ShannonDM SIM profile

13.06.2021

Get SIM profile with Samsung ShannonDM and a Samsung Exynos phone.

0. Enable USB Debugging in the phone

1. install ShannonDM, connect the phone to the USB port;

2. Dial to *#0808# and enable RNDIS + ACM + DM + ADB and click OK to save settings

More details: https://volteromania.blogspot.com/p/phone-tools.html

Samsung S21:

 Look for : ACTIVATE DEFAULT EPS BEARER REQUEST message coming from the network. Full message below.

 Orange Romania 5G profile : 1000 Mbps DL / 400 Mbps UL ; QCI 8

 


 

 Vodafone Romania Prepaid Profile : 300/100 QCI 9




 
Non-Access-Stratum (NAS)PDU
  0010 .... = Security header type: Integrity protected and ciphered (2)
  .... 0111 = Protocol discriminator: EPS mobility management messages (0x7)
  Message authentication code: 0xb4917095
  Sequence number: 7
  Ciphered message: c84b4d5f2d69172931c7fd6c7dc355e322ade2f0f2d18724ΓǪ
Non-Access-Stratum (NAS)PDU
  0000 .... = Security header type: Plain NAS message, not security protected (0)
  .... 0111 = Protocol discriminator: EPS mobility management messages (0x7)
  NAS EPS Mobility Management Message Type: Attach accept (0x42)
  0000 .... = Spare half octet: 0
  .... 0... = Spare bit(s): 0x00
  .... .010 = Attach result: Combined EPS/IMSI attach (2)
  GPRS Timer - T3412 value
    GPRS Timer: 54 min
      010. .... = Unit: value is incremented in multiples of decihours (2)
      ...0 1001 = Timer value: 9
  Tracking area identity list - TAI list
    Length: 6
    0... .... = Spare bit(s): 0x00
    .00. .... = Type of list: list of TACs belonging to one PLMN, with non-consecutive TAC values (0)
    ...0 0000 = Number of elements: 0 [+1 = 1 element(s)]
    Mobile Country Code (MCC): Romania (226)
    Mobile Network Code (MNC): Orange (10)
    Tracking area code(TAC): 10118
  ESM message container
    Length: 111
    ESM message container contents: 5201c1010817036e6574066d6e63303130066d6363323236ΓǪ
      0101 .... = EPS bearer identity: EPS bearer identity value 5 (5)
      .... 0010 = Protocol discriminator: EPS session management messages (0x2)
      Procedure transaction identity: 1


