Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
Hi all! I'd like an extra iClass key to our apartment/complex and the body corporate are being uncooperative, so after some research I bought an Omnikey 5321 in the hope that I was dealing with a legacy iClass system.
When it arrived I found out a fair bit quite quickly:
I have a newer Omnikey with updated firmware (USB product ID is 5341 rather than 5321), so it probably doesn't have the vulnerability that lets you write without the master key.
The iclassified software doesn't appear to work with my reader - I get "Error: Could not find OMNIKEY Reader". Probably because it is trying to use an exploit that isn't there.
I can use use this reader with ContactlessDemoVC.exe and get basic info out of the key i.e. UID and configuration bits. The key is an iClass 2KS.
I tried to retrieve CSN with this command:
80 C4 00 20 02
I only got 2 bytes + a status code back, which seems to be less than expected
I found the master auth key that was leaked and attempted to authenticate with these commands:
80 82 00 F0 08 xx xx xx xx xx xx xx xx
80 88 00 F0
This was met with response 6983
I did some more reading and found something here alluding to the fact that the leaked key is in permuted form, so I ran it through permute.php -r "xxxxxxxxxxxxxxxx" and then retried the authentication with the same response. I also tried forward permuting it, in case I had it the wrong way around. I also tried the "shaved" versions, which seem to have just zeroed out the parity bits
So, based on the above, I think I'm dealing with iClass Elite/High Security. Is there anything I'm missing here? From what I gather, if this was iClass SR then the legacy auth key should have worked. The paper "Dismantling iClass and iClass Elite" mentions the possibility of Standard Security with custom keys, but not many people seem to talk about it. Is that uncommon in the wild? (I'm in Australia if that makes any difference).
So really, two main questions here:
Am I on the right track so far?
Can iClass Elite be "cloned" once you've recovered the master key, or does it only work if you spoof it with PM3? From what I'm reading it sounds like it's possible so long as the system doesn't check the CSN or the e-purse too carefully. And of course it would probably take some trial and error on my part, seeing as people seem (rightly) cagey about giving detailed instructions
edit: corrected the auth commands I tried
Last edited by mollusc (2017-05-02 11:08:32)
Offline
Don't assume. Do the research.
Just use any software and issue the same PCSC commands as iclassified.
ok.
You probably got '80 01 90 00' in response right? Try '80 a6 00 04 08' and 'FF CA 00 00 00' to retrieve the CSN.
ok. You've got the wrong key.
Sounds like you still don't have the right key.
You might not have the right key. Hard to tell.
Elite / high security / custom keys are all simply keys other than standard.
Are you on the right track? So far so good.
e-purse can be copied but the CSN can not (yet).
Nice work so far
Offline
Wow, thanks for the super quick response!
W.r.t. whether my reader has the vulnerability, I sort of pieced that together based on (a) statements that newer firmware versions were patched, and (b) a bulletin from HID stating that the new firmware has a different PID. "Probably" was an understatement.
Should have looked up that command for the CSN. I pulled it verbatim from another post on here but it's actually calling GetKeySlotInfo as you alluded to. Will double check the other commands, although looking again, CSN is just block 0 anyway!
"e-purse can be copied but the CSN can not (yet)."
What I was concerned about was whether the reader "phones home" and checks that the e-purse is consistent with the last value it saw. Otherwise there's no point in making a clone if we can't keep using the original key too. From the other stuff I've read here, the CSN does not sound like a concern and is only used for key diversification (please correct me if I'm wrong though!).
It's sounding like I'm going to need to either go back and beg harder or buy a Proxmark I know which sounds more fun.
Offline
You should get a Proxmark. For some reason I thought you already had one and were using the Omnikey to assist with your research.
I have not tested against the 5341. Just like yourself, I can only assume that it definitely might work.
Are you using scardsyn or winscard or both? Getting off topic.
Phoning home does happen but it is rare (in my experience anyway).
I have seen the iCLASS CSN used before but again, it's rare.
Offline
Yeah, thought I might get lucky and the Omnikey would be enough... Oh well, Murphy's Law.
