ADD: @marshmellows42 's fixes for "lf cmdread" and CHANGELOG.md

ADD: Added the "lf t55x7 wakeup" command. It will send a pwd, and leave the antenna on. Process like: 1. lf t55x7 wakeup p 11223344 2. lf search --- It is still not finished, will work together with the "lf t55x7 commands" in next step when I figure out the process from the datasheets.
2025-08-23 22:45:27 -07:00 · 2015-10-20 19:00:02 +02:00 · 2015-10-20 19:00:02 +02:00 · 9276e859a6
commit 9276e859a6
parent b87f99f4bb
10 changed files with 230 additions and 80 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,10 +4,10 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
 ## [unreleased][unreleased]
  --trying to fix "hf 14b" command to be able to read CALYPSO card.	 (iceman)
  --trying to fix "t55x7" read with password bug. (iceman)
  --
-### Added
+### Added												
 - `lf t55xx read w` added wake with password then read following stream option to standard t55xx read commands (marshmellow)
 - `hf mf eload u` added an ultralight/ntag option. (marshmellow)
 - `hf iclass managekeys` to save, load and manage iclass keys.  (adjusted most commands to accept a loaded key in memory) (marshmellow)
 - `hf iclass readblk` to select, authenticate, and read 1 block from an iclass card (marshmellow)
@ -22,6 +22,10 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
 - Added `data hex2bin` and `data bin2hex` for command line conversion between binary and hexadecimal (holiman)
 ### Changed																		
 - added lf t5xx read with password safety check and warning text
 - Adjusted LF FSK demod to account for cross threshold fluctuations (898 count waves will adjust the 9 to 8 now...) more accurate.
 - Adjusted timings for t55xx commands.  more reliable now.
 - `lf cmdread` adjusted input methods and added help text (marshmellow & iceman)
 - changed `lf config t <threshold>` to be 0 - 128 and will trigger on + or - threshold value (marshmellow) 
 - `hf iclass dump` cli options - can now dump AA1 and AA2 with different keys in one run (does not go to muliple pages for the larger tags yet)
 - Revised workflow for StandAloneMode14a (Craig Young)
@ -39,7 +43,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
 ### Added
 - Add `hf 14b reader` to find and print general info about known 14b tags (marshmellow)
- Add `hf 14b info` to find and print full info about std 14b tags and sri tags (using 14b raw commands in the client)  (marshmellow)
+- Add `hf 14b info` to find and print info about std 14b tags and sri tags (using 14b raw commands in the client)  (marshmellow)
 - Add PACE replay functionality (frederikmoellers)
 ### Fixed 
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@ -980,7 +980,7 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			CopyIndala224toT55x7(c->d.asDwords[0], c->d.asDwords[1], c->d.asDwords[2], c->d.asDwords[3], c->d.asDwords[4], c->d.asDwords[5], c->d.asDwords[6]);
 			break;
 		case CMD_T55XX_READ_BLOCK:
-			T55xxReadBlock(c->arg[1], c->arg[2],c->d.asBytes[0]);
