Are there any command to:
- Wipe the card completely/reseting it?
- If it’s a Chinese card, can it be “factory reset”? UID will change back to original?
- Any command to read writing memory in percentage, “20% used, 80%”, something like that?
Thanks 
Hi @Dan, there are some scripts in the client/scripts directory that may be what you are looking for.
There is one, formatMifare.lua which will blank all the memory and set the keys and access bytes back to factory. I’ve used it and it works, but you might have to edit it first.
There’s one commented line that needs to be uncommented to make it actually work. It’s toward the end, “core.console(cmd)”. If it has – infront of it, get rid of the – otherwise the script will ‘look’ like its running but won’t actually format the card.
Another one, remagic.lua should reset block 0 of a Gen 1 Chinese card back to original settings. I haven’t tried that one yet but it should reset the UID and factory info in block 0.
Edited to add: remagic won’t set the UID back to ‘original’, since the original would be unknown. It changes the UID to something generic though. 01 02 03 04 or something like that.
To run the scripts, the command is:
script run [scriptname]
I don’t know of a command or script to check the memory % used, sorry.
1 Like
Thank you so much for the info Very useful, I’ll play later with it when I get home.
Just learned how to clone Mifare Classic but want to know more and what do to in case of problems, before writing on my xm1+
Ps: any commands you think useful and were harder to find, throw them over 
I edited the command (turned from green - white) but it did not work. Played the “hf mf wrbl” commands but nothing changed.
Also tried remagic but got this…trying to decipher what is means …
proxmark3> script run remagic
script run remagic
— Executing: remagic.lua, args ‘’
hf 14a raw -p -a -b 7 40
hf 14a raw: invalid argument “7 40” to option -b|-B|–bits=
Try ‘hf 14a raw --help’ for more information.
hf 14a raw -p -a 43
received 0 bytes:
hf 14a raw -c -p -a A000
received 0 bytes:
hf 14a raw -c -p -a 01 02 03 04 04 98 02 00 00 00 00 00 00 00 10 01
received 0 bytes:
-----Finished
???
Need to learn these one before i write on my xM1+ because i tried to dump a data on a clone i made already and didnt let me...probably cause keys werent all ffffffffffff … ?
And btw, between my original key and first clone, I think sector 3, block 1 changed (i think for the original - and I made different tests and clones to reach that conclusion after noticing the difference). They both still work but last half part is little different between them. Also sector 14 block 1 and 2…
Is it possible the building reader also writes data on the original card? Cause to be honest Id hate a system i dont know writing on my implant…
Other methods i tried that i think bricked it…
proxmark3> hf mf csetuid 01020304 w
hf mf csetuid 01020304 w
ERROR: Unknown parameter ‘w’
Usage: hf mf csetuid <UID 8 hex symbols> [ATQA 4 hex symbols SAK 2 hex symbols]
sample: hf mf csetuid 01020304
sample: hf mf csetuid 01020304 0004 08
Set UID, ATQA, and SAK for magic Chinese card (only works with such cards)
proxmark3> hf mf csetblk 0 01020304050607080910111213141516 w
hf mf csetblk 0 01020304050607080910111213141516 w
Chinese magic backdoor commands (GEN 1a) detected
–block number: 0 data:01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16
proxmark3> hf mf rdsc 0 A FFFFFFFFFFFF
hf mf rdsc 0 A FFFFFFFFFFFF
–sector no:0 key type:A key:ff ff ff ff ff ff
#db# Can’t select card
#db# READ SECTOR FINISHED
proxmark3> hf se
hf se
no known/supported 13.56 MHz tags found
-after changing the UID it came back to life and showing normally
“hf mf cwipe w f” finally worked, with “w” and “f” together 
1 Like
Hi Dan,
As I said, I’ve never used the remagic script but I was told about it by @TomHarkness, maybe he can share some insight. My guess is some changes have been made to the proxmark 14a raw command since the script was written, so the argument no longer parses as expected.
I’ve just played with the remagic script and if you edit it, find the line with that command that gave you the error, and remove the space after the -b. So it should read:
hf 14a raw -p -a -b7 40
That should fix the error message. Then try the script again, it might unbrick the card. I tested it on a spare S50 Gen1a and after making that change to the script, remagic worked. (I did not brick the card first… i only have the one spare.)
For the formatMifare, if you’ve changed the access keys, then you need to know what they are. I believe it uses the B key, and if it isn’t the default ffffffffffff then you’d invoke the script with
script run formatMifare -k xxxxxxxxxxxx
where the x’s are the B key.
To test if the building reader is modifying the card data, I’d use the official card and for a few days, just get a memory dump of it every night after use, and compare the dumps to see if anything’s changing. Like you said, don’t want to risk the implant on an unknown writing system.
Good luck.
1 Like