diff --git a/armsrc/iclass.c b/armsrc/iclass.c
index 02cf8ada0..f37480432 100644
--- a/armsrc/iclass.c
+++ b/armsrc/iclass.c
@@ -608,10 +608,16 @@ int do_iclass_simulation(int simulationMode, uint8_t *reader_mac_buf) {
                     trace_data_size = sizeof(ff_data);
                 } else { // use data from emulator memory
                     if (simulationMode == ICLASS_SIM_MODE_FULL_GLITCH){
-                        uint8_t block_check[8] ={0};
-                        memcpy(block_check, emulator + (current_page * page_size) + (31 * 8), 8);
-                        if (block == block_check[7]){
-                            goto send;
+                        //Jam the read based on the last SIO block
+                        if (memcmp(emulator + (current_page * page_size) + (5 * 8), ff_data, PICOPASS_BLOCK_SIZE) == 0){ //SR card
+                            if (block == 16){ //SR cards use a standard legth SIO
+                                goto send;
+                            }
+                        }else{ //For SE cards we have to account for different SIO lengths depending if a standard or custom key is used
+                            uint8_t *sio = emulator + (current_page * page_size) + (6 * 8);
+                            if (block == (5 + ((sio[1] + 12) / 8))) {
+                                goto send;
+                            }
                         }
                     }
 
@@ -798,10 +804,18 @@ int do_iclass_simulation(int simulationMode, uint8_t *reader_mac_buf) {
             }
 
             if (simulationMode == ICLASS_SIM_MODE_FULL_GLITCH){
-                uint8_t block_check[8] ={0};
-                memcpy(block_check, emulator + (current_page * page_size) + (31 * 8), 8);
-                if (block == block_check[7]){
-                    goto send;
+                //Jam the read based on the last SIO block
+                uint8_t *sr_or_sio = emulator + (current_page * page_size) + (6 * 8);
+                if (memcmp(emulator + (current_page * page_size) + (5 * 8), ff_data, PICOPASS_BLOCK_SIZE) == 0){ //SR card
+                    if (block == 16){ //SR cards use a standard legth SIO
+                        //update block 6 byte 1 from 03 to A3
+                        sr_or_sio[0] |= 0xA0;
+                        goto send;
+                    }
+                }else{ //For SE cards we have to account for different SIO lengths depending if a standard or custom key is used
+                    if (block == (5 + ((sr_or_sio[1] + 12) / 8))) {
+                        goto send;
+                    }
                 }
             }
 
diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c
index 48cbfa889..7ded7732d 100644
--- a/client/src/cmdhficlass.c
+++ b/client/src/cmdhficlass.c
@@ -845,7 +845,7 @@ static int CmdHFiClassSim(const char *Cmd) {
                   "hf iclass sim -t 2                          --> execute loclass attack online part\n"
                   "hf iclass sim -t 3                          --> simulate full iCLASS 2k tag\n"
                   "hf iclass sim -t 4                          --> Reader-attack, adapted for KeyRoll mode, gather reader responses to extract elite key\n"
-                  "hf iclass sim -t 6                          --> same as -t 3, but doesn't respond to r/w for the block specified in last byte of blk 31");
+                  "hf iclass sim -t 6                          --> simulate full iCLASS 2k tag that doesn't respond to r/w requests to the last SIO block");
 
     void *argtable[] = {
         arg_param_begin,