+			T55xxReadBlock(c->arg[0], c->arg[1], c->arg[2]);
 			break;
 		case CMD_T55XX_WRITE_BLOCK:
 			T55xxWriteBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes[0]);
@ -988,6 +988,9 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_T55XX_READ_TRACE:
 			T55xxReadTrace();
 			break;
 		case CMD_T55XX_WAKEUP:
 			T55xxWakeUp(c->arg[0]);
 			break;
 		case CMD_PCF7931_READ:
 			ReadPCF7931();
 			break;
--- a/armsrc/apps.h
+++ b/armsrc/apps.h
@ -67,9 +67,10 @@ extern uint8_t bits_per_sample ;
 extern bool averaging;
 void AcquireRawAdcSamples125k(int divisor);
-void ModThenAcquireRawAdcSamples125k(int delay_off,int period_0,int period_1,uint8_t *command);
+void ModThenAcquireRawAdcSamples125k(uint32_t delay_off, uint32_t period_0, uint32_t period_1, uint8_t *command);
 void ReadTItag(void);
 void WriteTItag(uint32_t idhi, uint32_t idlo, uint16_t crc);
 void AcquireTiType(void);
 void AcquireRawBitsTI(void);
 void SimulateTagLowFrequency(int period, int gap, int ledcontrol);
@ -88,8 +89,9 @@ void WriteEM410x(uint32_t card, uint32_t id_hi, uint32_t id_lo);
 void CopyIndala64toT55x7(int hi, int lo); // Clone Indala 64-bit tag by UID to T55x7
 void CopyIndala224toT55x7(int uid1, int uid2, int uid3, int uid4, int uid5, int uid6, int uid7); // Clone Indala 224-bit tag by UID to T55x7
 void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMode);
-void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode );
+void T55xxReadBlock(uint16_t arg0, uint8_t Block, uint32_t Pwd);
 void T55xxReadTrace(void);
 void T55xxWakeUp(uint32_t Pwd);
 void TurnReadLFOn();
 void EM4xReadWord(uint8_t Address, uint32_t Pwd, uint8_t PwdMode);
 void EM4xWriteWord(uint32_t Data, uint8_t Address, uint32_t Pwd, uint8_t PwdMode);
--- a/armsrc/lfops.c
+++ b/armsrc/lfops.c
@ -26,7 +26,7 @@
 * @param period_1
 * @param command
 */
-void ModThenAcquireRawAdcSamples125k(int delay_off, int period_0, int period_1, uint8_t *command)
+void ModThenAcquireRawAdcSamples125k(uint32_t delay_off, uint32_t period_0, uint32_t period_1, uint8_t *command)
 {
 	int divisor_used = 95; // 125 KHz
@ -1167,7 +1167,7 @@ void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMod
 	T55xxWriteBit(1);
 	T55xxWriteBit(0); //Page 0
-	if (PwdMode == 1){
+	if (PwdMode){
 		// Send Pwd
 		for (i = 0x80000000; i != 0; i >>= 1)
 			T55xxWriteBit(Pwd & i);
@ -1190,13 +1190,14 @@ void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMod
 	// turn field off
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	cmd_send(CMD_ACK,0,0,0,0,0);
-	LED_A_OFF();	
+	LED_A_OFF();
 	LED_B_OFF();
 }
 // Read one card block in page 0
-void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
+void T55xxReadBlock(uint16_t arg0, uint8_t Block, uint32_t Pwd) {
 	LED_A_ON();
-	
+	uint8_t PwdMode = arg0 & 0xFF;
 	uint32_t i = 0;
 	//clear buffer now so it does not interfere with timing later
@ -1208,8 +1209,7 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
 	// Set up FPGA, 125kHz
 	LFSetupFPGAForADC(95, true);
-	// Trigger T55x7 in mode.
