iClass request - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: iClass request (/thread-8157.html) |
iClass request - iceman - 02-15-2019 Some ppl has been asking about this and my own curiousity has been there since I implemented a naive dictionary implentation for the proxmark3 client. There are different attacks already for different parts, but given a sniffed trace of authentication A hashcat implementation would be good for the scenario of custom keys. What is it? iClass crypto - triple des - three hash diversifications (hash-0 , hash-1, hash-2) for two modes. legacy standard / elite (high) - a twist of the des key aswell. all parity is in last byte instead of MSB Possible ideas for Hashcat would be a dictionary or bruteforce mode. http://www.icedev.se/proxmark3/proxclone.com/Covert_Approach_to_Recovering_iClass_HSKeys.pdf Documents. http://www.proxmark.org/files/proxclone.com/ RE: iClass request - atom - 02-15-2019 Can you be more specific which type of computation is needed? RE: iClass request - thesle3p - 03-13-2019 I would really love to see this happen, would make cracking Iclass Elite keys much more viable. RE: iClass request - atom - 03-14-2019 I'd be happy to add this to hashcat. Just need the details. RE: iClass request - royce - 03-16-2019 https://www.cs.bham.ac.uk/~garciaf/publications/dismantling.iClass.pdf |