I have just examined a Lyca SIM card and the telephone number displayed read
+440000000000
Has anybody come across this before?
It came out of a working mobile phone
bigjon, is that number (+440000000000) displayed on the screen of the handset or is that number obtained from using a SIM card reading software?
ITS DISPLAYED ON MY COMPUTER SCREEN FOLLOWING XRY AND UFED READ OF SIM
bigjon,
I have also seen this on the same type of card.
I didn't read much into it as I just assumed that it was the way the field was populated following the setting up of the card.
As the field holds no control over how the card functions it didnt trouble be much.
Colin
bigjon, I have just read a Lyca Mobile SIM Card using numerous SIM readers, below are a few of the reads
TRACEFILE LOG
|StartSend |SELECT FILE A0A40000026F40
|Result |15 bytes of response data available
|StartSend |GET RESPONSE A0C000000F
|Result |00 00 00 82 6F 40 04 00 11 F5 FF 05 02 01 1A 90 00
|StartSend |READ RECORD A0B201041A
|Result |4F 77 6E 20 4E 75 6D 62 65 72 FF FF 07 81 70 55 46 80 46 F2 FF FF FF FF FF FF 90 00
|StartSend |READ RECORD A0B202041A
|Result |FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 90 00
|StartSend |READ RECORD A0B203041A
|Result |FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 90 00
|StartSend |READ RECORD A0B204041A
|Result |FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 90 00
|StartSend |READ RECORD A0B205041A
|Result |FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 90 00
The above indicates what may be expected for MSISDN representation in a Lyca Mobile SIM Card.
Unless you confirm that "+4400000000000" is stored in the EFMSISDN by viewing own number on a handset then it COULD be the SIM readers you have used MAY not be reading the file correctly.
"+4400000000000" can also be the var default keys for the MSISDN as scripted into the program
Thanks guys, it came from a SIM read and not through the phone
bigjon, I did realise you had performed a direct SIM read. I also fully appreciate you may not have felt it was necessary, but I am querying whether at some stage, apart from the data acquisition process, a handset examination had taken place with SIM inserted in the handset e.g. a visual inspection of data on the handset to corroborate what was going to be in the reports - a sort of before and after check to make sure everything had been collected so to speak - and whether that manual examination revealed the "own number" as seen on the handset screen?
Can you post the trace logs from XRY and UFED of exactly the APDUs sent to the SIM card and the responses received from the card regadung interrogation of the EFMSISDN?
br