How to access a SIM card programmatically?

Asked 8/5, 2010 at 0:2 Answered 23/1, 2017 at 13:19

Just any old GSM compatible SIM card (bonus for 3G USIM).

I presume I need some hardware? Can anyone recommend something cheap for hobbyist, and something more professional?

I presume that there will be full docs of an API with the h/w, so maybe this should be tagged "no-programming-related"? Sorry, if so.

Any good URLs or books (I am conversant with the 3GPP standards).

I'm not (black hat) hacking, don't worry, just not pleased with the likes of SIM Card Secretary, Data Doctor Recovery, etc, so would like to code my own, but might turn it commercial, or offer SIM card programming services (data recover from damaged card, etc) as a sideline.

Update: while I am primarily interested just reading my SMS for backup, it might be a bonus if someone knows of a cheap SIM card writer (so that I can back up all or part of the SIM and restore it later)

Timepleaser answered 8/5, 2010 at 0:2 Comment(2)

Are you looking for a way to read the SIM with a card reader? – Formless 11/5, 2010 at 7:24

yes, I am. can you recommend any? – Timepleaser 12/5, 2010 at 8:11

You can do that with any PC/SC smart card reader (and writer, as others pointed out) and a program that can read and parse the data for you.

Talking to a card is done via APDU commands (defined in ISO-7816)
The command set used by SIM (2G) and USIM (3G) cards is different, so you have to keep that in mind
The structure and format of the file system of a SIM card is defined in GSM 11.11 (for 2G) and ETSI TS 131.102 (for 3G) - all this documentation is public and available free of charge
The SMS are kept in a file called EF SMS, its name is 0x6F3C, its structure is defined in section 10.5.3 of GSM 11.11

Direct answers to your questions:

Here's where to buy a SIM reader, click on 'photos' to see pics of the device and screenshots of the software
SIM Manager is the program that does everything you want (including reading SMS, restoring SMS, it can even attempt to recover deleted SMS - if they're still physically on the card)
A SIM card SDK is available too. It is a DLL you can load and apply in your program. This thing does all the hard work for you, all you need is to create a GUI on top of it

I am one of the people from the team that created SIM Manager and the aforementioned SDK.

Hook answered 6/10, 2011 at 10:0 Comment(9)

I explore ETSI website. There is a lot of specifications and standards. Which one I must use to getting started with SIM card and USIM cards programming? Doesn't the specifications that you mentioned above are outdated now? (Please mention specifications for different SIM cards) Thanks. – Campanile 9/3, 2015 at 11:53

There might be new revisions of those standards, but the foundation is there and whatever new functionality is added will extend those standards, rather than replace them. You should use that as a starting point and afterwards you will have a better picture of where else to look. – Hook 9/3, 2015 at 13:21

GSM, ETSI, 3GPP? Which one I must refer to? Is there any other specification/standard for (U)SIM cards? May I ask you to match this specifications with the concept that they targeted? – Campanile 10/3, 2015 at 6:40

What exactly do you want to do with the card? Manipulate file contents?If yes - then this is what you need: GSM 11.11 (for 2G) and ETSI TS 131.102 (for 3G). – Hook 11/3, 2015 at 8:35

Thanks. Yes, I want to manipulate the contents. But I want to know what is this standards for also! Is GSM and 3GPP a subset of ETSI now? – Campanile 11/3, 2015 at 8:38

I don't know what the organization hierarchy is. As for your question - those standards explain the format of the data structures of each file type on the file-system of the SIM card. Once you familiarize yourself with that, you will be able to manipulate the file contents in a standard way, such that phones can parse it adequately. In order to do the actual writing and reading, you need to familiarize yourself with APDU commands (defined in ISO7816). – Hook 13/3, 2015 at 11:52

@Hook Can you read/write SSL certificates from/to the SIM card with the software? – Biserrate 10/6, 2019 at 21:3

I am not sure I have ever seen an EF on a SIM card where certificates are written. If you're dealing with a smart card used for cryptographic storage, then this would make sense, typically you can use PKCS#11 middleware to write certificates to the card, and you can also do it directly with APDU commands. If you're absolutely sure you are dealing with a SIM card - then what specific card type is it? – Hook 12/6, 2019 at 20:10

The link to the SDK is broken, is this SDK still available ? Or another one maybe ? – Virtual 10/9, 2022 at 6:26

You'll certainly need a smartcard reader and from what I've been able to find out, pretty much any one will do because they all have to support the standard functionality. They also happen to be pretty cheap. Mine is an OmniKey (not sure what model because I don't have it here right now).