      NAS EPS session management messages: Activate default EPS bearer context request (0xc1)
      EPS quality of service
        Length: 1
        Quality of Service Class Identifier (QCI): QCI 8 (8)
      Access Point Name
        Length: 23
        APN: net.mnc010.mcc226.gprs
      PDN address
        Length: 5
        0000 0... = Spare bit(s): 0x00
        PDN type: IPv4 (1)
        PDN IPv4: 10.143.99.xx (10.143.99.xx)
      Linked TI - Transaction identifier
        Element ID: 0x5d
        Length: 1
        0... .... = TI Flag: The message is sent from the side that originates the TI
        TI value: 0x00 (0)
      Quality Of Service - Negotiated QoS
        Element ID: 0x30
        Length: 16
        00.. .... = Spare bit(s): 0
        ..01 1... = Quality of Service Delay class: Delay class 3 (3)
        .... .011 = Reliability class: Unacknowledged GTP/LLC, Ack RLC, Protected data (3)
        1001 .... = Peak throughput: Up to 256 000 octet/s (9)
        .... 0... = Spare bit(s): 0
        .... .011 = Precedence class: Low priority (3)
        000. .... = Spare bit(s): 0
        ...1 1111 = Mean throughput: Best effort (31)
        011. .... = Traffic class: Interactive class (3)
        ...1 0... = Delivery order: Without delivery order ('no') (2)
        .... .011 = Delivery of erroneous SDUs: Erroneous SDUs are not delivered('No') (3)
        Maximum SDU size: 1500 octets (150)
        Maximum bitrate for uplink: 8640 kbps (254)
        Maximum bitrate for downlink: 8640 kbps (254)
        0111 .... = Residual Bit Error Rate (BER): 1*10-5 (7)
        .... 0100 = SDU error ratio: 1*10-4 (4)
        0100 10.. = Transfer delay: 300 ms (18)
        .... ..11 = Traffic handling priority: Priority level 3 (3)
        Guaranteed bitrate for uplink: 0 kbps (255)
        Guaranteed bitrate for downlink: 0 kbps (255)
        000. .... = Spare bit(s): 0
        ...0 .... = Signalling indication: Not optimised for signalling traffic
        .... 0000 = Source statistics description: unknown (0)
        Maximum bitrate for downlink (extended): 256 Mbps (250)
        Guaranteed bitrate for downlink (extended): Use the value indicated by the Guaranteed bit rate for downlink (0)
        Maximum bitrate for uplink (extended): 256 Mbps (250)
        Guaranteed bitrate for uplink (extended): Use the value indicated by the Guaranteed bit rate for uplink (0)
      LLC Service Access Point Identifier - Negotiated LLC SAPI
        Element ID: 0x32
        0000 .... = Spare bit(s): 0
        .... 1001 = LLC SAPI: SAPI 9 (9)
      Radio Priority
        1000 .... = Element ID: 0x8-
        .... .011 = Radio Priority (PDP or SMS): priority level 3 (3)
      Packet Flow Identifier - Dynamically assigned
        Element ID: 0x34
        Length: 1
        0... .... = Spare bit(s): 0
        .000 1000 = Packet Flow Identifier (PFI): Dynamically assigned (8)
      APN aggregate maximum bit rate
        Element ID: 0x5e
        Length: 6
        APN-AMBR for downlink: 8640 kbps
        APN-AMBR for uplink: 8640 kbps
        APN-AMBR for downlink (extended): 232 Mbps
