github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Iclass Legacy Raw Key Recovery Function

Browse source 
Based on the work described in Dismantling iClass whitepaper.
hf iclass legbrute is tested working
hf iclass legrec is partially working: logic of operations and sequence seems to be in order and was tested on simulated data to be effective. The privilege escalation part is still not successful, but the logic should be correct.
This commit is contained in:
Antiklesys 2024-07-19 14:47:13 +08:00
commit 1832997ccb
7 changed files with 529 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
armsrc/iclass.h
View file

@ -70,4 +70,10 @@ bool authenticate_iclass_tag(iclass_auth_req_t *payload, picopass_hdr_t *hdr, ui
uint8_t get_pagemap(const picopass_hdr_t *hdr);
void iclass_send_as_reader(uint8_t *frame, int len, uint32_t *start_time, uint32_t *end_time, bool shallow_mod);
void generate_single_key_block_inverted(const uint8_t startingKey[PICOPASS_BLOCK_SIZE], uint32_t index, uint8_t keyBlock[PICOPASS_BLOCK_SIZE]);
void intToBinary(unsigned int num, char *binaryStr, int size);
uint8_t binaryToHex(char *binaryStr);
void convertToHexArray(unsigned int num, uint8_t *partialKey);
void iClass_Recover(iclass_recover_req_t *msg);
#endif