Presuming that you're developing under Windows, the Windows API has functions that make it possible to access smartcards. Here is an article on CodeProject that discussees this in greater detail as part of a set of several C# classes that give you access to a bunch of this stuff without having to tangle with the nuts and bolts. I think that the guy's example app is specifically for SIM cards, so that'll probably help.

Bombshell answered 22/10, 2010 at 8:35 Comment(2)

+1 That sounds fantastic. I didn't realize that Windows had an API for it. I will check it out and get back to you. Thanks again. – Timepleaser 23/10, 2010 at 1:37

No problem. :) Btw, smartcard reader == smartcard writer. I've used my OmniKey "reader" to write data to an SLE4442 memory smartcard, which is somewhat different in that it's not as simple to work with as a SIM card, but the principle is the same. – Bombshell 24/10, 2010 at 10:45

There's lots of products and hardware to read and write SIM cards, have a look at http://forum.gsmhosting.com/vbb/f500/ in this forum you will find plenty of info concerning sim cards, mobile phones.. one of the bigest resource since 1999! for hardware programmers, you can build your own like JDM or ICprog.. check kiscan.net for some info..

Amory answered 22/10, 2010 at 7:57 Comment(1)

+1 Thanks, that looks good at first glance. I will check it out and get back to you. Alas, I am strictly s/w, with no h/w knowledge at all. – Timepleaser 23/10, 2010 at 1:36

pySim
In the below example, we are changing the card’s IMSI to 901700000003080 (option -i) and we are specifying a new set of -n NAME (Operator name), -t TYPE (Card type), -c CC (Country code), -x MCC (Mobile Country Code), -y MNC (Mobile Network Code) and -s ID (Integrated Circuit Card ID) values.
```
$ ./pySim-prog.py -p 0 -n OpenBSC -t sysmosim-gr1 -i 901700000003080 -c 001 -x 001 -y 02 -s 1791198229180000075
```

Is it enough just filling the new SIM card with new meta and will it working the same way as original? pyusb

Here is the full list of options:

$ ./pySim-prog.py -help
  Usage: pySim-prog.py [options]  Options:   
  -h, --help            show this help message and exit
  -d DEV, --device=DEV  Serial Device for SIM access [default: /dev/ttyUSB0]
  -b BAUD, --baud=BAUD  Baudrate used for SIM access [default: 9600]
  -p PCSC, --pcsc-device=PCSC
                        Which PC/SC reader number for SIM access
  -t TYPE, --type=TYPE  Card type (user -t list to view) [default: auto]
  -a PIN_ADM, --pin-adm=PIN_ADM
                        ADM PIN used for provisioning (overwrites default)
  -e, --erase           Erase beforehand [default: False]   
  -S SOURCE, --source=SOURCE
                        Data Source[default: cmdline]
  -n NAME, --name=NAME  Operator name [default: Magic]
  -c CC, --country=CC   Country code [default: 1]
  -x MCC, --mcc=MCC     Mobile Country Code [default: 901]
  -y MNC, --mnc=MNC     Mobile Network Code [default: 55]
  -m SMSC, --smsc=SMSC  SMSP [default: '00 + country code + 5555']
  -M SMSP, --smsp=SMSP  Raw SMSP content in hex [default: auto from SMSC]
  -s ID, --iccid=ID     Integrated Circuit Card ID
  -i IMSI, --imsi=IMSI  International Mobile Subscriber Identity
  -k KI, --ki=KI        Ki (default is to randomize)
  -o OPC, --opc=OPC     OPC (default is to randomize)
  --op=OP               Set OP to derive OPC from OP and KI
  --acc=ACC             Set ACC bits (Access Control Code). not all card types are supported
  -z STR, --secret=STR  Secret used for ICCID/IMSI autogen
  -j NUM, --num=NUM     Card # used for ICCID/IMSI autogen
  --batch               Enable batch mode [default: False]
  --batch-state=FILE    Optional batch state file
  --read-csv=FILE       Read parameters from CSV file rather than command line
  --write-csv=FILE      Append generated parameters in CSV file
  --write-hlr=FILE      Append generated parameters to OpenBSC HLR sqlite3
  --dry-run             Perform a 'dry run', don't actually program the card

The source code is available.

Also the SIM card is just a smart card. You can use pyscard or pyusb to operate on it. I found this Q&A helpful.

Thi answered 23/1, 2017 at 13:19 Comment(0)

You can use simLAB tool for reading and editing almost any SIM file. It works with every PC/SC smartcard reader. The tool also allows you to backup SIM file system.

Have a look at https://github.com/kamwar/simLAB

Madel answered 21/4, 2016 at 15:59 Comment(0)

Recommended topics

Hot tags