Actually, one more question that occured to me today - when I buy blank cards I'm making an educated guess that I want blank iClass Standard cards, right? Because I know what keys those are initialised with so I can authenticate and write new keys to them. I have a vague recollection of reading that blank cards for newer systems have a different default master key that is probably not widely known (although, based on some of the threads in here, I wouldn't be surprised if a few people have quietly extracted them and not shared )
Offline
Yeah, thought I might get lucky and the Omnikey would be enough... Oh well, Murphy's Law.
Actually, one more question that occured to me today - when I buy blank cards I'm making an educated guess that I want blank iClass Standard cards, right? Because I know what keys those are initialised with so I can authenticate and write new keys to them. I have a vague recollection of reading that blank cards for newer systems have a different default master key that is probably not widely known (although, based on some of the threads in here, I wouldn't be surprised if a few people have quietly extracted them and not shared )
There is no such thing as blank iclass card. Either legacy or non-legacy(high & elite) as far as I know of.
And yes to the 'quietly extracted'. Better it stays that way.
Offline
Yes you want either a blank iclass legacy or programmed iclass legacy cards. Either can work for cloning std legacy or legacy elite. (Yes there is such a thing, but blanks will not have the hid master key on them yet.)
If somehow you have a iclass SE or SEOS tag/system you will be out of luck for now.
Offline
Actually I realised a third option could be to buy generic picopass cards and manually configure them.
Out of interest, how are the "blank" iClass cards configured? Are they just as-new picopass cards without the "personalisation" fuse blown?
Perhaps I should check my understanding again here. From what I've tried to piece together so far, this was my understanding of the different variants:
iClass Legacy (AKA iClass Standard):
Picopass cards
Can be unencrypted
When encrypted, every system used the exact same encryption keys. The corresponding auth key has been leaked. The encryption keys themselves are loaded on certain Omnikey readers and can also be dumped from the firmware of old HID readers.
There was the option to use your own custom keys, but once the master keys are recovered then any card from that site is easily decrypted.
Custom keys can theoretically be recovered by the "Key recovery attack on iClass" outlined in the paper "Dismantling iClass and iClass Elite". Unsure if this is implemented in the Proxmark. Sounds difficult and requires you to destructively attack a key (if you were careful you could theoretically restore it afterwards).
Credentials are stored in a legacy format and can be easily copied to another card
iClass SE (AKA iClass High Security, iClass Elite):
Picopass cards
Always encrypted
Encryption keys are based on a site-specific master key which is diversified with the CSN.
Site-specific master key can be easily recovered by sending a few malicious messages to a reader with the Proxmark and running a brute-force algorithm on the results.
Credentials are stored in a new "SIO" format
iClass SR is a hybrid between iClass Standard and iClass SE, with Application 1 on the card being encrypted with the legacy master key and Application 2 being encrypted with a diversified, site-specific one.
iClass SEOS:
HID-manufactured proprietary cards
Completely different crypto suite
Generally less info out there so far (which is OK for me, because I'm not attacking this system)
So really, the thing here that there is seemingly not a lot of public info on is the SIO format. carl55's paper mentions that the SIO format ties the data to the CSN. So it would need to be modified to clone it to another card. And I'm guessing the difficulty there is that they've wrapped it in another layer of encryption (yet another key that needs to be dumped...). So it seems to me that spoofing it is a lot easier than cloning it... So either I use a proxmark as a very expensive key or I have my work cut out for me. Does that sound about right? I probably have some of the terminology a bit muddled up.
Offline
Picopass chips alone won't work as the must be in the hid only serial number range
Your se info might be slightly off.
Offline
CSN is 8 Bytes. It always starts with 'E0 12 FF F. .. .. .. ..'. CSN is globally unique.
High Security and Elite are a key other than standard. They apply to iCLASS and iCLASS SE.
High Security is a custom key / keyset managed by the card supplier.
Elite is a custom key / keyset managed by HID.
SIO - Secure Identity Object. It's an encapsulation.
If you're looking at the HID HTOG (How to order guide) you'll notice that 'blank' card part numbers contain a 'C'. This is actually a pre-configured card. I'm not sure if HID sells blank cards anymore.
Earlier I said "You should get a Proxmark". I wasn't thinking that you're only after an extra iClass key.
