PM3 Commands Reference (Iceman Firmware):

Main Help

---

Current command:
hf mfdes chfilesettings --help

---

Get File Settings from file from application. Master key needs to be provided or flag --no-auth set (depend on cards settings).

usage:
    hf mfdes chfilesettings [-hav] [-n <dec>] [-t <DES|2TDEA|3TDEA|AES>] [-k <hex>] [--kdf <none|AN10922|gallagher>]

options:
    -h, --help                     This help
    -a, --apdu                     Show APDU requests and responses
    -v, --verbose                  Verbose output
    -n, --keyno <dec>              Key number
    -t, --algo <DES|2TDEA|3TDEA|AES> Crypt algo
    -k, --key <hex>                Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)
    --kdf <none|AN10922|gallagher> Key Derivation Function (KDF)
    -i, --kdfi <hex>               KDF input (1-31 hex bytes)
    -m, --cmode <plain|mac|encrypt> Communicaton mode
    -c, --ccset <native|niso|iso>  Communicaton command set
    --schann <d40|ev1|ev2|lrp>     Secure channel
    --aid <hex>                    Application ID (3 hex bytes, big endian)
    --isoid <hex>                  Application ISO ID (ISO DF ID) (2 hex bytes, big endian)
    --fid <hex>                    File ID (1 hex byte)
    --rawdata <hex>                File settings (HEX > 5 bytes). Have priority over the other settings
    --amode <plain|mac|encrypt>    File access mode
    --rawrights <hex>              Access rights for file (2 hex bytes) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied
    --rrights <key0..13|free|deny> Read file access mode: the specified key, free, deny
    --wrights <key0..13|free|deny> Write file access mode: the specified key, free, deny
    --rwrights <key0..13|free|deny> Read/Write file access mode: the specified key, free, deny
    --chrights <key0..13|free|deny> Change file settings access mode: the specified key, free, deny
    --no-auth                      Execute without authentication

examples/notes:
    hf mfdes chfilesettings --aid 123456 --fid 01 --amode plain --rrights free --wrights free --rwrights free --chrights key0      -> change file settings app=123456, file=01 with defaults from `default` command
    hf mfdes chfilesettings -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 --rawdata 00EEEE      -> execute with default factory setup
    hf mfdes chfilesettings --aid 123456 --fid 01 --rawdata 810000021f112f22      -> change file settings with additional rights for keys 1 and 2
    hf mfdes chfilesettings --isoid df01 --fid 00 --amode plain --rawrights eee0 --schann lrp -t aes      -> change file settings via lrp channel