Hayes command set

The Hayes command set is a set of commands used to control modems. It was originated in 1981 for the Hayes Smartmodem 300 baud modem, and has been used in many other modems from various manufacturers since, with a number of extensions to deal with the features of newer and faster modems. These are also known as "AT commands" since they normally begin with the character sequence "AT", which is an "attention signal" indicating that a command follows. If the modem is in normal communications mode rather than command mode, the command sequence must be preceded with the escape signal of "+++" followed by a pause. (Hayes actually patented the concept of requiring a pause after the escape signal, to prevent mistakenly interpreting that character sequence as an escape when it appears in the data being transmitted, causing some competing modem manufacturers not to wait for such a pause and hence be more vulnerable to accidental or malicious command sequence initiation.)

Unbenownst to most current smartphone users (even fairly technical ones), the Hayes command set still lurks beneath the surface of such sleek modern devices, being used in the data communications between the phone and base stations, and making the phones vulnerable to exploits.

Documentation

 * Reference manual (Conexant, 2001)
 * AT command list (Rockwell chipset version)

Other links

 * Wikipedia article
 * Your smartphone's hidden, radio-controlling OS is totally insecure
 * The second operating system hiding in every mobile phone
 * Reverse engineering a Qualcomm baseband