In the last days I finally got some bits out of the Nokia N900's modem
on Debian without any properitary tools. For now it's just the following
model: "Nokia N900"
revision: "V ICPR82_10w08 25-02-10 RX-51 (c) Nokia"
But the most difficult part is probably done. My next plan was to get
the modem connect to a mobile network, which requires an unlocked SIM
card. Unfortunately ofono does not yet
support SIM cards with PINs. Thus I had to find another way to get out
how to perform this task.
I started reverse engineering the properitary sscd, but got annoyed of it
pretty fast (it's lots of work for just a little bit of information). I
thought it might be easier to analyze the network traffic, since I know
the basic format of these messages anyway. So I installed tcpdump in maemo
and added the following event.d rule as /etc/event.d/tcpdump:
description "tcpdump on phonet0"
author "Sebastian Reichel"
start on started dbus
stop on stopping dbus
respawn limit 10 1
exec tcpdump -i phonet0 -w /root/phonet.log
This worked at one go and I had a log file with ~300 packages in it (this is the amount
of packages generated during maemo's boot phase). The packages were detected as
SLL packages by wireshark. This means there
was just one blob of data, thus I deceided to write a plugin for Phonet. After some
searching I deceided to use the lua interface,
since it looked quite easy. I got hit by one problem while coding the (still very basic)
plugin, which needs patching of wireshark (Debian Bug #594390).
Now check the IMHO amazing result:
- Code of the plugin
- Screenshot without the plugin
- Screenshot with the plugin
- Screenshot analyzing SIM PIN package
Note, that the plugin covers only some commands and is far from being complete. It will append all data, which has not been analyzed in an extra field.
Update (12.09.2010 04:21:00 +0200):
As of Revision 34101 Wireshark does support ssl.ltype dissectors, so the patch is not needed with it anymore.
Update (05.10.2010 03:35:00 +0200):
You must add the parameter "-s 0" to the tcpdump call or it will limit the packet size.