Hello all, I was wondering if there’s a command that someone is aware of for the FlexUG4/my UG4 card to disable the Gen2 CUID functionality until it’s needed/wanted? I changed the Gen4 creds on the device to prevent tampering, but I’d like to disable the Gen2 CUID functionality so a reader wouldn’t theoretically be able to detect it. Note: I have a PM3 RDv4 that I use to work on the cards.
[usb] pm3 --> hf mf info
[=] --- ISO14443-a Information ---------------------
[+] UID: aa bb cc dd
[+] ATQA: 00 04
[+] SAK: 18 [2]
[=] --- Keys Information
[+] loaded 2 user keys
[+] loaded 61 keys from hardcoded default array
[+] Sector 0 key A... FFFFFFFFFFFF
[+] Sector 0 key B... FFFFFFFFFFFF
[+] Sector 1 key A... FFFFFFFFFFFF
[+] Block 0.......... aa bb cc dd 1C 00 00 11 77 81 85 BA 18 00 00 00
[=] --- Fingerprint
[=] --- Magic Tag Information
[+] Magic capabilities... Gen 2 / CUID <- I want to toggle this at will.
[=] --- PRNG Information
This generally won’t be an issue because it would require both sector keys and the willingness of the reader to attempt to write to sector 0 which is a potentially destructive operation. Gen1 back door checking is far more likely as it’s non-destructive and has no possible protections / keys needed.
Gen4 command checking is very likely to become the next phase of reader checks vs gen2 sector 0 attempted writes.