Skip to content

Instantly share code, notes, and snippets.

@binsys

binsys/G3空白卡写卡.txt

Forked from xurubin/G3空白卡写卡.txt
Created December 25, 2022 14:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save binsys/78d27783be67bf11e36a96ccfaf4f288 to your computer and use it in GitHub Desktop.
Save binsys/78d27783be67bf11e36a96ccfaf4f288 to your computer and use it in GitHub Desktop.
Download ZIP
G3空白卡写卡
Raw
G3空白卡写卡.txt
* Summary
G3 & GSM & Blank SIM card: to be programmed for OpenBTS with pySim-prog (Telecommunication)
ATR: 3B 9C 94 00 68 86 8D 0A 86 98 02 56 C2 00 05 00
中国移动通信 随e行 G3 USIM卡 空白卡
To program:
ICCID/IMSI/SMSP: Update binary on the standard EF
Ki: Update binary on customized record 3F00/7F20/0002
admin PIN: VERIFY CHV No 5
ADM2 PIN: VERIFY CHV No 6
Default ADM2 PIN:
schh0812
578DEEA5
5434987A
ADM2 has power to change ADMIN/PIN1/PUK1 and Ki.
Admin should be able to change Ki as well.
* Reverse engineer results from GSMIP70217.exe
empty card
3B18962621550401030001
3B18962631550501000001
18962621550401030001
18962631550501000001
ok card
3B9C940068868D0A86980256C2000500
9C940068868D0A86980256C2000500
A0A4000002.3F00 9F17 (MF)
A020000108????FFFFFFFF 9000 (VERIFY CHV1)
OR
A026000108????FFFFFFFF 9000 (VERIFY CHV1)
??.失败
--验证ADM2--
A0200006087363686830383132 9000 (VERIFY CHV6)
A0200006083537384445454135 9000 (VERIFY CHV6)
A0200006083534333439383741 9000 (VERIFY CHV6)
--选择(Customized) PIN EF--
A0A4000002.7F20 9F17 (DF_GSM)
A0A4000002.0001 9F0F (?? Customized PIN records)
--更新PIN1--
A0DC01040993&@#$%FFFFFFFF 9000 (UPDATE RECORD 1)
--更新PUK1--
A0DC0304098A&@#$% 9000 (UPDATE RECORD 3)
--更新ADM--
A0DC0504098F3132333435363738 9000 (UPDATE RECORD 5)
OR A0200005083132333435363738 9000
OR A0200005083734313935333933 9000
OR A0200005084137383934333435 9000
验证ADM
--ICCID更新--
A0A4000002.3F00 9F17 (MF)
A0A4000002.2FE2 9F0F (EF_ICCID)
A0D600000A&@#$% 9000
--更新短消息中心号码--
A0A4000002.7F10 9F17 (DF_TELECOM)
A0A4000002.6F42 9F0F (EF_SMSP)
A0DC010428FFFFFFFFFFFFFFFFFFFFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF08&@#$%FFFFFFFFFFFF 9000 (UPDATE RECORD)
--更新Ki--
A0A4000002.7F20 9F17 (DF_GSM)
A0A4000002.0002 9F0F (Customized) (EF_Ki)
A0D6000010&@#$% 9000 (UPDATE BINARY)
--更新IMSI--
A0A4000002.6F07 9F0F (EF_IMSI)
A0D6000009&@#$% 9000 (UPDATE BINARY)
A0A4000002.6F78 9F0F (EF_ACC)
A0D6000002&@#$% 9000 (UPDATE BINARY)
--关闭GSM菜单入口--
A0A4000002.6F54 9F0F (EF_SUME)
A0B0000017 85098052A8611F57305E26FFFFFFFFFFFFFFFFFFFFFFFF9000 (READ BINARY)
A0D6000017FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 9000 (UPDATE BINARY)
--更新GSM 6F7B--
A0A4000002.6F7B 9F0F (EF_FPLMN)
A0D600000CFFFFFFFFFFFFFFFFFFFFFFFF 9000 (UPDATE BINARY)
--更新GSM 6F30--
A0A4000002.6F30 9F0F (EF_PLMNsel)
A0D6000078????64F01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 9000
A0D6007878????FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 9000
--IP启用--
(optional?)A0A4000002.3F00 9F17 (MF)
A0A4000002.4F01 9F0F (??)
A0D60000?????? 9000 (UPDATE BINARY)
OR
(optional?)A0A4000002.3F00 9F17 (MF)
A0A4000002.4F01 9F0F (??)
A0D600000100 9000 (UPDATE BINARY)
关闭GSM菜单入口
A0A4000002.7F10 9F17 (DF_TELECOM)
A0A4000002.6FFE 9F0F
A0D6000042FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 9000
PIN关闭打开切换
A020000108????FFFFFFFF 9000 (VERIFY CHV1)
A026000108????FFFFFFFF 9000
A028000108????FFFFFFFF 9000
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment