providehope
22nd Apr '08 Tue, 13:01
*Note: I just found this on the net.
**Disclaimer: I will not be held liable for any damage, misuse, loss of information or any unlikely circumstances that will arise by following or trying the following procedures. Anything you do is your own responsibility.
The following guide was used to make clones of sims used in india ........... unlike the complicated guides you find on the net ....... this was compiled alltogether and made one simple guide which can be followed even by beginners..covering only the relevant things needed to know rather than going technically deep
Before starting off with this guide ..... i would like to make one thing clear .......... SIM CLONING is illegal ..... there have been many cases in india where people have been caught...... for cloning others sims .......... and making calls worth thousands through it ............ recently many gsm operators in india have set up surveillance techniques to trap people who use cloned sims............ So i once again request to everyone that please use this guide for personal purpose only,do not use this guide for cheating ......
First off a little introduction about SIM CARDS.......
Our sim cards contain ......... two secret codes or keys called (imsi value and ki value) which enables the operator in identifying the sim card number and authenticate the customer ...... these codes are related to our mobile numbers which...... the operators store in their vast data base......... it is based on these secret keys that enables the billing to be made to that customer. now what we do in sim cloning is extract these two secret codes from the sim and programme it into a new blank smart card often known as wafer........ since the operator authentication on sims is based on these values..... it enables us to fool the operators in thinking that its the original sim......... this authentication is a big flaw concerning GSM technology.........
Now which sim cards can be cloned
Sim cards are manufactured on the basis of 3 algorithms....... COMP128v1,COMP128v2 and COMP128v3
now an important note currently only COMP128v1 version sim cards can be cloned .... since this is the only algorithm which has been cracked by users......... bear in mind that 70% of all the sim cards we use are COMP128v1...... now which gsm operators use what algorithms..... they are as follows:
Airtel-90% can be cloned
Hutch-75% can be cloned
bpl mobile-90% can be cloned
idea-numbers before Aug 2005 can be cloned newer cards very rare
BSNL- 0% say no - reason not comp128v1 version
OK thats it about the background..... now lets get to the Main Part
1.ITEMS NEEDED
a)Sim card Reader (phoenix or smartmouse reader)
b)Plain or Blank silver wafer card or smart card
c)Software to Extract Ki and imsi (Woron scan 1.09 is the best)
d)Wafer Card Programmer (is a hardware chipset needed to programme smart card Millenium 2000VX MAX)
e)Software to make the PIC and EEPROM files (Sim Emu 1.06 configurator by pic-ador)
f)Software to write the PIC and EEPROM files to blank card (card master 2.1)
2.GETTING STARTED
a)Extracting the Ki and IMSI
first connect the sim card reader to the pc's com port insert your original sim card..... run woron scan 1.06........ click on the menu "card reader" and click settings and select the com port which the card reader is connected to....dont change any thing else in settings.....click ok
if you have a phoenix card reader checkmark phoenix in the card reader menu.....
now click on "IMSI select" on the task menu...... the program will now communicate with the sim card and retrieve the imsi value........ once u got the imsi value..... write that on a piece of paper
now in the same way retrieve the "icc value" and write that down too
now click on "Ki search" now the program hacks the sim and retrieves the the ki value which consists of 32 numbers......... Note that it may take up to 8 hrs to completely get the ki value....... no matter how much faster the comp is...... this is because the sim is only capable of receiving and sending data@9600 bits/sec...
so goto sleep.... for now.....
After u wake up ....make sure u write down the Ki value safely in a piece of paper like u did for the imsi value........ exit woron scan....
yaaahhoooo now u can stand up and proudly say that u hacked the sim
b)Making the PIC and EEPROM files with SIM EMU configurator
first uncheck the A3A8 checkbox under security........... Please dont enable this even from the sim services menu. If enabled, it counts back to zero and when it reaches zero,........ it will corrupt your simcard. In the configurator you can set the number of ADN, FDN and SMS. ...........You can use the formula ?16448 = (ADN - 51 ) x 32 +SMS x 176 + FDN x 32 must be less than 6480? for silver wafer cards.
