i’m posting this as a PSA… but also because i want to force the issue with China… but “CUID” does not mean gen2… I have had plenty of vendors and suppliers use CUID to mean anything from mifare classic legit cards with no changable UID to gen1a and gen2… but on the other hand they don’t know what “gen2” means either… so I have to ask them every time to confirm how the card / chip works, and I do this by asking for the exact proxmark3 commands used to write to it. Once they send me the commands I know what kind of chip it is.
The exact commands I used were on the first post: hf mf restore
I did not specify the bin file, but it grabbed the correct one automatically after running: hf mf autopwn
I tried writing onto two blank fobs, but after writing to them once, I get an auth error when attempting to write again.
Below is a screenshot of the error.
The bottom screenshot is writing to the fob for the first time without errors.
The top screenshot is attempting to write on the fob that already has been written to with auth errors.
I obtained the answer on Discord, so I thought I’d share it here in case anyone ran into the same issue.
The sector trailers for the Mifare Classic 1K: blocks 3,7,11… 63 need to be rewritten first.
In my case, blocks 0 to 7 had an auth error, so I need to re-write blocks 3 and 7.
After obtaining the keys to those sectors with: hf mf autopwn
I re-wrote the sectors using: hf mf wrbl --blk [block] -d FFFFFFFFFFFFFF078069FFFFFFFFFFFF -k [key]
After doing this, I’m able to re-write to the fob again with: hf mf restore
No more auth errors.