        APN-AMBR for uplink (extended): 144 Mbps
        APN-AMBR for downlink (extended-2): 768 Mbps
        Total APN-AMBR for downlink: 1000.000 Mbps  *** 

        APN-AMBR for uplink (extended-2): 256 Mbps
        Total APN-AMBR for uplink: 400.000 Mbps   ***
      Protocol Configuration Options
        Element ID: 0x27
        Length: 39
        [Link direction: Network to MS (1)]
        1... .... = Extension: True
        .... .000 = Configuration Protocol: PPP for use with IP PDP type or IP PDN type (0)
        Protocol or Container ID: Internet Protocol Control Protocol (0x8021)
          Length: 0x10 (16)
          PPP IP Control Protocol
            Code: Configuration Nak (3)
            Identifier: 0 (0x00)
            Length: 16
            Options: (12 bytes), Primary DNS Server IP Address, Secondary DNS Server IP Address
              Primary DNS Server IP Address
                Type: Primary DNS Server IP Address (129)
                Length: 6
                Primary DNS Address: 109.166.202.53 (109.166.202.53)
              Secondary DNS Server IP Address
                Type: Secondary DNS Server IP Address (131)
                Length: 6
                Secondary DNS Address: 109.166.202.54 (109.166.202.54)
        Protocol or Container ID: DNS Server IPv4 Address (0x000d)
          Length: 0x04 (4)
          IPv4: 109.166.202.53 (109.166.202.53)
        Protocol or Container ID: DNS Server IPv4 Address (0x000d)
          Length: 0x04 (4)
          IPv4: 109.166.202.xx (109.166.202.xx)
        Protocol or Container ID: IPv4 Link MTU (0x0010)
          Length: 0x02 (2)
          IPv4 link MTU size: 1500 octets
  EPS mobile identity - GUTI
    Element ID: 0x50
    Length: 11
    .... 0... = Odd/even indication: Even number of identity digits
    .... .110 = Type of identity: GUTI (6)
    Mobile Country Code (MCC): Romania (226)
    Mobile Network Code (MNC): Orange (10)
    MME Group ID: 32770
    MME Code: 48
    M-TMSI: 0xxxxxxxxx
  Location area identification
    Element ID: 0x13
    Location Area Identification (LAI) - 226/10/1010
      Mobile Country Code (MCC): Romania (226)
      Mobile Network Code (MNC): Orange (10)
      Location Area Code (LAC): 0x03f2 (1010)
  Mobile identity - MS identity - TMSI/P-TMSI (0x9bxxxx)
    Element ID: 0x23
    Length: 5
    1111 .... = Unused: 0xf
    .... 0... = Odd/even indication: Even number of identity digits
    .... .100 = Mobile Identity Type: TMSI/P-TMSI/M-TMSI (4)
    TMSI/P-TMSI: 0x009bxxxx
  EPS network feature support
    Element ID: 0x64
    Length: 1
    1... .... = Control plane CIoT EPS optimization: Supported
    .0.. .... = EMM-REGISTERED w/o PDN connectivity: Not supported
    ..0. .... = Support of EXTENDED SERVICE REQUEST for packet services: Not supported
    ...0 0... = CS-LCS: no information about support of location services via CS domain is available (0)
    .... .0.. = Location services via EPC: Not supported
    .... ..0. = Emergency bearer services in S1 mode: Not supported
    .... ...1 = IMS voice over PS session in S1 mode: Supported

