Author: lnv42 Frequency: HF (13.56 MHz) Hardware: RDV4 (flash memory)
Back to Standalone Modes Index | Source Code | Development Guide
Dumps an ISO15693 tag's complete memory, then simulates it. Auto-detects tag type (MIM1024, etc.) and specific attributes like DSFID and AFI.
ISO15693 tags are used in libraries, laundry systems, industrial asset tracking, and some access control. This mode enables read-then-replay attacks: capture a tag's full contents and then emulate it at a reader without the original tag present.
- Wait: Scans for an ISO15693 tag in the field
- Dump: On detection, reads all memory blocks and tag system info (DSFID, AFI, block size)
- Simulate: Begins emulating the captured tag with full memory contents
| LED | Meaning |
|---|---|
| B (solid) | Waiting for a dumpable tag |
| LEDs off | Dumping / simulating |
| Action | Effect |
|---|---|
| Hold 500ms | Exit standalone mode |
| USB command | Exit standalone mode |
stateDiagram-v2
[*] --> WaitForTag : Startup\nLED_B on
WaitForTag --> DumpTag : ISO15693 tag found
WaitForTag --> WaitForTag : No tag / incompatible
DumpTag --> Simulate : Dump complete\n(all blocks read)
DumpTag --> WaitForTag : Dump failed
Simulate --> [*] : Button hold 500ms
WaitForTag --> [*] : Button hold 500ms
make clean
make STANDALONE=HF_15SIM -j
./pm3-flash-fullimage
- ISO15693 UID Emulator — Simpler 15693 UID emulation
- 15693 Sniffer — ISO15693 protocol sniffer