CHIPIT
DISCLAIMER:
THE AUTHOR MAKES NO REPRESENTATIONS ABOUT THE SUITABILITY OF THIS
SOFTWARE OR ABOUT ANY CONTENT OR INFORMATION MADE ACCESSIBLE BY THE SOFTWARE, FOR ANY PURPOSE. THE SOFTWARE IS PROVIDED 'AS IS' WITHOUT EXPRESS OR IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT. THE ENTIRE RISK AS TO THE RESULTS AND PERFORMANCE OF THE SOFTWARE IS ASSUMED BY YOU.
IN NO EVENT WILL THE AUTHOR BE LIABLE TO YOU FOR ANY CONSEQUENTIAL, INCIDENTAL OR INDIRECT DAMAGES (INCLUDING DAMAGES FOR LOSS OF BYSINESS PROFITS, BUSINESS INTERRUPTION LOSS OF BUSINESS IMPORMATION, AND THE LIKE) ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
You are hereby licensed to make as many copies of this version of this software and documentation as you wish; give exact copies of the original version to anyone; and distribute this version of the software and documentation in its unmodified form via electronic means. There is no charge for any of the above.
Professional usage of that software is prohibited.
You are specifically prohibited from charging, or requesting donations, for any such copies, however made; and from distributing the software and/or documentation with other products (commercial or otherwise) without prior written permission.
This software is to be used for analysis, tests or Phone Book duplications only,
© Yves de Ryckel 2000
1- Introduction
This software has been written for one main purpose : duplicating the Phone Book from one SIM card into another one. After a SIM card change, I was indeed very frustrated to have to retype about 50 names and numbers, using the GSM keypad only. Try it, you’ll enjoy that nice experience !
I’ve started to write a simple HEX terminal in DOS just to learn more about the SmartCard operating system..Then I’ve decided to write that application for Windows.
I’ve started with a simple HEX terminal and gradually added functions and buttons in order to provide the user with more flexibility and ease.
WARNING :
Please note that you may block your SIM card if you don’t know what you’re doing especially by sending commands via the terminal screen or making multiple wrong PIN entries. If you don’t have the PUK’s (Pin unblocking) codes, be extremely cautious !
2- Requirements
Windows 32 bits (95, 98) . Not tested on WIN2000
PC with a Standard COM port
This program has been tested on an AMD K6 II 333 Mhz, Celeron 633Mhz (overclocked @ 715 Mhz), AMD ATHLON XP 1800+, and on a Pentium 200 MMX with 64 Mb RAM. Best display view in 800X600 . Chipit has been tested on the following O.S : WIN95/98(SE/ME), Win 2000, WIN XP. (Last compilation under WIN XP)
One SIMcard/SmartCard simple interface
That program has been thoroughly tested on the UNIPROG interface.
The description, Printed Board drawings and schematics are available on http://www.ccc.de
I’m pretty sure that this program can run also on a Maki interface as I’ve tested one of their programs on my UNIPROG. (Use the inverted CTS/DTR option in ChipIt.)
ChipIt should work also on other interfaces like the DumbMouse or SmartMouse compatible, but I cannot guarantee that because I don’t have that type of hardware.
Any feedback would be welcome.
One old SIMcard with a known PIN1/CHV1 code for trials.
3- Installation.
All files have to be installed in the same directory. You need to install also the Runtime Library into the Windows/System directory. That Runtime library can be download separately so that Chipit updates can be downloaded faster.
(Note : If you get an error with TabCtl32.ocx when running Chipit, try to register the OCX again. In MSDOS and from the \windows\system directory, type : REGSVR32 TABCTL32.0CX )
(The new setup package should normally install and register all necessary files)
Though you may change the INI settings by using a Text Editor, do not modify the structure of the CHIPIT.INI file.
Also, Chipit need to start with PARITY set to EVEN. It switches automatically to
ODD parity in case the SIM card is in INVERSE convention.
4- ChipIt features
- WIN95/98 32 bits program
- Hexadecimal Terminal with no extra key to use when entering commands
- Quick commands with buttons 'Select, Get Response and quick Dir EF’s...
That feature works only when the B4-B6 instructions are available in the SIM
- SIM File SELECTION through mnemonics or address
- Translation of ANSWERS (SW1-SW2)
- Customizable COM settings
- Dual polarity RESET (ATR) on CTS or DTR
- Phone Book Editing screen
- Compatible with the Uniprog interface and likely with other interfaces like Maki,
DumbMouse ...
- Session Logging in a text file
- Phone Book saved in delimited format
- Automatic Parity detection (Even or Odd) upon Reset (Normal/Inverse)
- Automatic download of Sim card Structure into a text file
- Automatic card files detection and listing in a log file.
