View Full Version : Sim Cloning - The Detailed Guide



neha_cool
6th April 2007, 00:55
The following guide enables us to make clones of sims used in india ........... unlike the complicated guides you find on the net ....... i have compiled them all together and made one simple guide which can be followed even by beginners..covering only the relevant things needed to know rather than going technically deep

Before i start off with this guide ..... i would like to make one thing clear .......... SIM CLONING is illegal ..... there have been many cases in india where people have been caught...... for cloning others sims .......... and making calls worth thousands through it ............ recently many gsm operators in india have set up surveillance techniques to trap people who use cloned sims............ So i once again request to everyone that please use this guide for personal purpose only,do not use this guide for cheating ......

First off a little introduction about SIM CARDS.......

Our sim cards contain ......... two secret codes or keys called (imsi value and ki value) which enables the operator in identifying the sim card number and authenticate the customer ...... these codes are related to our mobile numbers which...... the operators store in their vast data base......... it is based on these secret keys that enables the billing to be made to that customer. now what we do in sim cloning is extract these two secret codes from the sim and programme it into a new blank smart card often known as wafer........ since the operator authentication on sims is based on these values..... it enables us to fool the operators in thinking that its the original sim......... this authentication is a big flaw concerning GSM technology.........

Now which sim cards can be cloned

Sim cards are manufactured on the basis of 3 algorithms....... COMP128v1,COMP128v2 and COMP128v3
now an important note currently only COMP128v1 version sim cards can be cloned .... since this is the only algorithm which has been cracked by users......... bear in mind that 70% of all the sim cards we use are COMP128v1...... now which gsm operators use what algorithms..... they are as follows:


Airtel-90% can be cloned

Hutch-75% can be cloned

bpl mobile-90% can be cloned

idea-numbers before Aug 2005 can be cloned newer cards very rare

BSNL- 0% say no - reason not comp128v1 version



OK thats it about the background..... now lets get to the Main Part


1.ITEMS NEEDED


a)Sim card Reader (phoenix or smartmouse reader)
b)Plain or Blank silver wafer card or smart card
c)Software to Extract Ki and imsi (Woron scan 1.09 is the best)
d)Wafer Card Programmer (is a hardware chipset needed to programme smart card Millenium 2000VX MAX)
e)Software to make the PIC and EEPROM files (Sim Emu 1.06 configurator by pic-ador)
f)Software to write the PIC and EEPROM files to blank card (card master 2.1)



2.GETTING STARTED


a)Extracting the Ki and IMSI

first connect the sim card reader to the pc's com port insert your original sim card..... run woron scan 1.06........ click on the menu "card reader" and click settings and select the com port which the card reader is connected to....dont change any thing else in settings.....click ok

if you have a phoenix card reader checkmark pheonix in the card reader menu.....

now click on "IMSI select" on the task menu...... the program will now communicate with the sim card and retrieve the imsi value........ once u got the imsi value..... write that on a piece of paper
now in the same way retrieve the "icc value" and write that down too
[Only registered and activated users can see links]
so goto sleep.... for now.....

After u wake up ....make sure u write down the Ki value safely in a piece of paper like u did for the imsi value........ exit woron scan....

yaaahhoooo now u can stand up and proudly say that u hacked the sim




b)Making the PIC and EEPROM files with SIM EMU configurator

first uncheck the A3A8 checkbox under security........... Please dont enable this even from the sim services menu. If enabled, it countsback to zero and when it reaches zero,........ it will corrupt your simcard. In the configurator you can set the number of ADN, FDN and SMS. ...........You can use the formulae ?16448 = (ADN - 51 ) x 32 +SMS x 176 + FDN x 32 must be less than 6480? for silver wafer cards.
Then generate the Hex files forPIC and EEPROM by clicking the Generate Hex file. With this configurator, in addition to the 16 number
slots, you can make the simcard a Motorola Test card too. In 16 in 1 configurator the positions are from
0-9 and from A-F. Each position can be customised by induvidual PIN an PUK codes. finished making the files now next step copy these files to the blank card using the programmer......

c)Write the files to the SILVER WAFER card

Now we have the files to be written to the Silver Wafer card. For this we need the Wafer
card programmer and the software for programming. Here i am using the Millenium 2000VX Max programmer
and the Cardmaster 2.1 software. Connect the programmer and run the software. Select the type
of card you are using. Select the port by clicking setup > port. If the port set by you is correct the red
colour with message on ststus bar changes to yellow and shows no simcard. Insert the simcard and load
the files for PIC and EEPROM in the file to PIC and file to EEPROM fields respectively. Dont change any
other settings. Now you are at the last stage.

Press F3 or click edit > Auto Program. You can watch the
status bar about what is happening. Programming the pic.. programming the eeprom... programming the
pic.... verifying.... and atlast you will get the message that the card is programmed succesfully. Here
you may ask the question why the PIC is programmed again after programming the EEPROM?. The PIC is
first programmed with the eeprom loader to program the EEPROM. then the EEPROM is programmed
through the pic. After that the contents in the pic is erased and the actual file is programmed in the PIC



d) Cutting the smart card into a Sim card...... and settings on the phone

The card which we have made is a 16 in 1 sim card....... means we can store 16 different sim card numbers in one
This is the last step guys...... cut the smart card in the shape of ur sim card...... insert the sim card in the phone.....
switch on the handset...... the phone asks for the PIN..... type ne 4 digit number this is for the first slot 0...... now the phone asks for the PUK code again type ne 4 digit number again for the first slot....... now the phone switches on with no network coverage...... a network error message will appear....... this is usual because........ the main values (ki and imsi) have not entered....... so the network operator cannot authenticate the sim.........

now the Finallee....... u would have noticed by now that a new menu called the "sim emu 6.01" has appeared....... select it......you can see the menus Configure, Select Phone and Information. Select Configure and go to config postion. It asks for the position. You can select any position from 0-9 and A-F. After selecting the position it asks for a PIN and PUK. Always provide different PIN and PUK for each positions. It helps us to switch to a number directly when the handset is switched on. After PIN and PUK it asks for KI,IMSI and ICCID. You can now recall the extracted values from STEP1 and enter it to appropriate fileds.



After doing all this..... u should now posses ur newly cloned sim card...... u earned it congratulations..... ............. If not then...... u must beat urself 10 times ........ and reapeat the entire process.....

ismart
11th February 2008, 05:18
are your softwares effective on new sims???

bluesc0rp
17th February 2008, 03:12
nice work neha i it really works on all type of sims

opensesame
17th February 2008, 16:37
Amazingly detailed and clear instructions. Any idea of how to clone 3G SIM

sesananta
19th February 2008, 03:29
thx for share... i'll try later

shashank983
20th February 2008, 20:00
thx for share... i'll try later

peled
1st March 2008, 17:23
10Q - must try it now. have a phone to work on

CHANDRA2SEKH
3rd March 2008, 20:08
Hello Neha Cool Thanks For The Details.i Have One Doubt. You Are Telling That The Sim Scan Will Take Up Tp 8 Hours To Find The Ki Value.but How The Cell Phone Will Read The The Ki Value With In Seconds Either When The Phone Is Switched On Or A Call Is Made.

Waiting For Your Reply...

tusshar
6th March 2008, 08:33
the info tht u hav given are really gr8 but could u tell me where can i get the silver wafer card n the sim card readr n writer

aZa
6th March 2008, 10:56
impressive stuff neha!!!

indianboy21
6th March 2008, 15:38
will try it looks awesome

knightct
16th March 2008, 19:37
great thanks for this

knightct
16th March 2008, 22:09
great thanks for this

smoochkiller
31st March 2008, 22:02
its good effort but where i find things used in this process r they r available in market

cesarr41
2nd April 2008, 18:13
I couldn't understand the "formulae" part... can give more detail on this part??? maybe I'm bad in maths....

ahmer6600
2nd April 2008, 19:21
good work but i want CDMA cloning software can any one help me