The eml file type has been phased out of use within the RRG Proxmark repo/project in favour of the more industry accepted file type of json. On the older guides where you read “eml”, replace it with “json” and you’ll be fine.
Few things Ive noticed as I was reading the thread:
- Source card has 4 byte (N)UID
- Source card has weak PRNG
- Source card has 1k memory
- You are using Proxspace
- You have used Autopwn/recovery commands multiple times
- You are copying to a gen1a (primarily)
Taking into account the things listed above it’ll help guide your efforts in the correct direction. The ‘magic’ of gen1a cards is their ability to perform ‘backdoor commands’ and being able to write to block 0 repeatably. Trying to use gen1a backdoor commands on a gen2 wont work as they lack that functionality. This is why you are having trouble trying to copy the dumped data to the card as you are using the gen1a command for that functionality.
Have a look at the Mifare Classic commands (hf mf -h
) on the proxmark with their descriptions. Notice that any subcommands start with a ‘c’ are for gen1a backdoor commands thus only work on gen1a cards.
The issue you are having with the “wupC1 error” is usually caused by bad/poor coupling from the proxmark high frequency antenna with the card’s antenna. This is easily solved by putting some space between the card and the proxmark then issuing the command. To find the sweet spot you can change commands together to run in sequence by separating each command with a semicolon (eg hf 14a info; hf 14a info; hf 14a info
).
You certainly can and Id say its an easier process than copying from a genuine card to a gen2. In your case you have two ways: use the .bin or .json files you already have or dump data from an existing gen1a (if you dont have the files)
The key part when cloning to a gen2 card to remember is that it’ll behave just like a genuine card but will allow you to write to block 0. Meaning that you can write a ‘bad’ block 0 and lock yourself out of the card thus bricking the card in either a faulty not usable state or locking the card in a usable state without the option of rewrite the block 0 data.
The function on Mifare Classic that dictates how the card data should be accessed is the, aptly named, Access Bits. These can be set in a fashion that the data can only be read but never written (using (n)either sector key). The default access bits are FF0780
which means that Key A and Key B can read and write all blocks in the sector.
If you are writing to a gen2 card, I would always urge you to check the data (.json should be easy to read) before writing it to a clone card. Check that you can see all the data in each sector and double check how the access bits are set to avoid bricking a card. There is a great utility to enter the access bits and easily understand what they are set to do.
Hope this clears up a few things, happy to help with anything else.