The main screen is divided in 4 main sections :
· The Menu (Com parameters, Log file …)
· The Information (Responses) on the top part
· The Hexadecimal Terminal
· The Controls
In addition there are 3 tab’s :
· One with the Main screen (see above)
· Card Information (SST, ICC and IMSI)
· SIM card Structure
4.1 - Menu (removed starting with version 4.0.0.)
4.1.1 – File
[Open LOG] file to open a file for the collection of all information from the Hex
Terminal screen.
[Close LOG] file to close the file and save it on your Hard Disk.
[Exit] to leave the application and return to Windows
4.1.2 – ComPort
This menu item gives access to PARAMETERS for the COM port settings, i.e Baud rate, word Length, Stop bits, Parity, Handshaking and Echo.
Once changed, those parameters are saved in the INI file.
4.1.3 – About
Displays the information on the ChipIT version
4.1.4 – Status
This is a label that provides the user with some information on RS232 control line status.(i.e. CD Error if you remove the card from the UNIPROG interface)
Please note that you may sometimes receive a TX Buffer Overflow error when
changing cards. Just acknowledge the Message Box in order to clear the TX buffer.
5- Information
The Response to an MF (Master File) or DF (Data File) Selection is displayed
Here :
Sub DF : number of DF (Data Files) under the current directory
Sub EF : number of EF (Elementary Files) under the current directory
#KEYS : number of keys being used (PIN1, PIN2 ….)
CLKS : Clock allowed Yes or No
PIN1 : number of trials left before PIN1 is blocked
PIN2 : number of trials left before PIN2 is blocked
PUK1 : number of trials left before PUK1 is blocked
PUK2 : number of trials left before PUK2 is blocked
Under DEFINED, you’ll find the status for each key showing whether or not the
key has been initialized. Not to be confused with the Enabled status of
PIN1.
6 - The Terminal screen
Using that terminal, you may enter all GSM 11.11 standard commands and enter in dialogue with the SIM card under test.
Prior to talk with the card, you must click on [ATR on CTS] or on [ATR on DTR].
You should get the Answer To Reset from the SIM card. If you don’t get any hex string on the Terminal screen, try to select the INV mode in order to invert the RESET
signal sent to the interface. (Maki™ interface with standard settings)
The UNIPROG interface uses the [ATR on CTS] signal.
Once you’ve got the ATR from the SIM, you may talk with the card.
Example :
Type : A0A4000002 [Enter] (see GSM 11.11 specification for all commands)
Answer : A4 (means that SIM has recognized the instruction code SELECT
Type : 7F20 [Enter] (GSM Directory)
Answer : 9Fxx (xx= 1A or 1B …) OK x Bytes
The responses to commands are translated according to the GSM 11.11 specification (SW1 and SW2) and are displayed in the Terminal window.
You may execute commands like those included in the annex 1… and even others from other cards in the direct convention. (see GSM 11.11 rev 6.2 for additional details)
All data’s displayed in that window may be logged in a file for further analysis . Prior to initiate a file logging, click on [CLS] to clear the hexadecimal terminal window if necessary and click on [Open Log] file in the Controls window.
7 – CONTROLS
The bottom portion of the screen regroups all controls :
[ATR on CTS] : Reset the card using the CTS line. The polarity of that RESET
signal can be changed using the INV/NOR buttons
[ATR on DTR] : Reset the card using the DTR line. The polarity of that RESET
[ComPort] : enter in the COM: port settings menu
[INV] [NOR] : RESET from LOW to HIGH or HIGH to LOW transition
[INV Toggle] : RFU and blocked
[CLS Term] : clear the Hex Terminal windows and reset the cursor position .
[Open LOG] : duplicated in the File menu. Used to open a text file for data
logging.
[Close LOG] : duplicated in the File menu. Used to close the text file.
The Log file is automatically closed upon exit.
[PIN1] … [PUK2] : Used to activate the respective key’s
[SELECT FILE] : Used to SELECT a file in the SIM card.
You may use either the address or the mnemonic (Upper case or Lower Case.)
Example : to SELECT the MF you may enter MF or 3F00
All SELECT commands are starting from the root file MF, so
You may directly enter ADN (6F3A) for example to get access to
the Phone Book which is located under the TELECOM:7F10 DF
file. All recognized mnemonics are shown in the annex 2.
[GET RESPONSE] : Displays the parameters of a file after its SELECTion.
There are two different areas depending upon the file type
Selected, EF or DF/MF
· The Response to an MF (Master File) or DF (Data File) Selection gives the following information (see also above):
Sub DF : number of DF under the current directory
Sub EF : number of EF under the current directory
...
witold23