github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

textual

Browse source
This commit is contained in:
iceman1001 2019-08-30 08:57:04 +02:00
commit 54a58cde4e
1 changed files with 12 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

20
doc/loclass_notes.md
View file

@ -1,22 +1,26 @@
# About LOCLASS attack # About LOCLASS attack
This document is primarily intended for understanding `hf iclass loclass` and used files with it. This document is primarily intended for understanding `hf iclass loclass` and files used with it.
LOCLASS aim is to recoved the used masterkey for that specific reader configued in Elite mode / High Security mode. LOCLASS aim is to recoved the used masterkey for that specific reader configued in Elite mode / High Security mode.
LOCLASS, is a two part attack. First is the online part where you gather needed information from the reader by presenting a carefully selected CSN and save the responses to file. For the first part you run `hf iclass sim 2` and take notice of the saved filename. LOCLASS, is a two part attack. First is the online part where you gather needed information from the reader by presenting a carefully selected CSN and save the responses to file. For the first part you run `hf iclass sim 2` and take notice of the saved filename.
The second part is offline, where the information gathered from the first step is used in a series of DES operations to figure out the used The second part is offline, where the information gathered from the first step is used in a series of DES operations to figure out the used
masterkey. run `hf iclass loclass f abc.bin' masterkey.
run `hf iclass loclass f abc.bin`
If you don't have access to a iClass SE reader configured in Elite mode there is a test file which you can use. If you don't have access to a iClass SE reader configured in Elite mode there is a test file which you can use.
`hf iclass loclass f iclass_dump.bin` `hf iclass loclass f iclass_dump.bin`
# Unit testing # Unit testing
In order to verify that loclass is actually working, there is a "unit" test mode. run `hf iclass loclass t`. In order to verify that loclass is actually working, there is a "unit" test mode.
run `hf iclass loclass t`.
This test mode uses two files. This test mode uses two files.
- iclass_dump.bin
this is a sample file from `hf iclass sim 2`, with complete keytable recovery, using 128 carefully selected CSN and the file contains the MAC results from reader. - `iclass_dump.bin`
- iclass_key.bin this is a sample file from `hf iclass sim 2`, with complete keytable recovery, using 128 carefully selected CSN and the file contains the MAC results from reader.
this is file shall contain the legacy masterkey, AA1 key. loclass uses it to verify that permution / reversing / generation of key is correct. - `iclass_key.bin`
this is file shall contain the legacy masterkey, AA1 key. loclass uses it to verify that permution / reversing / generation of key is correct.