Is posible erase/format mifare 4k???

casper112 · 2013-02-10 14:55:24

Hi,

Is this posible with proxmark3??? Because I have a mf classic 4k with block 00 writable, I wrote a dump but now I want to write other diferent... Is that posible? Erase / format card like manufacture time?

Thx

C0Y0-Ck3r · 2013-02-10 17:02:22

Is it the chinese card that you got ? if yes, then you can change the UID of the card, else you can't because UID mifare's card is in reading mode only. Its like the UID is part of the hardware of the card, so impossible to rewrite on it.

casper112 · 2013-02-10 19:09:10

Yeah, I haven´t a chinese but it can be write a block 0 and change UID:

I have this:
http://www.xfpga.com/html_products/UID-changeable-mifare-4K-card-S70-card-51.html

The problem is with 1K version I can use "c" comands fine (proxmark).

But with 4K version I can´t... But I can write the block 00 everytime I want with "hf mf wrbl"...

----------------------

But the problem I have is:
I maked a 1K genuine dump then I restore to 4K card cangable UID (restore comand proxmark and all done).... But now I want erase/empty/manufacture my 4K restoring all keys A/B to FFFFFFFF (I know actual keys)... I can´t find any comand to erase or overwrite or restore mifare card.

Otherwise with the 1K dump I loaded into a chinese 1K and I used all "c" comands fine.

Thanks

thefkboss · 2013-02-10 21:19:59

with 1k mifare is possible because you have the xploit version.
there are 2 versions xploit and regular.
the xploit version has a xploit that means: when you send the magic words the card write what ever you want the keys and trailer blocks are not used.

the regular version acts like mifare (the only different changeable UID) so that means: if you have fuse trailer block, you are not going to erase the card no more.
the card is going to be in the same state forever.

with this mifare 4k (they are regular version not exploit version) so that is the problem

You have to be carefully when you write the card and change the trailer block to (all read, write...with a/b) in the dump image before you write to the card.

YOU ARE NOT GOING TO USED THAT CARD FOR OTHER THINGS. YOU HAVE FUSE THE TRAILER BLOCK

casper112 · 2013-02-10 21:55:13

Good explain

Resume I must to buy a new card to continue playing

thefkboss · 2013-02-10 23:08:01

CHECK the trailer blocks? sometimes iyou change trailer block to read or write with a/b key, BUT if you have fuse (never write only read) you will have to buy a new one

casper112 · 2013-02-11 00:33:03

And how can I check trailer block.... ???

thefkboss · 2013-02-11 10:07:06

you can check open the dump you write in your card and check the trailer blocks
you can use this:
http://proxmark.org/forum/viewtopic.php?id=1408

casper112 · 2013-02-11 14:39:56

Well...

     Key A                           Track                                  Key B
7712F54114FC                 FF078069                         B0B1B2B3B4B5

From Sector Trailer I must take only 6 frist: so FF0780

With the program... With key A I can do everything I want over Block 0, Block 1 and Block 2.

All is correct? I think I begin to understand it

But now other question: When you write the sector trailer, u never will rewrite it with diferent keys? Is correct?

Thanks

thefkboss · 2013-02-12 00:07:40

the rest of the sector are the same ff0780??
if the answer is yes you could used the key A to change what ever you want.

When you write the trailer block this the main rule for the card so if you change the trailer block the card will open only whit that rule.
there are some rules (never read, never write...) this rules are dangerous because the fuse the trailer block and you never get back to the previous situation,
so follow my advise when you dump a card if you want to write to a this uid changeable without backdoor change all the trailer block in the dump to some not fuse state, something you could recover the card

or try to find some mifare 4k xploit ones i have not luck on my search if you found some let me know.

i'm also looking for ultralight xploit ones

casper112 · 2013-02-12 03:05:34

Hi,

Yeah all sector have the default FF0780. Now I´m beginning to understand how work it ^^.

But I wrote a dump from 1K card to a 4K card. I´m trying to read fulldump from 4K but all time I get the same result only 1K what about other 3K´s??? I wrote 1º keys from my original 1K dump and the rest 3K´s I wrote de default Keys FFFFFF... Everytime I get the same result only 1K dump.

thefkboss · 2013-02-12 14:23:46

Hi that is because you have modificated the full block 0 in that block there are more things than the uid.
There is also what type of card is 8804 mifare 1k
So you have to change that to 9802 Mifare 4k
If you change that it will work at 4k
the program think that is 1k and for that reason the program stop reading

casper112 · 2013-02-13 05:18:31

I restore to manufacture state the card finally.... I was rewritten keys blok to default value, it is too slow process, may be there are same trick...

But the same problem the 4K card under windows XP professional, software version 625 dont write or read full card (only like 1K) already wrote 9802.... Under linux bactrack + Acr122u all solved...

I got more success moment with ACR122u than with proxmark, I tryed to crack one 4K with proxmark under nested atack and when it arrive to one part it stop and nothing more (I only have one 4K original card), under linux and mfoc 30min all keys and dump fine... I know proxmark is for developers

Proxmark3 community

Announcement

#1 2013-02-10 14:55:24

Is posible erase/format mifare 4k???

#2 2013-02-10 17:02:22

Re: Is posible erase/format mifare 4k???

#3 2013-02-10 19:09:10

Re: Is posible erase/format mifare 4k???

#4 2013-02-10 21:19:59

Re: Is posible erase/format mifare 4k???

#5 2013-02-10 21:55:13

Re: Is posible erase/format mifare 4k???

#6 2013-02-10 23:08:01

Re: Is posible erase/format mifare 4k???

#7 2013-02-11 00:33:03

Re: Is posible erase/format mifare 4k???

#8 2013-02-11 10:07:06

Re: Is posible erase/format mifare 4k???

#9 2013-02-11 14:39:56

Re: Is posible erase/format mifare 4k???

#10 2013-02-12 00:07:40

Re: Is posible erase/format mifare 4k???

#11 2013-02-12 03:05:34

Re: Is posible erase/format mifare 4k???

#12 2013-02-12 14:23:46

Re: Is posible erase/format mifare 4k???

#13 2013-02-13 05:18:31

Re: Is posible erase/format mifare 4k???

Board footer