Hi everyone, I’m researching MIFARE Classic1k tags and have a question.
I ran hf mf autopwn on a tag, and the software detected 71 blocks, but when I exported the dump, it only found 64 actual blocks. Some blocks are marked as used for digital signatures and are located outside of user memory.
I’d like to understand: how is it possible for autopwn to display blocks beyond the tag’s actual physical memory? Are they virtual or control blocks, or are they actually stored somewhere on the tag?
I’d also like to clone the card, but since it has 71 blocks and my Magic Tag 1K can’t hold them all, I can’t do it perfectly. Is there a way to replicate these digital signature blocks, or should I buy a MIFARE Classic 4K and try cloning the dump there?
Also, I’m wondering if it’s better to clone the entire card or just modify the internally stored balance, since that’s my ultimate goal.
Your tag is a genuine MIFARE Classic Ev1, which has signature data etc stored outside of user memory. We print it in order not to loose information about the tag but the memory sectors are not writable. So its of no use when dumping the memory. We exploit the fact it has static keys in order to be able to run Hardnested with success against that tag.
Since last year with regards to Doegox findings with FUDAN cards and backdoor keys, we try to log and print all kinds of information about tags. We never know if it makes a difference.
You would need a Magic tag that are able to mimic the signature data, in order to make a perfect clone.
How to modify the monetary value stored on the card I leave for others to answer
Just to be sure I understand: the signature blocks are outside user memory and not writable, so my Magic 1K can’t perfectly replicate the card. If I want a full clone, should I get a MIFARE Classic 4K?
Hello I got the same problem, I got all the keys. I can read sector 17. But I can not read sector 16 even with the correct key. Any things else can be done to read that sector ? Is it possible to simulate Gen4 with proxmark device ? Does 2k may works to hold these two extra sectors ?