Then generate the Hex files forPIC and EEPROM by clicking the Generate Hex file. With this configurator, in addition to the 16 number
slots, you can make the simcard a Motorola Test card too. In 16 in 1 configurator the positions are from
0-9 and from A-F. Each position can be customized by individual PIN an PUK codes. finished making the files now next step copy these files to the blank card using the programmer......
c)Write the files to the SILVER WAFER card
Now we have the files to be written to the Silver Wafer card. For this we need the Wafer
card programmer and the software for programming. Here i am using the Millenium 2000VX Max programmer
and the Cardmaster 2.1 software. Connect the programmer and run the software. Select the type
of card you are using. Select the port by clicking setup > port. If the port set by you is correct the red
colour with message on status bar changes to yellow and shows no simcard. Insert the simcard and load
the files for PIC and EEPROM in the file to PIC and file to EEPROM fields respectively. Dont change any
other settings. Now you are at the last stage.
Press F3 or click edit > Auto Program. You can watch the
status bar about what is happening. Programming the pic.. programming the eeprom... programming the
pic.... verifying.... and at last you will get the message that the card is programmed successfully. Here
you may ask the question why the PIC is programmed again after programming the EEPROM?. The PIC is
first programmed with the eeprom loader to program the EEPROM. then the EEPROM is programmed
through the pic. After that the contents in the pic is erased and the actual file is programmed in the PIC
d) Cutting the smart card into a Sim card...... and settings on the phone
The card which we have made is a 16 in 1 sim card....... means we can store 16 different sim card numbers in one
This is the last step guys...... cut the smart card in the shape of ur sim card...... insert the sim card in the phone.....
switch on the handset...... the phone asks for the PIN..... type ne 4 digit number this is for the first slot 0...... now the phone asks for the PUK code again type ne 4 digit number again for the first slot....... now the phone switches on with no network coverage...... a network error message will appear....... this is usual because........ the main values (ki and imsi) have not entered....... so the network operator cannot authenticate the sim.........
now the Finalle....... u would have noticed by now that a new menu called the "sim emu 6.01" has appeared....... select it......you can see the menus Configure, Select Phone and Information. Select Configure and go to config position. It asks for the position. You can select any position from 0-9 and A-F. After selecting the position it asks for a PIN and PUK. Always provide different PIN and PUK for each positions. It helps us to switch to a number directly when the handset is switched on. After PIN and PUK it asks for KI,IMSI and ICCID. You can now recall the extracted values from STEP1 and enter it to appropriate fields.
After doing all this..... u should now posses ur newly cloned sim card...... u earned it congratulations..... ............. If not then...... u must beat urself 10 times ........ and repeat the entire process.....
I will not post the softwares. You'll have to find it yourself. Pero pag pinilit ako, sasabihin ko rin.
**Disclaimer: I will not be held liable for any damage, misuse, loss of information or any unlikely circumstances that will arise by following or trying the following procedures. Anything you do is your own responsibility.
The following guide was used to make clones of sims used in india ........... unlike the complicated guides you find on the net ....... this was compiled alltogether and made one simple guide which can be followed even by beginners..covering only the relevant things needed to know rather than going technically deep
Before starting off with this guide ..... i would like to make one thing clear .......... SIM CLONING is illegal ..... there have been many cases in india where people have been caught...... for cloning others sims .......... and making calls worth thousands through it ............ recently many gsm operators in india have set up surveillance techniques to trap people who use cloned sims............ So i once again request to everyone that please use this guide for personal purpose only,do not use this guide for cheating ......
First off a little introduction about SIM CARDS.......
Our sim cards contain ......... two secret codes or keys called (imsi value and ki value) which enables the operator in identifying the sim card number and authenticate the customer ...... these codes are related to our mobile numbers which...... the operators store in their vast data base......... it is based on these secret keys that enables the billing to be made to that customer. now what we do in sim cloning is extract these two secret codes from the sim and programme it into a new blank smart card often known as wafer........ since the operator authentication on sims is based on these values..... it enables us to fool the operators in thinking that its the original sim......... this authentication is a big flaw concerning GSM technology.........
Now which sim cards can be cloned
Sim cards are manufactured on the basis of 3 algorithms....... COMP128v1,COMP128v2 and COMP128v3
now an important note currently only COMP128v1 version sim cards can be cloned .... since this is the only algorithm which has been cracked by users......... bear in mind that 70% of all the sim cards we use are COMP128v1...... now which gsm operators use what algorithms..... they are as follows:
Airtel-90% can be cloned
Hutch-75% can be cloned
bpl mobile-90% can be cloned
idea-numbers before Aug 2005 can be cloned newer cards very rare
BSNL- 0% say no - reason not comp128v1 version
OK thats it about the background..... now lets get to the Main Part
1.ITEMS NEEDED
a)Sim card Reader (phoenix or smartmouse reader)
b)Plain or Blank silver wafer card or smart card
c)Software to Extract Ki and imsi (Woron scan 1.09 is the best)
d)Wafer Card Programmer (is a hardware chipset needed to programme smart card Millenium 2000VX MAX)
e)Software to make the PIC and EEPROM files (Sim Emu 1.06 configurator by pic-ador)
f)Software to write the PIC and EEPROM files to blank card (card master 2.1)
2.GETTING STARTED
a)Extracting the Ki and IMSI
first connect the sim card reader to the pc's com port insert your original sim card..... run woron scan 1.06........ click on the menu "card reader" and click settings and select the com port which the card reader is connected to....dont change any thing else in settings.....click ok
if you have a phoenix card reader checkmark phoenix in the card reader menu.....
now click on "IMSI select" on the task menu...... the program will now communicate with the sim card and retrieve the imsi value........ once u got the imsi value..... write that on a piece of paper
now in the same way retrieve the "icc value" and write that down too
now click on "Ki search" now the program hacks the sim and retrieves the the ki value which consists of 32 numbers......... Note that it may take up to 8 hrs to completely get the ki value....... no matter how much faster the comp is...... this is because the sim is only capable of receiving and sending data@9600 bits/sec...
so goto sleep.... for now.....
After u wake up ....make sure u write down the Ki value safely in a piece of paper like u did for the imsi value........ exit woron scan....
yaaahhoooo now u can stand up and proudly say that u hacked the sim
b)Making the PIC and EEPROM files with SIM EMU configurator
first uncheck the A3A8 checkbox under security........... Please dont enable this even from the sim services menu. If enabled, it counts back to zero and when it reaches zero,........ it will corrupt your simcard. In the configurator you can set the number of ADN, FDN and SMS. ...........You can use the formula ?16448 = (ADN - 51 ) x 32 +SMS x 176 + FDN x 32 must be less than 6480? for silver wafer cards.
Then generate the Hex files forPIC and EEPROM by clicking the Generate Hex file. With this configurator, in addition to the 16 number
slots, you can make the simcard a Motorola Test card too. In 16 in 1 configurator the positions are from
0-9 and from A-F. Each position can be customized by individual PIN an PUK codes. finished making the files now next step copy these files to the blank card using the programmer......
c)Write the files to the SILVER WAFER card
Now we have the files to be written to the Silver Wafer card. For this we need the Wafer
card programmer and the software for programming. Here i am using the Millenium 2000VX Max programmer
and the Cardmaster 2.1 software. Connect the programmer and run the software. Select the type
of card you are using. Select the port by clicking setup > port. If the port set by you is correct the red
colour with message on status bar changes to yellow and shows no simcard. Insert the simcard and load
the files for PIC and EEPROM in the file to PIC and file to EEPROM fields respectively. Dont change any
other settings. Now you are at the last stage.
Press F3 or click edit > Auto Program. You can watch the
status bar about what is happening. Programming the pic.. programming the eeprom... programming the
pic.... verifying.... and at last you will get the message that the card is programmed successfully. Here
you may ask the question why the PIC is programmed again after programming the EEPROM?. The PIC is
first programmed with the eeprom loader to program the EEPROM. then the EEPROM is programmed
through the pic. After that the contents in the pic is erased and the actual file is programmed in the PIC
d) Cutting the smart card into a Sim card...... and settings on the phone
The card which we have made is a 16 in 1 sim card....... means we can store 16 different sim card numbers in one
This is the last step guys...... cut the smart card in the shape of ur sim card...... insert the sim card in the phone.....
switch on the handset...... the phone asks for the PIN..... type ne 4 digit number this is for the first slot 0...... now the phone asks for the PUK code again type ne 4 digit number again for the first slot....... now the phone switches on with no network coverage...... a network error message will appear....... this is usual because........ the main values (ki and imsi) have not entered....... so the network operator cannot authenticate the sim.........
now the Finalle....... u would have noticed by now that a new menu called the "sim emu 6.01" has appeared....... select it......you can see the menus Configure, Select Phone and Information. Select Configure and go to config position. It asks for the position. You can select any position from 0-9 and A-F. After selecting the position it asks for a PIN and PUK. Always provide different PIN and PUK for each positions. It helps us to switch to a number directly when the handset is switched on. After PIN and PUK it asks for KI,IMSI and ICCID. You can now recall the extracted values from STEP1 and enter it to appropriate fields.
After doing all this..... u should now posses ur newly cloned sim card...... u earned it congratulations..... ............. If not then...... u must beat urself 10 times ........ and repeat the entire process.....
I will not post the softwares. You'll have to find it yourself. Pero pag pinilit ako, sasabihin ko rin.