Issues with "Magic Auth"

That string seems to work wonders :D. Now I just need to find a reader to test it.

[usb] pm3 → script run hf_mf_uscuid_prog -t 4 -u aa55c396aa0804
[+] executing lua C:\Users\Banditten\Downloads\ProxSpace\pm3\proxmark3\client\luascripts/hf_mf_uscuid_prog.lua
[+] args ‘-t 4 -u aa55c396aa0804’
[+] 0A
[+] 0A
[?] WARNING: nUID should be updated with this value:
[=] UID | AA 55 C3 96 AA 08 04

[=] NUID | 8F 61 D8 AF

[/] Use --f3d to update nUID for Perso F3 only.
[-] Updating real block 0

[+] finished hf_mf_uscuid_prog

[usb] pm3 → hf mf info

[=] — ISO14443-a Information -----------------------------
[+] UID: AA 55 C3 96 AA 08 04
[+] ATQA: 00 44

[=] TAG IC Signature: 8373FCCC33D9F8802B49B618F451F7DA
[=] : 3167868683B0E0C0D173A0CAFE419932
[+] Signature verification: failed

[=] — Keys Information
[+] loaded 2 user keys
[+] loaded 61 hardcoded keys
[+] Sector 0 key A… FFFFFFFFFFFF
[+] Sector 0 key B… FFFFFFFFFFFF
[+] Sector 1 key A… FFFFFFFFFFFF
[+] Sector 1 key B… FFFFFFFFFFFF
[+] Backdoor key… same as key A/B
[+] Block 0… AA55C396AA0804884400000000000000 | D…

[=] — Fingerprint
[+] n/a

[=] — Magic Tag Information

[+] Magic capabilities… Gen 1a
[+] Magic capabilities… Gen 4 GDM / USCUID ( Magic Auth )
[+] Magic capabilities… Gen 4 GDM / USCUID ( Gen1 Magic Wakeup )

[=] — PRNG Information
[+] Prng… weak

But when I try to restore a dump that I have i get:

[=] 46 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key B
[#] Auth error
[=] 46 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key A
[=] 47 | 9A 63 6E 2C 05 00 FF 07 80 69 FF FF FF FF FF FF | ( fail ) key B
[#] Auth error
[=] 47 | 9A 63 6E 2C 05 00 FF 07 80 69 FF FF FF FF FF FF | ( fail ) key A
[=] 48 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key B
[#] Auth error
[=] 48 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key A
[=] 49 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key B
[#] Auth error
[=] 49 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key A
[=] 50 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key B
[#] Auth error
[=] 50 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ( fail ) key A
[=] 51 | 9A 63 6E 2C 05 00 FF 07 80 69 FF FF FF FF FF FF | ( fail ) key B
[#] Auth error
[=] 51 | 9A 63 6E 2C 05 00 FF 07 80 69 FF FF FF FF FF FF | ( fail ) key A

Is that down to the magic auth as well or?. Because when I tried restoring to a magic card it worked like a charm.

It looks like your card is in gen1a magic mode, so I’d try the C chinese commands for gen1a, particularly to make sure your key blocks are set to the correct defaults.

Perhaps hf mf cwipe, will do all that, but your UID will get set as well.

Still, not hard to fix now!

So you recommend a Cwipe first and then a restore afterwards or?

I think so, all the c commands like cwipe for gen1a magic tags should completely ignore passwords and access settings.

do hf mf -h for a list of all of them.

as far as I know there is pretty much no way to brick a gen1a card.

the down side is many systems look for them, so it the perfect copy doesn’t worrk, and is then corrupted after you tried, your system probably killed it!

I’m not quite so sure about the gen4. I know you can have gen1a, gen2, direct write, and the alt gen1a which is the 20 23 wakeup, so I’d probably load up the card and then switch it to alt-gen1a right at the end.

I would be very careful turning of the magic options, as you might completely lock yourself out of the tag if you do.

I just don’t recall offhand if the gdmcfg can be locked, Probably there is a way, but I’ve never been game to test that!

As long as you can get to gdmcfg, you can set a gen4 card to gen1a and save it.

Well I bought them as Gen2 cards so I am wondering why I got at “bastard” mix of a Gen1A/Gen4 card, unless it’s just the protocols they accept.

Every magic card comes from China and they don’t know what they’re dealing with. I buy chips and I get a mix almost every time. There’s no model numbers or SKU or any kind of code that would tell anyone in China what exactly these products are so they just go by nomenclature and tribal knowledge. Almost every time you’re going to get some mixed bag of magic capable chips. There’s no way around it when the market producing these legally suspect products is so chaotic.