | duyphuc | Nokia Legacy Phones ( DCT-1 ,2 ,3 ,L ) | 18 | 12-23-2014 09:03 |
Sp unlocking sim - if you can get or sell please let me know | andrew bennett | Wanted Products | 1 | 09-24-1999 08:43 |
buy your GSM here | midlandcellular | Main Sales Section | 0 | 09-04-1999 17:14 |
|