+	// Trigger T55x7 Direct Access Mode
  // Trigger T55x7 Direct Access Mode
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	SpinDelayUs(START_GAP);
@ -1217,11 +1217,12 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
 	T55xxWriteBit(1);
 	T55xxWriteBit(0); //Page 0
-	if (PwdMode == 1){
+	if (PwdMode){
 		// Send Pwd
 		for (i = 0x80000000; i != 0; i >>= 1)
 			T55xxWriteBit(Pwd & i);
 	}
 	// Send a zero bit separation
 	T55xxWriteBit(0);
@ -1239,6 +1240,7 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) {
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	cmd_send(CMD_ACK,0,0,0,0,0);    
 	LED_A_OFF();
 	LED_B_OFF();
 }
 // Read card traceability data (page 1)
@ -1269,6 +1271,30 @@ void T55xxReadTrace(void){
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	cmd_send(CMD_ACK,0,0,0,0,0);
 	LED_A_OFF();
 	LED_B_OFF();
 }
 void T55xxWakeUp(uint32_t Pwd){
 	LED_B_ON();
 	uint32_t i = 0;
 	// Set up FPGA, 125kHz
 	LFSetupFPGAForADC(95, true);
 	// Trigger T55x7 Direct Access Mode
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	SpinDelayUs(START_GAP);
 	// Opcode 10
 	T55xxWriteBit(1);
 	T55xxWriteBit(0); //Page 0
 	// Send Pwd
 	for (i = 0x80000000; i != 0; i >>= 1)
 		T55xxWriteBit(Pwd & i);
 	// Turn field on to read the response
 	TurnReadLFOn(READ_GAP);
 }
 /*-------------- Cloning routines -----------*/
--- a/armsrc/lfsampling.c
+++ b/armsrc/lfsampling.c
@ -266,14 +266,16 @@ void doT55x7Acquisition(void){
 	if ( bufsize > T55xx_SAMPLES_SIZE )
 		bufsize = T55xx_SAMPLES_SIZE;
 	//memset(dest, 0, bufsize);
 	uint16_t i = 0;
 	uint16_t nosignal = 0;
 	bool startFound = false;
 	bool highFound = false;
 	uint8_t curSample = 0;
 	uint8_t firstSample = 0;
-	for(;;) {
+	while(!BUTTON_PRESS()) {
 		WDT_HIT();
 		if ( nosignal == 0xFFFF ) break;
 		if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) {
 			AT91C_BASE_SSC->SSC_THR = 0x43;
 			LED_D_ON();
@ -287,6 +289,7 @@ void doT55x7Acquisition(void){
 					firstSample = curSample;
 				highFound = true;
 			} else if (!highFound) {
 				nosignal++;
 				continue;
 			}
--- a/client/cmdlf.c
+++ b/client/cmdlf.c
@ -36,16 +36,18 @@ static int CmdHelp(const char *Cmd);
 int usage_lf_cmdread()
 {
-	PrintAndLog("Usage: lf cmdread  <delay off> <zero> <one> <cmdbytes> [H|L]");
+	PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H]");
 	PrintAndLog("Options:        ");
 	PrintAndLog("       h             This help");
-	PrintAndLog("      <delay off>    delay offset");
+	PrintAndLog("       H             Freqency High (134 KHz), default is 'Low (125KHz)'");
-	PrintAndLog("      <zero>         time period ZERO");
+	PrintAndLog("       d <delay>     delay OFF period, (dec)");
-	PrintAndLog("      <one>          time period ONE");
+	PrintAndLog("       z <zero>      time period ZERO, (dec)");
-	PrintAndLog("      [H|L]          Frequency Low (125 KHz) / High (134 KHz)");
+	PrintAndLog("       o <one>       time period ONE, (dec)");
 	PrintAndLog("       c <cmd>       Command bytes");
 	PrintAndLog("       ************* All periods in microseconds (ms)");
 	PrintAndLog("Examples:");
