SIM hacks

From The iPhone Wiki
Revision as of 09:18, 28 July 2008 by Nvidia2008 (talk | contribs) (Reports)
Jump to: navigation, search

These hacks all require a SIM card passthrough to be used. Some examples are the TurboSIM, the XSim, and the SuperSIM.

WARNING

The iPhone 3G sim tray is very very thin. If using SIM hacks (dual sim, etc.) a long thin tape should be attached in a way that you can easily extract the sim tray without relying on the normal tiny sim ejector button. You have been warned.

Exploit

This relies on the fact that the IMSI is read twice, once to validate the IMSI and once to connect to the network. So the SIM card spoofs the first IMSI read to trick the device into thinking it is operating on the AT&T network, or whatever network the device is locked to. The second time it allows the IMSI to be read properly from the sim card. That is the IMSI sent to the network.

A slight variant of this exploit uses a silvercard to program the IMSI and ICCID differently. This variant requires your Ki to be known, which can only be extracted from COMPEMU v1 sim cards.

Reports

Yessim/ Furiousim Conflicting reports on whether this works.

iPhonix/Juma MacBug.de reports only 2G mode works with this.

TurboSim The author nvidia2008 describes Turbo Sim on the iPhone 3G White 16GB not working in the UK.