I didn't check the accuracy of all of your points.
Spoofing iCLASS SE hasn't been done yet (AFAIK).
Some cards and some readers have an SE label on them.
Have you tried your iCLASS key on any readers not at your apartment?
Offline
"High Security and Elite are a key other than standard. They apply to iCLASS and iCLASS SE."
OK, I think I'm getting closer now. iClass = old payload, iClass SE = SIO payload.
And either of those can have standard keyset (globally the same) or custom keyset branded as High Security/Elite (site-specific master keys + diversification). With the extra complication that HID changed the standard keys used on iClass SE after the legacy keys were compromised.
Quote carl55: "The access control payload (wiegand code, PIN, password, etc.) was now being placed in a secure data wrapper that also included the cards serial number information, effectively binding the information stored on a card to that specific card. The ability to copy the information from one card over to another card was no longer possible. In addition to incorporating the new SIO technology, new Master Authentication and encryption keys were also assigned."
I had not given up on being able to clone the SE/SIO payload because of someone claiming to have done it in this post. Based on what is said in that thread, it sounds like the SIO payload has an ID number in it, but it is not the CSN. If that is the case, then all that is really tying that payload to that card is the diversified key, which maybe is what carl55 meant when they wrote "effectively binding the information stored on a card to that specific card".
Not sure what you suspect I'm really trying to do here but we really just could do with some extra keys to the apartment. The thought has occurred to me that there are probably others in the same situation in this building, but I'd really rather avoid conducting blatantly illegal activities. Copying your own key is probably a lot more defensible than copying other people's for a fee. I'm just the type of person that finds this stuff fun, even if I've spent way more time researching this now than is probably reasonable.
I tried to look for any visual clues on the readers but they are all unmarked. I noticed that one of them flashes green for a valid key. I enabled NFC on my phone and put it against the same reader and it beeped and flashed red (most likely its response to a corrupt message since "NFC" is a different protocol that happens to be on the same frequency).
edit: I haven't tried the key in other buildings, what sort of indicators would I be looking for?
edit 2: maybe I'll take some measurements of the readers with calipers today. I noticed some of the marketing material has dimensions...
Last edited by mollusc (2017-05-04 04:13:07)
Offline
Hi There,
I am just wondering where do we run the following command to retrieve the csn
80 C4 00 20 02 or 80 a6 00 04 08 according to admin.
I just have an omnikey 5321 cli.
I was able to read one of my iclass fob with iclassified. But when I tried it with another iclass card, there was an error " Authentication failed". I hope that card is a high security iclass card. Thank you.
Offline
Search for ContactlessDemoVC.exe and you should be able to find it. It is a sample program bundled with an old version of the SDK provided by HID.
Edit: if you have managed to compile iclassified then you can also use that code as a template to send whatever commands you need. That might be harder for you though if you're not familiar with C programming.
Last edited by mollusc (2017-05-05 01:20:08)
Offline
Thank you for the response. I tried ContactlessDemoVC.exe with given numbers above. But the response does not appear to be CSN.
However, I was only able to run" iclass read " on certain iclass cards.
I might have to buy a PM3 to go further. Will be in touch. cheers.
Offline
For the record, I was able to identify that the readers in our building are an older series and not SE/SEOS. So I'm almost certainly dealing with a legacy system with high security/elite keys
Offline
try running the loclass attack
Offline
For the record, I was able to identify that the readers in our building are an older series and not SE/SEOS. So I'm almost certainly dealing with a legacy system with high security/elite keys
How did you even check ? You could dump the card using the legacy master key ? If so, try writing the block 6-9 to test it.
Offline
How did you even check ? You could dump the card using the legacy master key ? If so, try writing the block 6-9 to test it.
No, I already checked the legacy master key and it didn't work (see my first post). I won't say how I checked, but think simple.
Offline
To answer the second main question of @OP, can a iClass Elite card be cloned once you got the diversified key?
[answer is simplified] Yes and no.
- Yes in the sense you can buy a empty picopass 2k from China and copy your data over but it may/may not work because of the no.
