GSM-Forum - View Single Post

haykuro · 09-07-2008, 00:04

Hello, I just recently purchased my new sim reader, and a SIM MAX 16 in 1 sim card.

I managed to crack the KI on old VoiceStream SIM (Pre T-Mobile days, haha) i had laying around.

heres that info, taken off woronscan (bits emitted for privacy)

Code:

KI  : 7F ** C9 ** 1B ** 4D ** EB ** 1C ** 3B ** 02 **
IMSI: 08 ** 01 ** ** ** ** ** **
ICC : 89***************27

after cracking my Ki (which took about 30 minutes, not so bad.. apprently from what i've read it usually takes a good hour or so) i realized i needed to have done it using SimScan provided by Sim Max (sadly, mine was in chinese so i avoided it.) after a couple hours of fiddeling around, i managed to pull up MagicSim which allowed me to manually enter my IMSI, ICC, and KI information. after entering my KI i realized that it would change it. (no matter what KI i entered, magicsim would read it as something else [simmax has some protection on the sim so you cant use 3rd party software i found out later

])

so heres my question:
after trying to erase all enteries, and loading it up into SimScanner, when i try to read/write it says "Invalid Card"..

MagicSim still reads all my enteries properly, and when i pop the sim into a phone it sees all the enteries just fine.. but the KI is wrong so none of the options authenticate properly.

how can i fix this?!

if someone can instruct me as to how i can either use MagicSim, or format my sim to be able to use SimScanner again, please let me know!

EDIT:
i've made some progress i think..

i entered in 00000000000000000000000000000000 as KI and MagicSim outputs 8FD131136E510EA98FD131136E510EA9.

Code:

0000000000000000 00000000000000000
8FD131136E510EA9 8FD131136E510EA9

maybe it splits it into 8 bytes each, and XOR or something on the number?
heres output of 10000000000000000000000000000000:

Code:

1000000000000000 0000000000000000
28C41AB4B2EA2DF4 8FD131136E510EA9

no pattern.. =[

and FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF:

Code:

FFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFF
4646249F559F15BA 4646249F559F15BA

8 byte pattern shows up again!
this is very confusing! =[

09-07-2008, 00:04	#1 (permalink)
haykuro Junior Member Join Date: Sep 2008 Posts: 23 Member: 854862 Status: Offline Thanks Meter: 2	SIM MAX help please? Hello, I just recently purchased my new sim reader, and a SIM MAX 16 in 1 sim card. I managed to crack the KI on old VoiceStream SIM (Pre T-Mobile days, haha) i had laying around. heres that info, taken off woronscan (bits emitted for privacy) Code: KI : 7F C9 1B 4D EB 1C 3B 02 IMSI: 08 01 ICC : 89************27 after cracking my Ki (which took about 30 minutes, not so bad.. apprently from what i've read it usually takes a good hour or so) i realized i needed to have done it using SimScan provided by Sim Max (sadly, mine was in chinese so i avoided it.) after a couple hours of fiddeling around, i managed to pull up MagicSim which allowed me to manually enter my IMSI, ICC, and KI information. after entering my KI i realized that it would change it. (no matter what KI i entered, magicsim would read it as something else [simmax has some protection on the sim so you cant use 3rd party software i found out later ]) so heres my question: after trying to erase all enteries, and loading it up into SimScanner, when i try to read/write it says "Invalid Card".. MagicSim still reads all my enteries properly, and when i pop the sim into a phone it sees all the enteries just fine.. but the KI is wrong so none of the options authenticate properly. how can i fix this?! if someone can instruct me as to how i can either use MagicSim, or format my sim to be able to use SimScanner again, please let me know! EDIT: i've made some progress i think.. i entered in 00000000000000000000000000000000 as KI and MagicSim outputs 8FD131136E510EA98FD131136E510EA9. Code: 0000000000000000 00000000000000000 8FD131136E510EA9 8FD131136E510EA9 maybe it splits it into 8 bytes each, and XOR or something on the number? heres output of 10000000000000000000000000000000: Code: 1000000000000000 0000000000000000 28C41AB4B2EA2DF4 8FD131136E510EA9 no pattern.. =[ and FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF: Code: FFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFF 4646249F559F15BA 4646249F559F15BA 8 byte pattern shows up again! this is very confusing! =[ Last edited by haykuro; 09-07-2008 at 00:12.*