SIMurai: Hack Sim Cards Easily | 3G | 4G | 5G

By /

Listen to this Post

Featured Image
SIMurai is a powerful tool designed for testing and hacking mobile networks by emulating SIM cards and analyzing cellular network security. It enables penetration testers and cybersecurity researchers to evaluate vulnerabilities in SIM cards, modem firmware, and cellular devices.

You Should Know:

Key Features of SIMurai:

  • SIM Card Emulation: Mimic real SIM cards to test network interactions.
  • LTE Network Connection: Uses srsRAN for LTE network simulation.
  • Malicious Command Testing: Execute attacks like unauthorized data reading, location tracking, and SMS spoofing.
  • Firmware Fuzzing: Identify vulnerabilities in modem firmware (e.g., using FirmWire).
  • CVE Discovery: Hunt for security flaws at the firmware level.

Practical Commands & Usage:

Setting Up SIMurai:

git clone https://github.com/simurai-project/SIMurai 
cd SIMurai 
pip install -r requirements.txt

Emulating a SIM Card:

./simurai emulate --imsi 001010123456789 --network LTE

Connecting to srsRAN for LTE Testing:

sudo srsenb --rf.device=zmq --rf.device_args="tx_port=tcp://:2000,rx_port=tcp://localhost:2001"

Testing Malicious SMS Injection:

./simurai sms --target-imei 123456789012345 --message "Malicious Payload"

Firmware Fuzzing with FirmWire:

./firmwire -t modem_firmware.bin -a simurai_fuzz.yaml

Checking Modem Responses:

atcmd -p /dev/ttyUSB0 "AT+CSIM=10,\"00A4040000\""

Defensive Checks (For Security Teams):

 Monitor suspicious SIM activities 
sudo tshark -i any -Y "gsm_sim" -l 

 Check modem logs for anomalies 
journalctl -u ModemManager --no-pager | grep -i "security"

What Undercode Say:

SIMurai exposes critical weaknesses in cellular networks, emphasizing the need for robust SIM authentication, firmware hardening, and real-time anomaly detection. Telecom providers must adopt AI-driven intrusion detection and secure OTA updates to mitigate risks.

Expected Output:

[+] SIM Emulation Started: IMSI 001010123456789 
[!] LTE Network Connected via srsRAN 
[+] SMS Payload Injected: "Malicious Payload" 
[?] Modem Response: AT+CSIM=10,"00A4040000" → OK

Tool Link: SIMurai GitHub
Telegram Group: The7HacX

Prediction:

SIM-based attacks will surge in 2024, targeting 5G IoT devices and eSIM deployments, necessitating stricter GSMA compliance audits.

Expected Output: A detailed cybersecurity analysis with actionable commands for red and blue teams.

References:

Reported By: Saurabh B294b21aa – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram

Related Posts: