Updated Radius PowerView Commands (markdown)

2022-01-03 15:57:29 -06:00 · 2022-01-03 15:57:29 -06:00 · 40973139fd
parent 0bb11057c2
commit 40973139fd
1 changed files with 94 additions and 53 deletions
--- a/Radius-PowerView-Commands.md
+++ b/Radius-PowerView-Commands.md
@ -12,63 +12,104 @@ All numbers are expressed in hexadecimal, unless otherwise noted.

 # COMMAND SET SUMMARY
 The following is a list of the observed SCSI commands:
- 03    Request Sense
- 08    Read
- 09    Retrieve Statistics
- 0a    Write
- 0c    Set Interface Mode / Set MAC Address
- 0d    **Unknown startup command**
- 0e    Enable/disable Interface
+
 - 12    Inquiry
+- C8    **UNKNOWN**
+- C9    **UNKNOWN**
+- CA    **UNKNOWN**
+- CB    **UNKNOWN**
+- CC    **UNKNOWN**

-A number of other SCSI commands are implemented, but their usage is not yet fully known.
-
-## Unknown Startup Command (0d)
-Command:  0d 00 00 00 06 00
-
-Function: ***Unknown at this time***
-
-Type:     Input (Transitions to DATAOUT)
-
-Host then sends: `00 09 00 07 FF FF FF 00` (The last 00 might not actually be there?)
-
-Note: The AppleTalk broadcast address is 09:00:07:ff:ff:ff.
-
-This is probably configuring the Multicast Address Registers of the [DP83902A Ethernet receiver](./docs/DP83902A.pdf) inside the DaynaPort SCSI Link
-
-    10.9 MULTICAST ADDRESS REGISTERS (MAR0 –MAR7)
-    
-    The multicast address registers provide filtering of multicast 
-    addresses hashed by the CRC logic. All destination addresses 
-    are fed through the CRC logic and as the last bit of the 
-    destination address enters the CRC, the 6 most significant bits 
-    of the CRC generator are latched. These 6 bits are then decoded 
-    by a 1 of 64 decode to index a unique filter bit (FB0 –63) in 
-    the multicast address registers. If the filter bit selected is 
-    set, the multicast packet is accepted. The system designer 
-    would use a program to determine which filter bits to set in 
-    the multicast registers. All multicast filter bits that 
-    correspond to multicast address accepted by the node are then 
-    set to one. To accept all multicast packets all of the 
-    registers are set to all ones.
-
-
-
-## Enable/disable Interface (0e)
-Command:  0e 00 00 00 00 XX (XX = 80 or 00)
-
-Function: Enable (80) / disable (00) Ethernet interface
-
-Type:     No data transferred
-
-Notes:    After issuing an Enable, the initiator should avoid sending
-          any subsequent commands to the device for approximately 0.5
-          seconds

 ## Inquiry (12)
 Command:  `12 00 00 00 LL 00` (LL is data length)

-Function: Perform a standard SCSI Inquiry command: reference the
-          SCSI spec for further information
+Function: Perform a standard SCSI Inquiry command: reference the SCSI spec for further information
+
+Type:     Input; reference the SCSI spec for the data returned
+
+Sequence: Command->
+
+Examples:
+
+Command:  `12 00 00 00 01 00`
+*Direct to status phase*
+
+
+Command:  `12 00 00 00 05 00`
+Data in:  `03 00 01 01 05 00
+
+Command:  `12 00 00 00 4B 00`
+Data in:  
+```
+00: 03000101 46000000 52414449 55532020
+10: 506F7765 72566965 77202020 20202020
+20: 56312E30 00000000 10002000 01000000
+30: 00020000 00000300 00000004 00000000
+40: 05000000 000643F9 0000FF
+```
+
+Command:  `12 00 00 00 24 00`
+Data in:
+```
+00: 03000101 46000000 52414449 55532020
+10: 506F7765 72566965 77202020 20202020
+20: 56312E30
+```
+
+## **UNKNOWN** (C8)
+Command:  XX XX XX 0d 00 00 00 06 00
+
+Function: ***Unknown at this time***
+
+Type:     XXXXInput (Transitions to DATAOUT)
+
+Host then sends: `XXXX00 09 00 07 FF FF FF 00` (The last 00 might not actually be there?)
+
+Examples:
+
+## **UNKNOWN** (C9)
+Command:  XX XX XX 0d 00 00 00 06 00
+
+Function: ***Unknown at this time***
+
+Type:     XXXXInput (Transitions to DATAOUT)
+
+Host then sends: `XXXX00 09 00 07 FF FF FF 00` (The last 00 might not actually be there?)
+
+Examples:
+
+## **UNKNOWN** (CA)
+Command:  XX XX XX 0d 00 00 00 06 00
+
+Function: ***Unknown at this time***
+
+Type:     XXXXInput (Transitions to DATAOUT)
+
+Host then sends: `XXXX00 09 00 07 FF FF FF 00` (The last 00 might not actually be there?)
+
+Examples:
+
+## **UNKNOWN** (CB)
+Command:  XX XX XX 0d 00 00 00 06 00
+
+Function: ***Unknown at this time***
+
+Type:     XXXXInput (Transitions to DATAOUT)
+
+Host then sends: `XXXX00 09 00 07 FF FF FF 00` (The last 00 might not actually be there?)
+
+Examples:
+
+## **UNKNOWN** (CC)
+Command:  XX XX XX 0d 00 00 00 06 00
+
+Function: ***Unknown at this time***
+
+Type:     XXXXInput (Transitions to DATAOUT)
+
+Host then sends: `XXXX00 09 00 07 FF FF FF 00` (The last 00 might not actually be there?)
+
+Examples:
+

-Type:     Input; reference the SCSI spec for the data returned