- No,
a) in the sense that the UID/CSN is used in the generation of the diversified key and your new card have a different CSN. You would need to generate a new diversified key and write to card.
b) HID only access a limited set of UID/CSN 's which is only sold by themselfs. So your new card most likely will not work because of this blacklisting.
if only there was a magic iClass tag...
Offline
a) in the sense that the UID/CSN is used in the generation of the diversified key and your new card have a different CSN. You would need to generate a new diversified key and write to card.
Right, and from what I have gathered the loclass attack allows you to generate this new diversified key. The key can then be written to by writing "old_key XOR new_key" to the new card. I've just realised this will be a stumbling block for me because if I get an initialised iClass standard card, "old_key" is the legacy master debit key, which has not been leaked and needs to be dumped out of an old reader...
b) HID only access a limited set of UID/CSN 's which is only sold by themselfs.
This can be worked around by repurposing an iClass card as marshmellow suggested earlier.
Offline
..yes, you don't have both keys [AA1/AA2]. Practical meaning you can't make a complete memory dump. Usually only AA1 is used and AA1 memory related part contains the credentials. So you can make a clone but if it gonna work on your reader/system is different question.
..as Marshmellow42 said they need to be in the HID Serial number range. You would need a geniue picopass tag from HID to pass this test, not a chinese copy. Usually with a iClass legacy you would now have a working clone (well, not the AA2 part).
Since I understand you don't have a proxmark3 device, you can't try the loclass attack. You don't have all keys, so you can't make complete clones. I would say you hit the limit here.
In your case, I guess, order some picopasses and experiment with the omnireader to see if you can make a clone that works for your building.
Offline
I believe that initialized iclass have the default Pico Pass keys.
If they let you still buy the initialized only version
Offline
Just a couple comments regarding this thread....
It is certainly possible to copy both standard security iClass and Elite (High Security) iClass credentials using either a Proxmark3, an OmniKey reader/writer or a HID RWxxx iClass reader/writer. You can basically use any Reader/Writer that gives you the ability to write the protected data blocks. The trick is to be able to know what value to write for the diversified key (Blk3 or Blk4). This stored key is calculated differently depending on whether the credential is a standard security credential or a high security credential. In order to calculate the proper diversified key you must know the HID Master Authentication key and if it is a high security credential you must also know the custom high security authentication key. Both keys can be obtained using various previously published methods.
HID iClass cards come in three varieties: Non-Configured, Configured, or Programmed. The fifth digit of the credential part number will tell you which version you have (e.g. 2000NGGNN, 2000CGGNN, 2000PGGNN). Non-Configured credentials have an authentication key that is diversified from the PicoPass Default key. The Configured and Programmed credentials have an authentication key that has been diversified from the HID Master key.
One important thing to note however is that when you write the diversified key to a "Non-configured" credential (while still in Personalization mode) the value that gets written is a "True" value. This is different from a Configured or Programmed credential which XOR's the new key value with the old key value. If you are using a PM3 to write Block 3 or 4 you will first need to place the card into "Application" mode before writing the key or you will brick the card since the PM3 software automatically XORs the keys before writing.
Offline
Turns out I was getting confused again. I was thinking of the "16-byte 3DES keys" Kcuw,Kcur mentioned in the heart of darkness paper, but those are not relevant to the card, only the communication with the reader. Fairly sure they're in the source code for iclassified anyway
For some reason I had it in my head that iClass standard doesn't diversify keys at all and that the keys stored in blocks 3 and 4 were separate from the "authentication key". After reading your tips and re-reading some of the papers, I think I have it straight now. The leaked master key I have is referred to by various names including "master authentication key", "Kd", "K1", and this can be used to derive the diversified k1 that would be stored on block 3 in a configured/programmed iClass standard card. An uninitialised card sounds like it would not be hard to work with because although I don't have the picopass default key, I could just overwrite the key with one I do know. Sounds like they're hard to get hold of anyway, so probably not an issue. If anyone is able to help me find a copy of the "HID iClass Serial protocol document" that sounds like it would be useful to have anyway though.