 

 

 

 

 

 

 

 

 

 

 


Non-Access-Stratum (NAS)PDU
  0101 .... = EPS bearer identity: EPS bearer identity value 5 (5)
  .... 0010 = Protocol discriminator: EPS session management messages (0x2)
  Procedure transaction identity: 1
  NAS EPS session management messages: Activate default EPS bearer context request (0xc1)
  EPS quality of service
    Length: 1
    Quality of Service Class Identifier (QCI): QCI 8 (8)
  Access Point Name
    Length: 23
    APN: net.mnc010.mcc226.gprs
  PDN address
    Length: 5
    0000 0... = Spare bit(s): 0x00
    PDN type: IPv4 (1)
    PDN IPv4: 10.143.99.157 (10.143.99.xxx)
  Linked TI - Transaction identifier
    Element ID: 0x5d
    Length: 1
    0... .... = TI Flag: The message is sent from the side that originates the TI
    TI value: 0x00 (0)
  Quality Of Service - Negotiated QoS
    Element ID: 0x30
    Length: 16
    00.. .... = Spare bit(s): 0
    ..01 1... = Quality of Service Delay class: Delay class 3 (3)
    .... .011 = Reliability class: Unacknowledged GTP/LLC, Ack RLC, Protected data (3)
    1001 .... = Peak throughput: Up to 256 000 octet/s (9)
    .... 0... = Spare bit(s): 0
    .... .011 = Precedence class: Low priority (3)
    000. .... = Spare bit(s): 0
    ...1 1111 = Mean throughput: Best effort (31)
    011. .... = Traffic class: Interactive class (3)
    ...1 0... = Delivery order: Without delivery order ('no') (2)
    .... .011 = Delivery of erroneous SDUs: Erroneous SDUs are not delivered('No') (3)
    Maximum SDU size: 1500 octets (150)
    Maximum bitrate for uplink: 8640 kbps (254)
    Maximum bitrate for downlink: 8640 kbps (254)
    0111 .... = Residual Bit Error Rate (BER): 1*10-5 (7)
    .... 0100 = SDU error ratio: 1*10-4 (4)
    0100 10.. = Transfer delay: 300 ms (18)
    .... ..11 = Traffic handling priority: Priority level 3 (3)
    Guaranteed bitrate for uplink: 0 kbps (255)
    Guaranteed bitrate for downlink: 0 kbps (255)
    000. .... = Spare bit(s): 0
    ...0 .... = Signalling indication: Not optimised for signalling traffic
    .... 0000 = Source statistics description: unknown (0)
    Maximum bitrate for downlink (extended): 256 Mbps (250)
    Guaranteed bitrate for downlink (extended): Use the value indicated by the Guaranteed bit rate for downlink (0)
    Maximum bitrate for uplink (extended): 256 Mbps (250)
    Guaranteed bitrate for uplink (extended): Use the value indicated by the Guaranteed bit rate for uplink (0)
  LLC Service Access Point Identifier - Negotiated LLC SAPI
    Element ID: 0x32
    0000 .... = Spare bit(s): 0
    .... 1001 = LLC SAPI: SAPI 9 (9)
  Radio Priority
    1000 .... = Element ID: 0x8-
    .... .011 = Radio Priority (PDP or SMS): priority level 3 (3)
  Packet Flow Identifier - Dynamically assigned
    Element ID: 0x34
    Length: 1
    0... .... = Spare bit(s): 0
    .000 1000 = Packet Flow Identifier (PFI): Dynamically assigned (8)
  APN aggregate maximum bit rate
    Element ID: 0x5e
    Length: 6
    APN-AMBR for downlink: 8640 kbps
    APN-AMBR for uplink: 8640 kbps
    APN-AMBR for downlink (extended): 232 Mbps
    APN-AMBR for uplink (extended): 144 Mbps
    APN-AMBR for downlink (extended-2): 768 Mbps
    Total APN-AMBR for downlink: 1000.000 Mbps
    APN-AMBR for uplink (extended-2): 256 Mbps
    Total APN-AMBR for uplink: 400.000 Mbps
  Protocol Configuration Options
    Element ID: 0x27
    Length: 39
    [Link direction: Network to MS (1)]
    1... .... = Extension: True
    .... .000 = Configuration Protocol: PPP for use with IP PDP type or IP PDN type (0)
    Protocol or Container ID: Internet Protocol Control Protocol (0x8021)
      Length: 0x10 (16)
      PPP IP Control Protocol
        Code: Configuration Nak (3)
        Identifier: 0 (0x00)
        Length: 16
        Options: (12 bytes), Primary DNS Server IP Address, Secondary DNS Server IP Address
          Primary DNS Server IP Address
            Type: Primary DNS Server IP Address (129)
            Length: 6
            Primary DNS Address: 109.166.202.53 (109.166.202.53)
          Secondary DNS Server IP Address
            Type: Secondary DNS Server IP Address (131)
            Length: 6
            Secondary DNS Address: 109.166.202.54 (109.166.202.54)
    Protocol or Container ID: DNS Server IPv4 Address (0x000d)
      Length: 0x04 (4)
      IPv4: 109.166.202.53 (109.166.202.53)
    Protocol or Container ID: DNS Server IPv4 Address (0x000d)
      Length: 0x04 (4)
      IPv4: 109.166.202.54 (109.166.202.54)
    Protocol or Container ID: IPv4 Link MTU (0x0010)
      Length: 0x02 (2)
      IPv4 link MTU size: 1500 octets
Non-Access-Stratum (NAS)PDU

 

No comments:

Post a Comment

Subscribe to: Posts (Atom)

Romanian Operators Sites and core vendors

 Orange  Bucharest  Cluj Vodafone Bucharest Cluj Digi Mobil  Bucharest Iasi Timisoara

  • Samsung VoLTE/VoWiFi settings
    Enable VoLTE & VoWiFi in rooted Samsung smartphones. Usually a VoLTE device, after the power creates the Internet connection us...
  • DIGI MOBIL VoLTE & VoWiFi info
    LISTELE NU MAI SUNT ACTUALIZATE DIN SEPTEMBRIE 2019 Ultimele informatii se afla pe site-ul Digi si pe forumul Softpedia:   https://forum.s...
  • VoLTE VoWiFi Digi Mobil Romania
    LISTELE NU MAI SUNT ACTUALIZATE DIN SEPTEMBRIE 2019 Ultimele informatii se afla pe site-ul Digi si pe forumul Softpedia:   https://forum.s...