-	PrintAndLog("      lf cmdread 80 100 200 11000");
+	PrintAndLog("      lf cmdread d 80 z 100 o 200 c 11000");
-	PrintAndLog("      lf cmdread 80 100 100 11000 H");
+	PrintAndLog("      lf cmdread d 80 z 100 o 100 c 11000 H");
 	return 0;
 }
@ -53,21 +55,38 @@ int usage_lf_cmdread()
 int CmdLFCommandRead(const char *Cmd)
 {
 	static char dummy[3] = {0x20,0x00,0x00};
 	UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
 	bool errors = FALSE;
-	uint8_t divisor = 95; //125khz
+
-  	uint8_t cmdp =0;
+  	uint8_t cmdp = 0;
-	while(param_getchar(Cmd, cmdp) != 0x00)
+	int strLength = 0;
-	{
+
 	while(param_getchar(Cmd, cmdp) != 0x00) {
 		switch(param_getchar(Cmd, cmdp))
 		{
 		case 'h':
 			return usage_lf_cmdread();
 		case 'H':
-			divisor = 88;
+			dummy[1]='h';
 			cmdp++;
 			break;
-		case 'a':
+		case 'L':
-			//param_getchar(Cmd, cmdp+1) == '1';
+			cmdp++;
 			break;
 		case 'c':
 			strLength = param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes);
 			cmdp+=2;
 			break;
 		case 'd':
 			c.arg[0] = param_get32ex(Cmd, cmdp+1, 0, 10);
 			cmdp+=2;
 			break;
 		case 'z':
 			c.arg[1] = param_get32ex(Cmd, cmdp+1, 0, 10);
 			cmdp+=2;
 			break;
 		case 'o':
 			c.arg[2] = param_get32ex(Cmd, cmdp+1, 0, 10);
 			cmdp+=2;
 			break;
 		default:
@ -78,19 +97,15 @@ int CmdLFCommandRead(const char *Cmd)
 		if(errors) break;
 	}
 	// No args
-	if(cmdp == 0) errors = 1;
+	if (cmdp == 0) errors = 1;
 	//Validations
-	if(errors) return usage_lf_cmdread();
+	if (errors) return usage_lf_cmdread();
-	UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
+	// in case they specified 'H'
-	
+	// added to the end..  
-	sscanf(Cmd, "%"lli" %"lli" %"lli" %s %s", &c.arg[0], &c.arg[1], &c.arg[2],(char*)(&c.d.asBytes),(char*)(&dummy+1));
+	strcpy((char *)&c.d.asBytes + strLength, dummy);
 	// in case they specified 'h'
 	strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
 	PrintAndLog("ICE: %d %s -- %s", strlen((char *)c.d.asBytes) ,dummy, c.d.asBytes);
 	clearCommandBuffer();
 	SendCommand(&c);
 	return 0;
@ -1205,8 +1220,8 @@ int CmdLFfind(const char *Cmd)
 static command_t CommandTable[] = 
 {
  {"help",        CmdHelp,            1, "This help"},
 	{"awid",        CmdLFAWID,          1, "{ AWID RFIDs... }"},
  {"em4x",        CmdLFEM4X,          1, "{ EM4X RFIDs... }"},
  {"awid",		CmdLFAWID,		    1, "{ AWID RFIDs... }"},
  {"hid",         CmdLFHID,           1, "{ HID RFIDs... }"},
  {"hitag",       CmdLFHitag,         1, "{ HITAG RFIDs... }"},
  {"io",       	  CmdLFIO,	          1, "{ IOPROX RFIDs... }"},
--- a/client/cmdlft55xx.c
+++ b/client/cmdlft55xx.c
@ -35,7 +35,7 @@ t55xx_conf_block_t config = { .modulation = DEMOD_ASK, .inverted = FALSE, .offse
 int usage_t55xx_config(){
 	PrintAndLog("Usage: lf t55xx config [d <demodulation>] [i 1] [o <offset>]");
-	PrintAndLog("Options:        ");
+	PrintAndLog("Options:");
 	PrintAndLog("       h                        This help");
 	PrintAndLog("       b <8|16|32|40|50|64|100|128>     Set bitrate");
 	PrintAndLog("       d <FSK|FSK1|FSK1a|FSK2|FSK2a|ASK|PSK1|PSK2|NRZ|BI|BIa>  Set demodulation FSK / ASK / PSK / NRZ / Biphase / Biphase A");
