You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: .catalog/README.md
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,39 +3,39 @@
3
3
4
4
This application allows you to read, write, save, and emulate legacy HID iClass cards and fobs (based on the picopass chipset). Also supports saving the credential to the Flipper Zero LFRFID data format, changing the keys on the card, performing dictionary attack, and performing the 'online' part of the loclass attack.
5
5
6
-
##Loclass
6
+
# Loclass
7
7
8
8
The loclass attack emulates specific CSN and collects responses from the reader which can be used to calculate the elite or (some) custom key configured for that reader. This key is then used to read data on the cards used with that reader.
9
9
10
-
###Online part
10
+
## Online part
11
11
12
12
1. Run _loclass_ from the picopass main menu
13
13
2. Present the flipper to the reader. Holding flipper directly to reader may not work, vary distance by a few inches.
14
14
3. Collect responses until the progress bar is full.
15
15
16
16
NOTE: If the screen says “Got std key” AND stays on 0/18, then loclass isn't needed.
17
17
18
-
###Offline part
18
+
## Offline part
19
19
20
20
1. Download the loclass log (_sdcard/apps_data/picopass/.loclass.log_) from your Flipper Zero.
21
21
2. Use [loclass.ericbetts.dev](https://loclass.ericbetts.dev/) or a tool of your choice to calculate the key
22
22
3. Copy the key to _iclass_elite_dict_user.txt_ and place in _sdcard/apps_data/picopass/assets/_
23
23
4. Run _Elite Dict. Attack_ from the picopass main menu
24
24
5. Present card to the back of the Flipper Zero.
25
25
26
-
###Failure
26
+
## Failure
27
27
28
28
There are some situations when the offline loclass may not find a key, such as:
29
29
* iClass SE
30
30
* Readers configured with Standard-2 keyset
31
31
* Custom keyed readers using Standard KDF
32
32
* Custom keyed readers using SE KDF
33
33
34
-
##NR-MAC read
34
+
# NR-MAC read
35
35
36
36
Due to the nature of how secure picopass works, it is possible to emulate some public fields from a card and capture the reader's response, which can be used to authenticate. Two of the pieces involved in this are the NR and MAC.
37
37
38
-
###Card Part 1
38
+
## Card Part 1
39
39
40
40
1. Place card against Flipper Zero
41
41
2. Run _Read_ from the picopass main menu
@@ -44,15 +44,15 @@ Due to the nature of how secure picopass works, it is possible to emulate some p
44
44
5. Select "Save Partial"
45
45
6. Name file something you'll remember
46
46
47
-
###Reader Part
47
+
## Reader Part
48
48
49
49
1. Select _Saved_ from the picopass main menu
50
50
2. Select the file name you saved in last step of Card Part 1
51
51
3. Select _Emulate_
52
52
4. Expose Flipper Zero to reader (It may work better a few inches from the reader, as opposed to physically touching)
53
53
5. Flipper will buzz and screen will say "NR-MAC Saved!"
0 commit comments