Proxmark3 developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2019-08-14 23:29:03

axtle
Contributor
Registered: 2019-08-12
Posts: 10

I have destroyed many cards...

Dear Everyone,

I am just trying to get my head around after destroying many iclass standard cards (assuming write the wrong information on block 3).

I have been with the forum for over two months. Bit by bit, I learnt a lot from you guys. It is really time consuming but definitely fun!!!

Specially thanks to Iceman, Carl55, holiman, 0xFFFF, marshmellow etc. Great work!!!

During these months, I purchased wrong readers, correct reader, Chinese cheap pm3, genuine pm3 RDV4, wrong cards, correct cards.....my wife said I was crazy...

I admit that I am still an amateur - The command which has killed a lot card is calcnewkey after I got Sim 2 work and got the Kcus from iclass elite reader.

I am trying to write data on iclass standard security card (in order to convert it to iclass elite card, is it possible?).

So what exactly the old key and new key means in the "calcnewkey" command?

I have tried:

1. old key as the data on block 3 on the legacy card, new key as the data on block 3 on the elite card (to be copied)
2. old key as the standard master authentication key, new key as the elite custom authentication key (Kcus, standard format)
3. old key as the standard master authentication key (permuted), new key as the elite custom authentication key (Kcus, iclass format)
4. old key as the data on block 3 on the legacy card,  new key as the elite custom authentication key (Kcus, standard format)
5. and etc......

Then I got different sets of the following:

[+] Old div key : 1111
[+] New div key : 2222
[+] Xor div key : 3333

I wrote hf iclass writeblk b 03 d "Xor div key" k "permuted standard master authentication key"
in order to convert this standard security iclass to elite one (of course, I have clone the rest blocks 6-12 in addition to this).

However, after tried so many times, and after reading all the relevant posts, I did not get the good result.

Any comments, please.

Offline

#2 2019-08-15 17:25:00

Ryston
Contributor
Registered: 2019-07-09
Posts: 16

Re: I have destroyed many cards...

Hm, this is a slightly* educated guess but...

I am looking at an iCLASS card that dumps with the standard key but shows blocks 04 and 05 as unreadable (instead of 03 and 04.)

I kind of wonder if HID didn't start moving around the key blocks as a 'security feature'.  If that's true, I can't think of a reason they couldn't swap blocks 03 and 04... so you are overwriting diversified key 2 instead of 1.

Offline

#3 2019-08-15 17:58:07

carl55
Contributor
From: Colorado USA
Registered: 2010-07-04
Posts: 166

Re: I have destroyed many cards...

@axtle
Yes, it is certainly to possible to convert a standard security credential into a Elite credential. You can also change a high security/Elite credential back into a standard security credential or change a high security/Elite credential into another high security/Elite credential that uses a different Kcus. In addition, the access control payload data (e.g format,facility code, card number,PIN) can also be changed at will. 

The "hf iclass calcnewkey" command is used to calculate the new diversified key that needs to be written into Block 3.
In your specific case, the old key would be the unpermuted version of the HID Master Authentication key since you are using a standard security credential.
The new key would be the Kcus key that you obtained using loclass.

Here is an example of the two commands that you would use:

hf iclass calcnewkey o <HID Mstr-Unpermuted> n <Your Kcus> e
hf iclass writeblk b 03 d <XOR Div Key> k <HID Mstr-Unpermuted>

I did a test case this morning with my own card and it worked fine.

Offline

#4 2019-08-16 01:54:32

axtle
Contributor
Registered: 2019-08-12
Posts: 10

Re: I have destroyed many cards...

That's so great explanation. Thank you Carl55. @Carl55

It is working now!!! - at least I have a working one - after destroyed many

Last edited by axtle (2019-08-16 02:16:25)

Offline

#5 2019-08-16 02:11:10

axtle
Contributor
Registered: 2019-08-12
Posts: 10

Re: I have destroyed many cards...

By the way, I am wondering now if it is possible to save those destroyed cards - it would be another interesting experiment

For example,
after inputing this command "hf iclass calcnewkey o aaa n bbb s 123 e", I will get
[+] Old div key
[+] New div key
[+] Xor div key

I then write the block3 using "Xor div key". And the Div key in block3 now would be "New Div key". All information above are known.