@ -50,30 +50,39 @@ int usage_t55xx_config(){
 	return 0;
 }
 int usage_t55xx_read(){
-	PrintAndLog("Usage:  lf t55xx read <block> <password>");
+	PrintAndLog("Usage:  lf t55xx read b <block> p <password> <override_safety> <wakeup>");
-    PrintAndLog("     <block>, block number to read. Between 0-7");
+	PrintAndLog("Options:");
-    PrintAndLog("     <password>, OPTIONAL password (8 hex characters)");
+    PrintAndLog("     b <block>,	block number to read. Between 0-7");
    PrintAndLog("     p <password>, OPTIONAL password 4bytes (8 hex symbols)");
 	PrintAndLog("     o,			OPTIONAL override safety check");
 	PrintAndLog("     w,			OPTIONAL wakeup");
 	PrintAndLog("     ****WARNING****");
 	PrintAndLog("     Use of read with password on a tag not configured for a pwd");
 	PrintAndLog("     can damage the tag");
    PrintAndLog("");
 	PrintAndLog("Examples:");
-    PrintAndLog("      lf t55xx read 0           - read data from block 0");
+    PrintAndLog("      lf t55xx read b 0				- read data from block 0");
-	PrintAndLog("      lf t55xx read 0 feedbeef  - read data from block 0 password feedbeef");
+	PrintAndLog("      lf t55xx read b 0 p feedbeef		- read data from block 0 password feedbeef");
 	PrintAndLog("      lf t55xx read b 0 p feedbeef o	- read data from block 0 password feedbeef safety check");
 	PrintAndLog("");
 	return 0;
 }
 int usage_t55xx_write(){
-	PrintAndLog("Usage:  lf t55xx wr <block> <data> [password]");
+	PrintAndLog("Usage:  lf t55xx write <block> <data> [password]");
 	PrintAndLog("Options:");
 	PrintAndLog("     <block>, block number to write. Between 0-7");
-	PrintAndLog("     <data>,  4 bytes of data to write (8 hex characters)");
+	PrintAndLog("     <data>,  4 bytes of data to write (8 hex symbols)");
-    PrintAndLog("     [password], OPTIONAL password 4bytes (8 hex characters)");
+    PrintAndLog("     [password], OPTIONAL password 4bytes (8 hex symbols)");
    PrintAndLog("");
 	PrintAndLog("Examples:");
-	PrintAndLog("      lf t55xx wr 3 11223344           - write 11223344 to block 3");
+	PrintAndLog("      lf t55xx write 3 11223344           - write 11223344 to block 3");
-	PrintAndLog("      lf t55xx wr 3 11223344 feedbeef  - write 11223344 to block 3 password feedbeef");
+	PrintAndLog("      lf t55xx write 3 11223344 feedbeef  - write 11223344 to block 3 password feedbeef");
 	PrintAndLog("");
 	return 0;
 }
 int usage_t55xx_trace() {
 	PrintAndLog("Usage:  lf t55xx trace [1]");
 	PrintAndLog("Options:");
 	PrintAndLog("     [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");
 	PrintAndLog("");
 	PrintAndLog("Examples:");
@ -84,6 +93,7 @@ int usage_t55xx_trace() {
 }
 int usage_t55xx_info() {
 	PrintAndLog("Usage:  lf t55xx info [1]");
 	PrintAndLog("Options:");
 	PrintAndLog("     [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");
 	PrintAndLog("");
 	PrintAndLog("Examples:");
@ -94,6 +104,7 @@ int usage_t55xx_info() {
 }
 int usage_t55xx_dump(){
 	PrintAndLog("Usage:  lf t55xx dump <password>");
 	PrintAndLog("Options:");
    PrintAndLog("     <password>, OPTIONAL password 4bytes (8 hex symbols)");
 	PrintAndLog("");
 	PrintAndLog("Examples:");
