代码之家  ›  专栏  ›  技术社区  ›  Uzair Chughtai

SIM卡APDU解析工具

sim-card smartcard-reader apdu trace smartcard
  •  -1
  • Uzair Chughtai  · 技术社区  · 7 年前

    我正在监听SIM卡和LTE模块之间的IO线路。我记录了很多数据,但因为命令和响应只有一行,所以我得到了大量的十六进制数据,中间没有边界。有没有任何工具可以将十六进制转储解析为命令和响应,并告诉它是哪种类型的命令以及它在做什么?

    2 回复  |  直到 7 年前
        1
  •  4
  •   vlp    7 年前

    我为一个15多年前写的程序挖掘了我的档案,并在上面分享了它 github .

    它分析在导线上捕获的T=0通信,并具有某种基本的APDU识别(仅SIM卡,无USIM)。

    可能对你有用。

    祝你好运

    PS:有一个 simtrace project ,它可能提供类似的功能。

    输入示例: 

    FF FF 3F 2F 00 80 69 AF 02 04 02 31 00 00 00 0E 
83 3E 9F 16 A0 A4 00 00 02 A4 3F 00 9F 16 A0 A4 
00 00 02 A4 2F E2 9F 0F A0 B0 00 00 0A B0 FF FF 
FF FF FF FF FF FF FF FF 90 00 A0 A4 00 00 02 A4 
7F 20 9F 16 A0 A4 00 00 02 A4 6F AE 9F 0F A0 B0 
00 00 01 B0 02 90 00 A0 A4 00 00 02 A4 6F 05 9F 
0F A0 C0 00 00 0F C0 85 0D 00 07 6F 05 04 00 01 
FF FF 03 02 00 00 90 00 A0 B0 00 00 05 B0 01 00 
03 02 04 90 00 A0 A4 00 00 02 A4 7F 20 9F 16 A0 
C0 00 00 16 C0 85 14 00 04 7F 20 02 00 00 FB FF 
03 09 99 00 12 04 00 83 8A 80 8A 90 00 A0 A4 00 
00 02 A4 6F 07 9F 0F A0 C0 00 00 0F C0 85 0D 00 
09 6F 07 04 00 1B FF 1B 03 02 00 00 90 00 A0 A4 
00 00 02 A4 3F 00 9F 16 A0 A4 00 00 02 A4 2F E2 
9F 0F A0 A4 00 00 02 A4 7F 20 9F 16 A0 A4 00 00 
02 A4 6F 31 9F 0F A0 B0 00 00 01 B0 FF 90 00 A0 
A4 00 00 02 A4 6F 16 94 04 A0 A4 00 00 02 A4 6F 
AD 9F 0F A0 C0 00 00 0F C0 85 0D 00 03 6F AD 04 
00 0B FF FF 03 02 00 00 90 00 A0 B0 00 00 03 B0 
00 FF FF 90 00 A0 A4 00 00 02 A4 6F 38 9F 0F A0 
C0 00 00 0F C0 85 0D 00 04 6F 38 04 00 1B FF FF 
03 02 00 00 90 00 A0 B0 00 00 04 B0 FF 3F FF 0F 
90 00 A0 A4 00 00 02 A4 6F 07 9F 0F

    输出示例: 

    ---============-----------------------------------------------------------------
Garbage: FF FF

---============-----------------------------------------------------------------
ATR: 3F 2F 00 80 69 AF 02 04 02 31 00 00 00 0E 83 3E 9F 16

(*) ATR analyze
        Initial character TS=3F
                Inverse convention
        Format character T0=2F
                TB1 global interface character(s) defined
                15 historical characters present
        Global interface character TB1=00
        Historical characters: 80 69 AF 02 04 02 31 00 00 00 0E 83 3E 9F 16

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 3F 00 - (File 3F00)

SIM: 9F 16 - (SIM has response data with length 16)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 2F E2 - (File 2FE2)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 B0 00 00 0A - (READ BINARY command)
SIM: B0 - (Ins echo)

(Processing command READ BINARY)

SIM: FF FF FF FF FF FF FF FF FF FF - (Data of file 2FE2 at offset 0000)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 7F 20 - (File 7F20)

SIM: 9F 16 - (SIM has response data with length 16)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F AE - (File 6FAE)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 B0 00 00 01 - (READ BINARY command)
SIM: B0 - (Ins echo)

(Processing command READ BINARY)

SIM: 02 - (Data of file 6FAE at offset 0000)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F 05 - (File 6F05)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 C0 00 00 0F - (GET RESPONSE command)
SIM: C0 - (Ins echo)

(Processing command GET RESPONSE)

SIM: 85 0D 00 07 6F 05 04 00 01 FF FF 03 02 00 00 - (SELECT response data)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 B0 00 00 05 - (READ BINARY command)
SIM: B0 - (Ins echo)

(Processing command READ BINARY)

SIM: 01 00 03 02 04 - (Data of file 6F05 at offset 0000)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 7F 20 - (File 7F20)

SIM: 9F 16 - (SIM has response data with length 16)

---============-----------------------------------------------------------------
ME: A0 C0 00 00 16 - (GET RESPONSE command)
SIM: C0 - (Ins echo)

(Processing command GET RESPONSE)

