Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2016-12-11 22:32:56

raptor
Contributor
Registered: 2016-11-17
Posts: 27

Make a 1k chinese card appear as 4k

I'm trying to make a Chinese 1k card appear as a mifare 4k. I don't care about the data between the 1-4k area which the 1k card does not posses.
I read in the mifare specs that it is the SAK that identifies the card and it is written in block 0 so it sounds like i could just write it but it's just not working for me. The SAK in the magic card is just after BCC and below i wrote it as 18=mifare classic 4k but it keeps appearing as 1k.
Any clues?

#db# READ BLOCK FINISHED
isOk:01 data:bb 62 b8 ec 8d 18 02 00 b4 ba 54 98 c1 50 28 14
proxmark3> hf search

UID : bb 62 b8 ec
ATQA : 00 02
SAK : 08 [2]
TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1
proprietary non iso14443-4 card found, RATS not supported
Answers to chinese magic backdoor commands: YES

Valid ISO14443A Tag Found - Quiting Search

Offline

#2 2016-12-12 11:09:43

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Make a 1k chinese card appear as 4k

try

ATQA = 00 44
SAK = 08

Offline

#3 2016-12-13 23:02:38

raptor
Contributor
Registered: 2016-11-17
Posts: 27

Re: Make a 1k chinese card appear as 4k

It doesn't work. It completely ignores any SAK i try, it will always output as i wrote above.
I tried all kinds of SAK's. I can change the ATQA however.

Offline

#4 2016-12-14 06:52:35

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Make a 1k chinese card appear as 4k

Strange magic card that ignores SAK.
How do you change the UID/ATQA/SAK ?

Offline

#5 2016-12-14 09:30:57

raptor
Contributor
Registered: 2016-11-17
Posts: 27

Re: Make a 1k chinese card appear as 4k

I totally agree, the UID and ATQA is changed but not the SAK. All is done in block 0. It doesn't matter what i write in the SAK position, it keeps reporting 08. I read block 0, confirm that let's say it is 09, but it keeps reporting as 08.

Have you tried it yourself iceman? Does it work for you?

Offline

#6 2016-12-14 12:43:50

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Make a 1k chinese card appear as 4k

Not a problem on a magic tag for me.

ref: http://pastebin.com/5imVzRzg

Offline

#7 2016-12-14 12:47:59

717
Contributor
Registered: 2015-10-21
Posts: 22

Re: Make a 1k chinese card appear as 4k

@raptor: Do you have untouched "magic cards"? What is the original ATQA/SAK value?

Offline

#8 2016-12-29 08:11:47

raptor
Contributor
Registered: 2016-11-17
Posts: 27

Re: Make a 1k chinese card appear as 4k

Well, obviously magic cards with unchangeable ATQA and SAK are very common, like these i bought big_smile

https://www.aliexpress.com/item/New-Version-UID-Changeable-NFC-MF-S50-1K-Card-Support-Andriod-APP-MifareClassicTool-MCT-NFC-Phone/32627097079.html?spm=2114.13010608.0.0.dRMlfF

In the description:
Before making a example , let me have explain what is UID of MF S50.
UID is byte0-byte3
byte4 = byte0 ^ byte1 ^ byte2 ^ byte3
byte5 must be 08
byte6 must be 04
byte7 must be 00, byte5-byte7 is nfc card type cannot be changed.
byte8-byte15 is manufacturer data.

Anyone has a link with magic cards with changeable SAK and ATQA? Even, better, Mifare classic stickers that can do so big_smile

Offline

#9 2016-12-29 10:30:15

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Make a 1k chinese card appear as 4k

I doubt that byte5-7 must be pre-set.  A magic generation2 tag can become unresponsive if you set the wrong sak/atqa values and I'm guessing this is why the seller says you shouldn't change it.  Doesn't mean you can't.

Offline

#10 2016-12-30 13:12:50

raptor
Contributor
Registered: 2016-11-17
Posts: 27

Re: Make a 1k chinese card appear as 4k

I thought the same, but i can't get it working. I haven't tried again after last post though but i will try again.

Offline

#11 2016-12-30 13:41:13

iceman
Administrator
Registered: 2013-04-25
Posts: 9,497
Website

Re: Make a 1k chinese card appear as 4k

try writing this one,  it should change yr tag to a 4k tag,  well you need to change key.

hf mf wrbl 0 a ffffffffffff  01020304040844000000000000000000

Offline

Board footer

Powered by FluxBB