@ -103,7 +114,9 @@ int usage_t55xx_dump(){
 	return 0;
 }
 int usage_t55xx_detect(){
-	PrintAndLog("Usage:  lf t55xx detect");
+	PrintAndLog("Usage:  lf t55xx detect [1]");
 	PrintAndLog("Options:");
 	PrintAndLog("     [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");
 	PrintAndLog("");
 	PrintAndLog("Examples:");
 	PrintAndLog("      lf t55xx detect");
@ -111,6 +124,17 @@ int usage_t55xx_detect(){
 	PrintAndLog("");
 	return 0;
 }
 int usage_t55xx_wakup(){
 	PrintAndLog("Usage:  lf t55xx wakeup [h] p <password>");
 	PrintAndLog("This commands send the Answer-On-Request command and leaves the readerfield ON afterwards.");
 	PrintAndLog("Options:");
 	PrintAndLog("     h 			- this help");
    PrintAndLog("     p <password>	- password 4bytes (8 hex symbols)");
    PrintAndLog("");
 	PrintAndLog("Examples:");
    PrintAndLog("      lf t55xx wakeup p 11223344  - send wakeup password");
 	return 0;
 }
 static int CmdHelp(const char *Cmd);
@ -216,39 +240,72 @@ int CmdT55xxSetConfig(const char *Cmd) {
 }
 int CmdT55xxReadBlock(const char *Cmd) {
-	int block = -1;
+	uint8_t block = 255;
-	int password = 0xFFFFFFFF; //default to blank Block 7
+	uint8_t wake = 0;
-
+	uint8_t usepwd = 0;
-	char cmdp = param_getchar(Cmd, 0);
+	uint32_t password = 0xFFFFFFFF; //default to blank Block 7
-	if (cmdp == 'h' || cmdp == 'H') return usage_t55xx_read();
+	uint8_t override = 0;
-
+	uint8_t cmdp = 0;
-	int res = sscanf(Cmd, "%d %x", &block, &password);
+	bool errors = false;
-
+	while(param_getchar(Cmd, cmdp) != 0x00 && !errors) {
-	if ( res < 1 || res > 2 ) return usage_t55xx_read();
+		switch(param_getchar(Cmd, cmdp)) {
-	
+		case 'h':
-	if ((block < 0) | (block > 7)) {
+		case 'H':
 		return usage_t55xx_read();
 		case 'b':
 		case 'B':
 			errors |= param_getdec(Cmd, cmdp+1, &block);
 			cmdp+=2;
 			break;
 		case 'o':
 		case 'O':
 			override = 1;
 			cmdp++;
 			break;
 		case 'p':
 		case 'P':
 			password = param_get32ex(Cmd, cmdp+1, 0, 10);
 			usepwd = 1;
 			cmdp+=2;
 			break;
 		case 'w':
 		case 'W':
 			wake = 1;
 			cmdp++;
 			break;
 		default:
 			PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
 			errors = true;
 			break;
 		}
 	}
 	if (errors) return usage_t55xx_read();
 	if (wake && !usepwd) {
 		PrintAndLog("Wake command must use a pwd");
 		return 1;
 	}
 	if ((block > 7) && !wake) {
 		PrintAndLog("Block must be between 0 and 7");
 		return 1;
 	}	
-	UsbCommand c = {CMD_T55XX_READ_BLOCK, {0, block, 0}};
+	UsbCommand c = {CMD_T55XX_READ_BLOCK, {0, block, password}};
 	c.d.asBytes[0] = 0x0; 
 	//Password mode
-	if ( res == 2 ) {
+	if ( usepwd || wake ) {
 		// try reading the config block and verify that PWD bit is set before doing this!
-		AquireData( CONFIGURATION_BLOCK );
+		if ( wake || override ) {
-		if ( !tryDetectModulation() ) {
+			c.arg[0] = (wake<<8) & usepwd;
-			PrintAndLog("Could not detect is PWD bit is set in config block. Exits.");
+			if ( !wake && override )
-			return 1;
+				PrintAndLog("Safety Check Overriden - proceeding despite risk");
-		}
+		} else {
-		//if PWD bit is set,  allow to execute read command with password.
