Making the NExT read only (with a password)

Thanks! Yeah, sightly terrified of potentially bricking this thing

Might I suggest getting some NTAG 216 stickers, they are relatively cheap on Amazon for example.

Then you can practice your commands on those, ensure that you have the right commands, and that they do what you want, without risking your implant?

1 Like

For sure! Initial experiments I’ve actually done on an unimplemented sacrificial NxT which works without issue with the above commands, just seems odd that the NExT seems to have different behavior

1 Like

You should not need to change page E4 so I would leave that one alone for now. What is your current page E2 and E3 set to?

Thanks for the reply, How would I check the current values?

When I look at the ‘full scan’ tab I’m seeing the following:

[00] 04 2E A4 06
[01] 32 0A 54 80
[02] EC 48 0F 00
[03] E1 10 6D 00

Does that give you what you need?

Yep but the last few pages

Gotchya, sorry I see now:

[E2] 00 00 7F BD
[E3] FF 00 00 FF

Hmm uh oh. Page E3 has a config byte of FF… I have to review my notes but pretty sure that includes a config lock bit which has been set… therefore you cannot change the configuration at all.

Actually what’s page E4 look like?

For reference…

e4 block is E4 00 – –

Are you sure about that? If so then I’m guessing a write command got mixed up and you wrote E4 00 to page E4 and inadvertently may have tripped the cfg lock bit.

E4 in binary is 11100100 so you can see the first 3 bits are 111 and those are authlim bits 0-2… then 00 for bits 3 and 4 and it appears 5 is 1 which is reserved and then bits 6 and 7 are 00 and cfg lock is bit 6 so you lucked out… I think… so first fix page E4 by sending following;

A2 E4 00 05 00 00

This should work now because your page E3 indicates and AUTH0 byte of FF which means everything is writable without authentication.first.

hmm A2 E4 00 05 00 00 coming back NAK, think I should try it with authenticating first?

yes you can try auth first… post results

No dice with Authing first sadly. For completeness here’s a screenshot for the last few blocks

Sorry for the late reply, got rate limited by the forum because I just signed up heh.

1 Like

Well you have clearly passed the Turing test, so I have upped your user lever from new to basic, you should be able to reply more easily /frequently

1 Like

ok so what happened when you tried to auth first? did you get the PACK back when you auth’d or a NAK or?

I would maybe auth, then try to write the PWD back to factory default of FF FF FF FF and see if that works… a scan with taginfo should show a default pw if set