Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Hey, I've been working with a 4K mifare card from clonemykey (S70 block 0 direct write).
I'm wondering if there's some way to save the card. I mistakenly tried to write to a block using hf mf wrbl 3e (hex offset)... instead of hf mf wrbl 62 (decimal offset). So the wrbl command decided that 3e means block 3. The access block for sector 0.
I wrote:
--block no:3, key type:B, key:ff ff ff ff ff ff
--data: 6f 38 bf 00 47 13 90 08 0c 21 00 20 00 0e 00 01
So the card allow(ed) me to write to block 0 to change uid, but doesn't seem to respond to the proxmark's magic commands to undo my screwed up block 3.
Is there some way to recover the card?
I've tried with the mistaken key bytes I set, but I think the access bytes are corrupt.
Maybe we should program in some idiot proofing into writing the access bytes into cmdhfmf.c ?
Offline
Yeah, been there, fukked up a card, but still I think that if you don't understand what you do then don't fiddle around with a PM3.
It is not a solution without faults and errors. Its a swiss tool.
Offline
Yeah, as a developer I understand. I don't want an undelete feature, I want rm to be fast, good tools have sharp edges.
I'll just read the source a bit more carefully before guessing if it's base 16 or base 10 that a pm3 command wants.
I think I might try to make a lua script to clarify the access bits that are in a dump file perhaps allow you to make a dump file have the same data blocks, but more default style access bytes.
iceman, should I use the default access bytes you have in the formatMifare script?
--Accessbytes = Accessbytes or '787788'
Accessbytes = Accessbytes or 'FF0780'
I guess FF0780 is better than 787788?
Maybe I should stop being lazy and work out the bytes from the datasheet.
Offline
Grasshoper, don't think. Do!
If you need a lua script, sure, make one and give back to the community.
When it comes to access bits, I found two schools hence the different versions. one is from Nxp and I think the other one is from libnfc.. One is default NXP and the other one is the "most" open.. I think thats why I changed it to 0xff0780.
I realized with the formatMifare script that there are so many occasions to have fix the accessrights, or reset a card... and it is hard to get all possibilites to one script.
So I made the script a "generate text commands" script instead of actually executing it
Offline