Definitely need a proxmark to get any further, no doubt about that! Holding off on that just a little longer because the proxmark is not the cheapest piece of hardware and we haven't quite ruled out a "social engineering attack" i.e. persuading them to issue us more keys. In the meantime, with everyone's help here I think I've established that I already have enough information and with the right equipment this should be possible. Thanks to everyone for being so helpful!
edit: seriously nice set of tools you've created here, looks like this command handles all the key calculations!
"hf iclass calcnewkey o <old key> n <new key> e"
Last edited by mollusc (2017-05-17 03:52:36)
Offline
Hmmm. So I just got a "blank" keyfob from ebay that I want to eventually use to store a clone of our apartment key. The seller claimed it's configured as iClass legacy but I can't authenticate for application 1 - I tried first using the leaked key directly and then tried using the key stored in my omnikey at slot 0x21. At first I thought perhaps the keyfob was actually initialised with the master key for iClass SE. But what's interesting is that with a bit of code patching I can get iclass.exe to read and write application 2 on this keyfob using the stored master key inside my omnikey in slot 0x20.
I know that the master key for application 1 was changed for iClass SE, but did they bother to change it for application 2? I'm unsure if my problems authenticating to application 1 are due to my omnikey or due to this keyfob being initialised for iClass SE. If it's the latter I'll have to try and get a refund.
I'm waiting on a "Proxmark 3 Easy" from China. From what I could tell this should be good enough for what I want to do, even if it is a little low on memory at 256kB compared to the usual 512kB. Once that arrives I guess I can throw away the Omnikey Given it has updated firmware I would have been surprised if I managed to do anything more than read with it anyway.
edit: Was just browsing and it turns out carl55 answered my question a few days ago here
The key for application 2 didn't change, so odds are this seller has misadvertised how the key is initialised -_- I'm going to check what happens if I update my omnikey drivers to a newer version on the offchance the firmware is rejecting my old driver for application 1 auth requests, but I'm not optimistic.
Last edited by mollusc (2017-06-06 09:56:08)
Offline
I hope you get the real proxmark3 not some china rip off pm3.
Side note: You need pretty good voltage on the HF antenna for iclass. Having some complaints from some client of mine that they are getting rip with inferior parts.
You can get the iclass cards from my side. I can give u a discount price on it if you need some. All tested with the legacy key so I am pretty sure it will work for you unless you do not know the actual legacy key.
(Non-Original) Look at the font to be sure. Very ugly :X
(Original) Loaded with 2.0.0 Look at the font. Printed nicely.
Just a short guide for people buying pm3.
Last edited by Dot.Com (2017-06-09 08:56:40)
Offline
The pictures on ebay look very similar to the second photo, right down to the "ELECHOUSE" silk screen. I saw some other posts on here saying they got decent antenna performance on units similar to this, so I figured I'd take a chance on it. If I was planning to use it regularly I'd be more inclined to source one that's been manufactured with more care.
Might be interested in buying a couple of cards, I'll see how much success I have when my proxmark arrives!
edit: Unrelated info but thought I'd avoid a double post:
For anyone buying iClass cards/keyfobs, beware that the "configured" types (with "C" in the part number) now seem to be shipped with a new default key which is only installed inside the iClass SE encoder. The How to Order Guide says "Unprogrammed, for use with iCLASS SE Encoder.". If you have access to an official encoder then you should be fine, but if you want to use a proxmark only then it seems there are two options:
- Find old "configured" stock which still has the old default key
- Order programmed stock which has had the key changed to the legacy key.
edit 2: 0xFFFF told me over email that he's unconvinced the default key has changed. I don't know what I was sold but it was set up for an unknown encryption key (most likely the new SE master key but no real way to tell with my current equipment). I got a refund, so all's well. If you can find correctly programmed stock then that is still a good option, but sounds like the configured stock should be OK too.
Also, the How To Order Guide makes no mention of it but apparently even the configured stock needs to be set up differently for legacy vs SE. As far as I can tell the difference is the "application issuer" data which is written to block 5 and is read-only once the Fpers fuse is blown . For legacy it's set to "FFFFFFFFFFFFFFFF". In another post in this forum carl55 indicates that "FFFFFF0006FFFFFF" signals to the reader "an iClass SE credential that contains an SIO data object for the access control payload".
Last edited by mollusc (2017-06-25 01:00:45)
Offline
Pages: 1