[usb] pm3 --> hf search
[|] Searching for iClass / PicoPass tag...
[+] CSN: 13 A7 1F 02 F9 FF 12 E0
[+] CC: FE FF FF FF FF FF FF FF
[+] Mode: Application [Locked]
[+] Coding: ISO 14443-2 B/ISO 15693
[+] Crypt: Secured page, keys not locked
[!] RA: Read access not enabled
Mem: 2 KBits/2 App Areas (31 * 8 bytes) [1F]
AA1: blocks 06-12
AA2: blocks 13-1F
OTP: 0xFFFF
KeyAccess:
Read A - Kd or Kc
Read B - Kd or Kc
Write A - Kc
Write B - Kc
Debit - Kd or Kc
Credit - Kc
[+] App IA: FF FF FF FF FF FF FF FF
[+] : Possible iClass - legacy credential tag
[+] : Tag is iClass , CSN is in HID range
[+] Valid iClass tag / PicoPass tag found
[usb] pm3 --> hf iclass chk f dictionaries/iclass_default_keys.dic
[+] loaded 7 keys from dictionary file dictionaries/iclass_default_keys.dic
[+] Reading tag CSN
[+] Generating diversified keys
[+] Searching for DEBIT key
[+] Tag info
[+] CSN | 13 A7 1F 02 F9 FF 12 E0
[+] CCNR | FE FF FF FF FF FF FF FF 00 00 00 00
[-] Chunk [0/7] : 0.9s [debit]
[+] Time in iclass checkkeys: 1 seconds
[usb] pm3 --> hf iclass calcnewkey o AEA684A6DAB23278 n 6666202066668888
[+] CSN | 13 A7 1F 02 F9 FF 12 E0
[+] CCNR | FE FF FF FF FF FF FF FF
[+] Old div key : D1 2C 7A 9B 68 5B B6 5F
[+] New div key : DD DB 43 74 02 95 6C 26
[+] Xor div key : 0C F7 39 EF 6A CE DA 79
For Writing Block 3 what are the values I have to use, to get an Elite credential.
[usb] pm3 --> hf iclass wrbl b 03 d ( Value ?) k ( Value ?)
Thank you
]]>@axtle
Yes, it is certainly to possible to convert a standard security credential into a Elite credential. You can also change a high security/Elite credential back into a standard security credential or change a high security/Elite credential into another high security/Elite credential that uses a different Kcus. In addition, the access control payload data (e.g format,facility code, card number,PIN) can also be changed at will.The "hf iclass calcnewkey" command is used to calculate the new diversified key that needs to be written into Block 3.
In your specific case, the old key would be the unpermuted version of the HID Master Authentication key since you are using a standard security credential.
The new key would be the Kcus key that you obtained using loclass.Here is an example of the two commands that you would use:
hf iclass calcnewkey o <HID Mstr-Unpermuted> n <Your Kcus> e hf iclass writeblk b 03 d <XOR Div Key> k <HID Mstr-Unpermuted>
I did a test case this morning with my own card and it worked fine.
I'm trying to revert an Elite card to a standard card using the following command but it failed and bricked the card:
hf iclass calcnewkey o <Your Kcus> e n <HID Mstr-Unpermuted>
hf iclass writeblk b 03 d <XOR Div Key> k <Your Kcus> e
Write success but can't find the key after that. Anything wrong?
]]>Your bricked cards are still theoretically fixable but the process becomes more complicated. At this point I would normally discard the bricked cards since reversing the process requires that you have detailed knowledge of every command used on the card and the output results obtained.
]]>However, can we predict the what data would be in block 3? (e.g. uses Calcnewkey?)
]]>I think this is the reason - because calcnewkey used wrong old key and wrong new key, for example,
HF iclass calcnewkey o wrongoldkey n wrongnewkey e
[+] Old div key : aaa
[+] New div key : bbb
[+] Xor div key : ccc
Previously when I sucessfully writeblk ccc (Xor key) in block 3, in actual block 3 it is not bbb as the calculation was based on wrong old master key and new master key.
I think there may be no way to save these cards. But still, I learnt and understood more about PM3 operation. Thank you again Carl55.
]]>I will try to use your method to rescue them on this weekend :-)
]]>You simply re-write the "same" XOR key value to Block 3. This will toggle Block 3 back to its previous value.
However, when you do the write this time you need to use the "New Div Key" value along with the "r" option which indicates that you are using a raw diversified key value to calculate the MAC during authentication.
As an example, if the calcnewkey gave you the following dump:
[+] CSN | DC 71 D5 00 F8 FF 12 E0
[+] CCNR | 3A FE FF FF FF FF FF FF
[+] Old div key : 81 EF 77 B8 DE 12 9F 28
[+] New div key : 20 73 A3 76 24 B3 B8 0F
[+] Xor div key : A1 9C D4 CE FA A1 27 27
You would use the following command to restore the Block3 key:
hf iclass writeblk b 03 d A19CD4CEFAA12727 k 2073A37624B3B80F r
]]>For example,
after inputing this command "hf iclass calcnewkey o aaa n bbb s 123 e", I will get
[+] Old div key
[+] New div key
[+] Xor div key
I then write the block3 using "Xor div key". And the Div key in block3 now would be "New Div key". All information above are known.
However, because I used wrong master key for both old key and new key in Calcnewkey. The master key is changed to unknown.
Is there a way to calc the new master key as we know the div key, and its calculation. Or maybe it is impossible to reverse calculate the master key as soon as the div key is changed.
]]>It is working now!!! - at least I have a working one - after destroyed many
]]>The "hf iclass calcnewkey" command is used to calculate the new diversified key that needs to be written into Block 3.
In your specific case, the old key would be the unpermuted version of the HID Master Authentication key since you are using a standard security credential.
The new key would be the Kcus key that you obtained using loclass.
Here is an example of the two commands that you would use:
hf iclass calcnewkey o <HID Mstr-Unpermuted> n <Your Kcus> e
hf iclass writeblk b 03 d <XOR Div Key> k <HID Mstr-Unpermuted>
I did a test case this morning with my own card and it worked fine.
]]>I am looking at an iCLASS card that dumps with the standard key but shows blocks 04 and 05 as unreadable (instead of 03 and 04.)
I kind of wonder if HID didn't start moving around the key blocks as a 'security feature'. If that's true, I can't think of a reason they couldn't swap blocks 03 and 04... so you are overwriting diversified key 2 instead of 1.
]]>