Mifare 4k clone using Proxmark3 RDV4

I am pretty sure they are changeable. They just don’t have the Chinese magic back door, hence there is a risk of bricking them if you make an error writing.

1 Like

gen2 is changeable just with direct commands ergo hf mf wrbl

1 Like

Ah, that’s where I was mistaken. So they are changeable, but could be bricked. Ok thanks.

Shutting up and going to bed, it’s currently 12:17am, past my bedtime :grinning_face_with_smiling_eyes:

If you are struggling to sleep

Hey, thanks for replies!

Just in case, here’s a screen cap of hf 14a info

This is for a blank card. I can successfully (I think) write to block zero, and the UID matches the fob I’m trying to clone.

What fails (as the OP has a similar command) is this command:
hf mf restore --4k -f [original_dump.bin] -k [gen2_magic_card_key.bin]


That has a 7 byte UID
aka, not a Magic Gen1a or Gen 2

Maybe Ultralight

Can you scan with TagInfo?

mifare classic 1k and 4k 7byte uid changable does exist in both g1 and g2 forms, what told you otherwise?

Fair point.

I should have said

Possibly not…

I do actually have a couple cards of each,
Both s70s rather than S50s
and they read as Gen3

I know yall are looking at two people problems now but they are related so ill post my output as well. The first info is from my card im trying to clone to and the second info is from the source key fob. Like @cerulean im failing on the restore.

ok so the uid is changed thats good

hf mf autopwn them both
hf mf restore -f olddump.bin -k newkeyfile.bin

Sorry you lost me. Do you need to autopwn both the original fob and the new card? I had just been doing the original fob. Whats olddump.bin in this context and is newkeyfile.bin the key output given from autopwn on the original fob?

ok so you will be autopwning both cards. the card youre cloning from and card youre cloning to. ill call these cardfrom and cardto respectivelt

autopwn both
hf mf restore -f cardfrom -k cardtokey.bin

you need the keyfile of the card youre writing to, to write to or else it will fail

Do I need to supply the cardto with a key? Cardfrom autopwn works fine but cardto autopwn seems to be struggling

autopwn is for getting the keys so you cant supply it with a key you dont have lol.

youll need to let cardto crack by autopwn and if it doesnt crack on autopwn you may have fuckd it by uploading unknown keys to it

So on the hf mf restore is the cardfrom file a key file or the binary dump? And cardtokey.bin is a key file right. Want to double check before I brick another card lol


Lol is the cardfrom file a key file or the binary dump?

binary dump

so hf mf restore -f cardfrombinary -k cardtokeys

Okay got it, thank you! I’ll try a second card I have and see if that works.

Any advice to find 7 byte uid changeable fob or cards right now other then labs401?