TerminalProfile » History » Version 6
laforge, 02/19/2016 10:49 PM
link to terminal-profile website
| 1 | 6 | laforge | Using [[SIMtrace]], you can sniff the initial communication between a 3G phone and a USIM in order to get the phone terminal profile (it should even be before the PIN check). |
|---|---|---|---|
| 2 | 1 | tsaitgaist | It is also decoded in wireshark. |
| 3 | |||
| 4 | 6 | laforge | The terminal profile CAT command header (CLA=80, INS=10, P1=00, P2=00) is defined in "ETSI TS 102 221":http://www.etsi.org/deliver/etsi_ts/102200_102299/102221/ §11.2.1. |
| 5 | The terminal profile CAT command body is defined in "ETSI TS 102 223":http://www.etsi.org/deliver/etsi_ts/102200_102299/102223/ §5.2. |
||
| 6 | 1 | tsaitgaist | It tells the USIM what it can do on the phone. |
| 7 | |||
| 8 | 5 | laforge | There is now a collaborative project on creating a database of terminal profile records of many different phones, you can reach it at https://terminal-profile.osmocom.org/ |
| 9 | 2 | tsaitgaist | |
| 10 | 5 | laforge | That page also contains instructions on how to contribute to the database - which we hope you will do, at least as long as you have a SIMtrace or other hardware to obtain it from your phones. |