However, because I used wrong master key for both old key and new key in Calcnewkey. The master key is changed to unknown.

Is there a way to calc the new master key as we know the div key, and its calculation. Or maybe it is impossible to reverse calculate the master key as soon as the div key is changed.

Last edited by axtle (2019-08-16 02:12:46)

Offline

#6 2019-08-16 15:56:49

carl55
Contributor
From: Colorado USA
Registered: 2010-07-04
Posts: 166

Re: I have destroyed many cards...

Your cards have not really been destroyed.
If you saved the dump from the calcnewkey command then you have enough information to restore the card to its original state.

You simply re-write the "same" XOR key value to Block 3. This will toggle Block 3 back to its previous value.
However, when you do the write this time you need to use the "New Div Key" value along with the "r" option which indicates that you are using a raw diversified key value to calculate the MAC during authentication.

As an example, if the calcnewkey gave you the following dump:

[+] CSN  | DC 71 D5 00 F8 FF 12 E0
[+] CCNR | 3A FE FF FF FF FF FF FF
[+] Old div key : 81 EF 77 B8 DE 12 9F 28

[+] New div key : 20 73 A3 76 24 B3 B8 0F

[+] Xor div key : A1 9C D4 CE FA A1 27 27


You would use the following command to restore the Block3 key:

hf iclass writeblk b 03 d A19CD4CEFAA12727 k 2073A37624B3B80F r

Offline

#7 2019-08-17 00:56:52

axtle
Contributor
Registered: 2019-08-12
Posts: 10

Re: I have destroyed many cards...

Thank you so much Carl55 @Carl55. You are the best!!!

I will try to use your method to rescue them on this weekend :-)

Offline

#8 2019-08-17 09:47:50

axtle
Contributor
Registered: 2019-08-12
Posts: 10

Re: I have destroyed many cards...

@Carl55 I have dumped the calcnewkey and tried. I understand your instruction - it makes sense. However, very strange - no matter how many different cards I tried, I always got the same "authentication error with diversified key" information.

I think this is the reason - because calcnewkey used wrong old key and wrong new key, for example,

HF iclass calcnewkey o wrongoldkey n wrongnewkey e
[+] Old div key : aaa
[+] New div key : bbb
[+] Xor div key : ccc

Previously when I sucessfully writeblk ccc (Xor key) in block 3, in actual block 3 it is not bbb as the calculation was based on wrong old master key and new master key.

I think there may be no way to save these cards. But still, I learnt and understood more about PM3 operation. Thank you again Carl55.

Offline

#9 2019-08-17 10:16:16

axtle
Contributor
Registered: 2019-08-12
Posts: 10

Re: I have destroyed many cards...

An idea, if a "random data" is wrote to block 3 in an known master key system, as soon as it was written, the known master key became unknown.

However, can we predict the what data would be in block 3? (e.g. uses Calcnewkey?)

Offline

#10 2019-08-18 02:48:38

carl55
Contributor
From: Colorado USA
Registered: 2010-07-04
Posts: 166

Re: I have destroyed many cards...

My mistake. I didn't realize that you had used a wrong value for the old key and the new key. Since your old key was the Standard HID Master key I just assumed that the new Elite key was the only one that you entered incorrectly.
If they were both were incorrect values then the output from the "hf iclass calcnewkey" function would obviously be wrong and my solution outlined above will not work.

Your bricked cards are still theoretically fixable but the process becomes more complicated. At this point I would normally discard the bricked cards since reversing the process requires that you have detailed knowledge of every command used on the card and the output results obtained.

Offline

#11 2019-08-18 05:07:45

axtle
Contributor
Registered: 2019-08-12
Posts: 10

Re: I have destroyed many cards...

Thank you, Carl55, thank you for your kind replies to me, and others in this forum. We do learn from you.

Offline

#12 2020-02-15 14:23:54

s0prise
Contributor
Registered: 2017-12-24
Posts: 14

Re: I have destroyed many cards...

Is there a calculation to identify the div key if one accidentally set an incorrect value for the CSN / "s" option?

Offline

Board footer

Powered by FluxBB