SCP03 Command Reference
This page mirrors the grouped HELP surface from the SCP03 admin shell.
On this page
Session and card info
AUTH-SD: legacy alias forSCP03-SDSCP03-SD: authenticate with the security domain using SCP03SCP02-SD: authenticate with the security domain using SCP02RESET: reset the card connection and print the ATR path againINFO: print card specifications such as ATR, ICCID, EID, and SGP versionATR: reset and print a parsed ATR breakdownKEYS [AID]: retrieve key information for the current or specified AIDLOGOUT: close the secure sessionCLS: clear the terminal screenOTA: switch into the SCP80 over-the-air toolkitSTK [Commands]: enter the SCP03 STK subsystem
GlobalPlatform execution wizards
WIZARD: unified installer for applets, packages, and extraditionPUT-KEY: rotate, add, or replace cryptographic keysSET-STATUS: modify the lifecycle state of a card, applet, or load fileMANAGE-CHANNEL: open or close logical channelsGET-DATA: retrieve registry objects, CPLC, or custom tagsAPPS: shortcut for the applications registryPKGS: shortcut for the packages registrySD: shortcut for the security domains registryLOCK <AID>: set state to lockedUNLOCK <AID>: set state to selectableDEL <AID>: delete an objectSTORE-DATA <hex> [P1] [P2]: send a rawSTORE DATApayload
Telecom and eSIM retrieval
LIST: list eSIM profiles throughGetProfilesInfoMANAGE-PROFILE: spec-aware wizard for SGP.22, SGP.32, and SGP.02 command setsRUN-AUTH: execute GSM, USIM, or ISIM authentication algorithmsRUN-AUTH-TEST: run offline 3GPP TS 35.207 Milenage vector validationDERIVE-OPC <Ki_hex> <OP_hex>: deriveOPcper 3GPP TS 35.206
MANAGE-PROFILE retrieval reads retry through:
- the base channel
- logical channel 1
- STK mode
SCP11 module map
The SCP03 help surface points operators toward the dedicated SCP11 modules:
- main menu
3: SCP11 live relay shell - main menu
4: SCP11 test relay shell - main menu
5: SCP11 local access shell
Use the mirrored docs in Source Library for the full SCP11 README pages.
Security and PIN management
MANAGE-PIN: unified wizard to verify, change, enable, disable, or unblock PINs
Environment configuration
CONFIG: update SCP03 keys, SCP02 keys, ADM, or target AIDSHOW: display current SQLite-backed SCP03 configurationAIDS: list registered AID aliases fromWorkspace/SCP03/aid.txtSET-AID-ALIAS <Name> <AID>: map a friendly name to an AIDSET-DEFAULT: factory reset configuration to default test keysBINDS: manage custom macro commands and parameters
File system operations
SCAN: traverse and discover the UICC file treeREPORT: unified report wizard for filesystem and eUICC export pathsSET-GOLD-PROFILE <path> [SGP.32|SGP.22|SGP.02] [AUTH=Y|N]: persist a gold combined YAML pathGOLD-PROFILE: show persisted gold path and metadataCLEAR-GOLD-PROFILE: clear the persisted gold pathPROFILE-DIFF [gold.yaml] [STANDARD] [AUTH=Y|N]: capture live FS and eUICC data and diff it against goldVALIDATE [ALL|MF|USIM|ISIM] [ProfileDump.yaml|ProfileDump.json]: validate active profile filesystem structureSELECT <Path/FID>: select a DF or EFREAD [Path]: read binary data from the selected EFRECORD <N/ALL/Start-End> [Path]: read one or more recordsUPDATE BINARY <Hex>: write binary data to an EFUPDATE RECORD <N> <Hex>: write a record to an EFFS-ADMIN: administrative activate, delete, create, terminate, and resize tasks
System and developer
GUIDE [Topic]: show in-shell documentation forGP,ETSI,GSMA,INSTALL,SECURITY,OTA,CONFIG,SAIP,SUCI, orCLIDECODE <Hex>: parse and decode a raw BER-TLV stringRUNorSCRIPT <File> [Out.yaml]: execute a batch script of APDU commandsDEBUGorVERBOSE: toggle raw APDU loggingEXPORT-KEYBAG [Path.keys.json] [Label]: dump the active SCP03 session keys (S-ENC, S-MAC, S-RMAC, SSC, chaining value) and the target AID into a keybag JSON for offline HIL pcap decryption; refuses cleanly when no authenticated session is presentHELP: display the grouped command helpEXITorQ: disconnect the reader and leave the SCP03 shellQA: disconnect the reader and exit YggdraSIM
Practical cross-reference
- Use Guide Topics for the deeper background material behind these commands.
- Use Source Library for the mirrored README and guide files that the wrapper menu also exposes.
- Use HIL Bridge — offline pcap replay and
Replay a HIL pcap offline for the
EXPORT-KEYBAGconsumer side.