Suspicious SMS

hardware FCSC 2021 solved on

star star


While analyzing the traffic between my phone and the network, I detected a Class 0 SMS. This SMS contains instructions to install a Java Card applet on my SIM card.

I have extracted the content of the applet (jc_dump.bin). It looks like Java Card 3.0.1. Our expert being absent, we cannot ask her for help.

Once this applet has been installed, I discovered that encrypted APDUs were being exchanged between the SIM card and the carrier network. I detected this APDU response, but I could not catch the beginning of the exchanges. Its content seems to be encrypted.

< C6 5F 56 69 08 F8 A0 4A 4D CE 35 C0 1A 4B B2 AB 29 D4 1C FC EA 3D FF 7E 97 E3 42 F6 4F 60 27 14 9C C7 83 4A 04 F9 D7 C2 DE 8F 35 0E 96 77 09 6F 81 EA D0 CD 09 FB BE 74 58 D7 FE 45 2D 9D A4 43 11 87 63 31 24 EF 65 3D 6E 55 DF 54 34 AC E0 A5 90 00

Can you find the hidden secret?


  • jc_dump.bin
    1.04 KiB – a73599ab05a53abb75af33dc72fe1951e66ad738c08d7a2311a3bd76df2e0897




Share my success on Fediverse, Twitter, Linkedin, Facebook, or via email.

Submit your solution

You can submit your writeup for this challenge. Read the FAQ to learn how to proceed.

You need to be logged in to submit a writeup.


There are no public solutions for this challenge yet, but you can submit yours after getting the flag.