SIM: 85 14 00 04 7F 20 02 00 00 FB FF 03 09 99 00 12 04 00 83 8A 80 8A - (SELECT response data)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F 07 - (File 6F07)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 C0 00 00 0F - (GET RESPONSE command)
SIM: C0 - (Ins echo)

(Processing command GET RESPONSE)

SIM: 85 0D 00 09 6F 07 04 00 1B FF 1B 03 02 00 00 - (SELECT response data)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 3F 00 - (File 3F00)

SIM: 9F 16 - (SIM has response data with length 16)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 2F E2 - (File 2FE2)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 7F 20 - (File 7F20)

SIM: 9F 16 - (SIM has response data with length 16)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F 31 - (File 6F31)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 B0 00 00 01 - (READ BINARY command)
SIM: B0 - (Ins echo)

(Processing command READ BINARY)

SIM: FF - (Data of file 6F31 at offset 0000)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F 16 - (File 6F16)

SIM: 94 04 - (File ID not found / Pattern not found)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F AD - (File 6FAD)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 C0 00 00 0F - (GET RESPONSE command)
SIM: C0 - (Ins echo)

(Processing command GET RESPONSE)

SIM: 85 0D 00 03 6F AD 04 00 0B FF FF 03 02 00 00 - (SELECT response data)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 B0 00 00 03 - (READ BINARY command)
SIM: B0 - (Ins echo)

(Processing command READ BINARY)

SIM: 00 FF FF - (Data of file 6FAD at offset 0000)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F 38 - (File 6F38)

SIM: 9F 0F - (SIM has response data with length 0F)

---============-----------------------------------------------------------------
ME: A0 C0 00 00 0F - (GET RESPONSE command)
SIM: C0 - (Ins echo)

(Processing command GET RESPONSE)

SIM: 85 0D 00 04 6F 38 04 00 1B FF FF 03 02 00 00 - (SELECT response data)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 B0 00 00 04 - (READ BINARY command)
SIM: B0 - (Ins echo)

(Processing command READ BINARY)

SIM: FF 3F FF 0F - (Data of file 6F38 at offset 0000)

SIM: 90 00 - (Normal ending of the command)

---============-----------------------------------------------------------------
ME: A0 A4 00 00 02 - (SELECT command)
SIM: A4 - (Ins echo)

(Processing command SELECT)

ME: 6F 07 - (File 6F07)

SIM: 9F 0F - (SIM has response data with length 0F)
        2
  •  3
  •   iso8583.info support    7 年前

    我们实现了在线工具来解析已知指令的卡ATR和APDU命令/响应。

    对于样品:

    轨迹数据输入可以在 1级 T=0、T=1数据包等的INS回声的协议级格式,或APDU命令和响应的伪跟踪日志中的格式。

    具有相关规范的数据分解的解析器。抱歉,尚未定义SIM工具包。

    下面是来自SIM卡的APDU轨迹(无回显INS字节)。

    试着用 ISO 7816 APDU parser tool 要查看一些可用的详细信息: 

    # FF FF
? 3F 2F 00 80 69 AF 02 04 02 31 00 00 00 0E 83 3E 9F 16

# Ins Echo removed from card responses

> A0 A4 00 00 02 3F 00
< 9F 16

> A0 A4 00 00 02 2F E2
< 9F 0F

> A0 B0 00 00 0A FF FF FF FF FF FF FF FF FF FF
< 90 00

> A0 A4 00 00 02 7F 20
< 9F 16

> A0 A4 00 00 02 6F AE
< 9F 0F

> A0 B0 00 00 01
< 02 90 00

> A0 A4 00 00 02 6F 05
< 9F 0F

> A0 C0 00 00 0F 
< 85 0D 00 07 6F 05 04 00 01 FF FF 03 02 00 00
< 90 00

> A0 B0 00 00 05
< 01 00 03 02 04 90 00

> A0 A4 00 00 02 7F 20
< 9F 16

> A0 C0 00 00 16
> 85 14 00 04 7F 20 02 00 00 FB FF 03 09 99 00 12 04 00 83 8A 80 8A 90 00

> A0 A4 00 00 02 6F 07
< 9F 0F

> A0 C0 00 00 0F
< 85 0D 00 09 6F 07 04 00 1B FF 1B 03 02 00 00 90 00

> A0 A4 00 00 02 3F 00
< 9F 16

> A0 A4 00 00 02 2F E2
< 9F 0F

> A0 A4 00 00 02 7F 20
< 9F 16

> A0 A4 00 00 02 6F 31
< 9F 0F

> A0 B0 00 00 01
< FF 90 00

> A0 A4 00 00 02 6F 16
< 94 04

> A0 A4 00 00 02 6F AD
< 9F 0F

> A0 C0 00 00 0F
< 85 0D 00 03 6F AD 04 00 0B FF FF 03 02 00 00 90 00

> A0 B0 00 00 03
< 00 FF FF 90 00

> A0 A4 00 00 02 6F 38
< 9F 0F

> A0 C0 00 00 0F
< 85 0D 00 04 6F 38 04 00 1B FF FF 03 02 00 00 90 00

> A0 B0 00 00 04
< FF 3F FF 0F 90 00

> A0 A4 00 00 02 6F 07
< 9F 0F
    推荐文章
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号