+			AquireData( CONFIGURATION_BLOCK );
-		if (( config.block0 & T55x7_PWD ) == 1) {
+			if ( !tryDetectModulation() ) {
-			c.arg[2] = password;
+				PrintAndLog("Safety Check: Could not detect if PWD bit is set in config block. Exits.");
-			c.d.asBytes[0] = 0x1; 			
+				return 1;
-		} else {		
+			} else {		
-			PrintAndLog("PWD bit is NOT set in config block. Reading without password...");
+				PrintAndLog("Safety Check: PWD bit is NOT set in config block. Reading without password...");	
 			}
 		}
 	}
@ -266,7 +323,11 @@ int CmdT55xxReadBlock(const char *Cmd) {
 	//DemodBufferLen=0;
 	if (!DecodeT55xxBlock()) return 3;
 	char blk[10]={0};
 	if ( wake ) {
 		sprintf(blk,"wake");
 	} else {
 	sprintf(blk,"%d", block);
 	}
 	printT55xxBlock(blk);
 	return 0;
 }
@ -1074,6 +1135,36 @@ void t55x7_create_config_block( int tagtype ){
 }
 int CmdT55xxWakeUp(const char *Cmd) {
 	uint32_t password = 0xFFFFFFFF; //default to blank Block 7
 	uint8_t cmdp = 0;
 	bool errors = false;
 	while(param_getchar(Cmd, cmdp) != 0x00 && !errors) {
 		switch(param_getchar(Cmd, cmdp)) {
 		case 'h':
 		case 'H':
 			return usage_t55xx_wakup();
 		case 'p':
 		case 'P':
 			password = param_get32ex(Cmd, cmdp+1, 0, 10);
 			cmdp+=2;
 			break;
 		default:
 			PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
 			errors = true;
 			break;
 		}
 	}
 	if (errors) return usage_t55xx_wakup();
 	UsbCommand c = {CMD_T55XX_WAKEUP, {password, 0, 0}};
 	clearCommandBuffer();
 	SendCommand(&c);
 	PrintAndLog("Wake up command sent. Try read now");
 	return 0;
 }
 /*
 uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits){
@ -1100,6 +1191,8 @@ static command_t CommandTable[] =
  {"info",   CmdT55xxInfo,      0, "[1] Show T55xx configuration data (page 0/ blk 0)"},
  {"dump",   CmdT55xxDump,      0, "[password] Dump T55xx card block 0-7. [optional password]"},
  {"special", special,          0, "Show block changes with 64 different offsets"},
  {"wakeup", CmdT55xxWakeUp,    0, "Send AOR wakeup command"},
  {NULL, NULL, 0, NULL}
 };
--- a/client/hid-flasher/usb_cmd.h
+++ b/client/hid-flasher/usb_cmd.h
@ -86,6 +86,8 @@ typedef struct{
 #define CMD_T55XX_READ_BLOCK                                              0x0214
 #define CMD_T55XX_WRITE_BLOCK                                             0x0215
 #define CMD_T55XX_READ_TRACE                                              0x0216
 #define CMD_T55XX_WAKEUP	                                              0x0224
 #define CMD_PCF7931_READ                                                  0x0217
 #define CMD_PCF7931_WRITE                                                 0x0223
 #define CMD_EM4X_READ_WORD                                                0x0218
@ -101,6 +103,7 @@ typedef struct{
 #define CMD_AWID_DEMOD_FSK                                                0x0221
 #define CMD_VIKING_CLONE_TAG                                              0x0222
 /* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */
 // For the 13.56 MHz tags
--- a/client/lualibs/commands.lua
+++ b/client/lualibs/commands.lua
@ -58,6 +58,7 @@ local _commands = {
 	CMD_PSK_SIM_TAG =                                                    0x0220,
 	CMD_AWID_DEMOD_FSK =                                                 0x0221,
 	CMD_VIKING_CLONE_TAG =                                               0x0222,
 	CMD_T55XX_WAKEUP =	                                              	 0x0224,
 	--/* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */
--- a/include/usb_cmd.h
+++ b/include/usb_cmd.h
@ -100,7 +100,7 @@ typedef struct{
 #define CMD_PSK_SIM_TAG                                                   0x0220
 #define CMD_AWID_DEMOD_FSK                                                0x0221
 #define CMD_VIKING_CLONE_TAG                                              0x0222
-
+#define CMD_T55XX_WAKEUP	                                              0x0224
 /* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */