CYBER SHAFT

Before i start off with this guide ..... i would like to make one thing clear .......... SIM CLONING is illegal ..... there have been many cases in india where people have been caught...... for cloning others sims .......... and making calls worth thousands through it ............ recently many gsm operators in india have set up surveillance techniques to trap people who use cloned sims............ So i once again request to everyone that please use this guide for personal purpose only,do not use this guide for cheating ......

First off a little introduction about SIM CARDS.......

Our sim cards contain ......... two secret codes or keys called (imsi value and ki value) which enables the operator in identifying the sim card number and authenticate the customer ...... these codes are related to our mobile numbers which...... the operators store in their vast data base......... it is based on these secret keys that enables the billing to be made to that customer. now what we do in sim cloning is extract these two secret codes from the sim and programme it into a new blank smart card often known as wafer........ since the operator authentication on sims is based on these values..... it enables us to fool the operators in thinking that its the original sim......... this authentication is a big flaw concerning GSM technology.........

Now which sim cards can be cloned

Sim cards are manufactured on the basis of 3 algorithms....... COMP128v1,COMP128v2 and COMP128v3
now an important note currently only COMP128v1 version sim cards can be cloned .... since this is the only algorithm which has been cracked by users......... bear in mind that 70% of all the sim cards we use are COMP128v1...... now which gsm operators use what algorithms..... they are as follows:


Airtel-90% can be cloned

vodafone-75% can be cloned

bpl mobile-90% can be cloned

idea-numbers before Aug 2005 can be cloned newer cards very rare

BSNL- 0% say no - reason not comp128v1 version



OK thats it about the background..... now lets get to the Main Part


1.ITEMS NEEDED


a)Sim card Reader (phoenix or smartmouse reader)
b)Plain or Blank silver wafer card or smart card
c)Software to Extract Ki and imsi (Woron scan 1.09 is the best)
d)Wafer Card Programmer (is a hardware chipset needed to programme smart card Millenium 2000VX MAX)
e)Software to make the PIC and EEPROM files (Sim Emu 1.06 configurator by pic-ador)
f)Software to write the PIC and EEPROM files to blank card (card master 2.1)



2.GETTING STARTED


a)Extracting the Ki and IMSI

first connect the sim card reader to the pc's com port insert your original sim card..... run woron scan 1.06........ click on the menu "card reader" and click settings and select the com port which the card reader is connected to....dont change any thing else in settings.....click ok

if you have a phoenix card reader checkmark pheonix in the card reader menu.....

now click on "IMSI select" on the task menu...... the program will now communicate with the sim card and retrieve the imsi value........ once u got the imsi value..... write that on a piece of paper
now in the same way retrieve the "icc value" and write that down too
now click on "Ki search" now the program hacks the sim and retrieves the the ki value which consists of 32 numbers......... Note that it may take up to 8 hrs to completely get the ki value....... no matter how much faster the comp is...... this is because the sim is only capable of recieving and sending data@9600 bits/sec...
so goto sleep.... for now.....

After u wake up ....make sure u write down the Ki value safely in a piece of paper like u did for the imsi value........ exit woron scan....

yaaahhoooo now u can stand up and proudly say that u hacked the sim




b)Making the PIC and EEPROM files with SIM EMU configurator

first uncheck the A3A8 checkbox under security........... Please dont enable this even from the sim services menu. If enabled, it countsback to zero and when it reaches zero,........ it will corrupt your simcard. In the configurator you can set the number of ADN, FDN and SMS. ...........You can use the formulae ?16448 = (ADN - 51 ) x 32 +SMS x 176 + FDN x 32 must be less than 6480? for silver wafer cards.
Then generate the Hex files forPIC and EEPROM by clicking the Generate Hex file. With this configurator, in addition to the 16 number
slots, you can make the simcard a Motorola Test card too. In 16 in 1 configurator the positions are from
0-9 and from A-F. Each position can be customised by induvidual PIN an PUK codes. finished making the files now next step copy these files to the blank card using the programmer......

c)Write the files to the SILVER WAFER card

Now we have the files to be written to the Silver Wafer card. For this we need the Wafer
card programmer and the software for programming. Here i am using the Millenium 2000VX Max programmer
and the Cardmaster 2.1 software. Connect the programmer and run the software. Select the type
of card you are using. Select the port by clicking setup > port. If the port set by you is correct the red
colour with message on ststus bar changes to yellow and shows no simcard. Insert the simcard and load
the files for PIC and EEPROM in the file to PIC and file to EEPROM fields respectively. Dont change any
other settings. Now you are at the last stage.

Press F3 or click edit > Auto Program. You can watch the
status bar about what is happening. Programming the pic.. programming the eeprom... programming the
pic.... verifying.... and atlast you will get the message that the card is programmed succesfully. Here
you may ask the question why the PIC is programmed again after programming the EEPROM?. The PIC is
first programmed with the eeprom loader to program the EEPROM. then the EEPROM is programmed
through the pic. After that the contents in the pic is erased and the actual file is programmed in the PIC



d) Cutting the smart card into a Sim card...... and settings on the phone

The card which we have made is a 16 in 1 sim card....... means we can store 16 different sim card numbers in one
This is the last step guys...... cut the smart card in the shape of ur sim card...... insert the sim card in the phone.....
switch on the handset...... the phone asks for the PIN..... type ne 4 digit number this is for the first slot 0...... now the phone asks for the PUK code again type ne 4 digit number again for the first slot....... now the phone switches on with no network coverage...... a network error message will appear....... this is usual because........ the main values (ki and imsi) have not entered....... so the network operator cannot authenticate the sim.........

now the Finallee....... u would have noticed by now that a new menu called the "sim emu 6.01" has appeared....... select it......you can see the menus Configure, Select Phone and Information. Select Configure and go to config postion. It asks for the position. You can select any position from 0-9 and A-F. After selecting the position it asks for a PIN and PUK. Always provide different PIN and PUK for each positions. It helps us to switch to a number directly when the handset is switched on. After PIN and PUK it asks for KI,IMSI and ICCID. You can now recall the extracted values from STEP1 and enter it to appropriate fileds.



After doing all this..... u should now posses ur newly cloned sim card




Admin,CyberShaft.