As @Pilgrimsmaster said, you’ll need a flexClass. Getting that RedTeamTools card will also be helpful.
Before you do that, I’d like to ask a bit about the system in question. What kind of HID branding is on it? Can you share a full dump of the card? Can you share a photo of the readers that you’ll be trying to use it with?
so far im happy to see the proxmark3 was able to read the card to tell me its a picopass 2kcard type. it found valid keys as wel. now i need to purchase the correct blank cards compatible to write on and the same keys.
as soon as i get a blank i try cloning it. it seems the M1 HF cards aren’t combatable unless I’m doing it wrong …
The iClass DP is HF only. There’s a few posts on here about cloning them. M1 cards are sadly incompatible.
i just received my blank Picopass cards.
i trying to follow your steps into cloning my HF card but i don’t want to accidently delete my original card by doing the wrong steps . once im logged into my pm3 device what’s the first command line do i write and when do i let the reader read my original card so i can then copy that info into my new blank picopass card.
if there’s a step by step that would help a newbie like myself do this so i don’t copy the blank card onto my original card that would be very helpful.
thx
I’m working on a similar task at the moment.
HID Iclass proxmark3 - Support - Dangerous Things Forum
Not to hijack your thread, but this may answer some questions or maybe give some insight I hope. I’m by NO means an expert, but if I can help at all, ask away!
You should be able to
hf ic rdbl -b 6 --ki 0
or blocks 6-9, changing -b 6 to -b 7 etc.
noting that value, and then with the blank card on the pm3
hf ic wrbl -b 6 -d “value for each block” --ki 0
if you’re using the redteamtools Iclass card like I am, if --ki 0 doesn’t work, --ki 2 worked for me
Or, at least that’s my understanding of it. There is a lot of knowledge floating around here. I try to absorb as much as I can!
I hope it goes smoother for you than it is for me so far! 
EDIT: @philidelphiaChickens gave me some wisdom about using the key from managekeys instead of typing the key out manually to avoid any potential uh oh’s
You shouldn’t have to worry about deleting data. Usually issued cards will be locked by the issuer. Can you post the dump file from the source card? hf ic dump ki --0 is the command you’ll need.
this is what shows up when i put in that command line.
whats the next steps to actually coping this card to my blank picopass card .
thx
Can you share the rest of the file output? There should be a column or two of data listed.
if this is not the info you need then what is the command line to see those columns . I’m not familiar with all the command lines yet
You should get a .bin file output saved in the client folder of the proxmark directory and a display of the data in the terminal. When you give the dump command does it not show the card data below the “Card has at least 2 application areas.” line?
That is the rest of the file output that @philidelphiaChickens is referring to.
should be columns similar to
block# | data | ascii | lck | info
with corresponding rows for each data block
i opened the file in notepad and this is what showed up
AEA684A6DAB23278 # AA1
7665544332211000 # key1/Kc from PicoPass 2k documentation
0123456789ABCDEF # SAGEM
5b7c62c491c11b39 # from loclass demo file.
F0E1D2C3B4A59687 # Kd from PicoPass 2k documentation
5CBCF1DA45D5FB4F # PicoPass Default Exchange Key
31ad7ebd2f282168 # From HID multiclassSE reader
6EFD46EFCBB3C875 # From pastebin: iclass keys6EFD46EFCBB3C875E033CA419AEE43F9 - Pastebin.com
E033CA419AEE43F9 # From pastebin: iclass keys6EFD46EFCBB3C875E033CA419AEE43F9 - Pastebin.com
2020666666668888 # iCopy-X iCL tags
6666202066668888 # iCopy-X iCS tags reversed from the SOs
what do i do with this info to copy it onto a blank card?
do i just put a command line with with the origianal keys on it to copy it to ?
sorry if i seem like a novice to this but i really am.
i was able to read the card now if i could just figure the correct steps to copy a card that would be great .
Trust me, I know the feeling. I’m not far from it myself Just seemingly a little farther/longer into the head scratching and reading and reading and reading about it all.
Sorry, I didn’t mean to imply that you should manually to try open the file with a text editor.
hf ic dump --ki 0 should give you a “printed” version of the chip data in the terminal as well as save a .bin file along with a json and eml file iirc.
Did you not get anything more than what you posted (in post 11 of this thread) in the terminal when you gave the dump command?
There should have been more to it than what you shared. Either a successful dump displaying and saving the data, or a failure/couldn’t communicate with chip error etc.
after running the command line
hf ic dump --ki 0 this is what showed up .
hopefully i get a little closer to actually copying this card . fingers crossed
Now we’re getting somewhere!
This is what you’re looking for. Blocks 6-9 are what you want to copy to your new card
is the link that @Pilgrimsmaster sent earlier, and it spells it out pretty straight forward for you.
hf ic wrbl -b 6 -d A30303030003E017 --ki 0
for block 6 and duplicate for 7-9 with the appropriate data, all caps, no spaces.
after writing blocks 6-9 manually, do the dump again to verify the cloned card matches the original and give it a try!
ok i hope it did it correct.
i duplicated blocks 6-9 like u mentioned and added the appropriate data. i did the ic dump info and as u can see in the new card blocks 6- 9 are the same . the only number i noticed isn’t the same is block 0 my original data numbers are different then the copy card. is that normal or did i miss something?
here’s
