Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

anti copy, Mifare Sector0 / block0 should be locked #38

Closed
kevin2008-01 opened this issue May 14, 2018 · 15 comments
Closed

anti copy, Mifare Sector0 / block0 should be locked #38

kevin2008-01 opened this issue May 14, 2018 · 15 comments

Comments

@kevin2008-01
Copy link

Now, new reader, fuck the chameleon, with anti-copy tag system.....
Please implement enable / disable fuid uid...for slot..... if is possible, right. ???
Thank you iceman1001.
@ceres-c
Copy link
Contributor

ceres-c commented May 15, 2018

I am not sure I understand what I'm reading...

@iceman1001
Copy link
Owner

Enable / Disable FUID ? UID for slot..

I'm not sure either but that could be of the french way of expressing things. There seem to be a wish for FUID to be optional per slot. What I'm curious is what functionality FUID stands for? use once? magic? ...

@kevin2008-01
Copy link
Author 

Block 0 can only be written once.
Even greater protection from a  system with "anti-clone" feature
Use normal commands. eg. hf mf  wrbl 0 B FFFFFFFFFFFF a473f601200804006263646566676869
Answers to chinese magic backdoor commands: NO

@iceman1001
Copy link
Owner

Hm, this firmware as it is shouldn't allow for uid (block0) re-writing.
it should set uid when we upload a dump etc. Then it shouldn't allow at all for block0.

Aha, I see in the source code there is no limit for block0 writes. ok. Fair enough, I agree.

@ceres-c
Copy link
Contributor

ceres-c commented May 15, 2018

Now I get it and I agree

@kevin2008-01
Copy link
Author

the reader must understand that writing block 0 is impossible, he must just read the chameleon. I do not know which command the reader sends to do the test or detect a tag copy. apparently, new readers are not blocked only in France, but also in other countries. see you

@quantum-x
Copy link

French readers implemented a 'magic check' where they send 0x43 0x40 to weed out magic tags.
However, the Chameleon Mini also has timing issues - which means they are often rejected by french readers. I'm assuming he's bumping up against problem 2 more than problem 1 - as the Chameleon should not respond to 0x43 0x40

@slurdge
Copy link
Collaborator

slurdge commented Nov 30, 2018

By "magic", you mean Chinese backdoor command ?

@quantum-x
Copy link

quantum-x commented Nov 30, 2018 via email

@iceman1001 iceman1001 changed the title anti copy, all new reader, fuck my chameleon !!!! anti copy, Mifare Sector0 / block0 should be locked Feb 22, 2019
@securechicken
Copy link
Collaborator

@iceman1001 to be closed I think.

@iceman1001
Copy link
Owner

@ShinHub double check in code that block0 doesn't allow for Write commands...

@securechicken
Copy link
Collaborator

@iceman1001 you were right... I took quantum-x answer as clue of a previous patch.
I checked and found nothing in Mifare code to prevent Block0 write.
I am patching this.

@iceman1001
Copy link
Owner

iceman1001 commented Aug 15, 2019
edited

keep in mind for your patch, that the support-chinese-magic command macro defines, at compilation time, should allow for updating block0 etc..

@securechicken
Copy link
Collaborator

I swear won't hurt any chinese.

@iceman1001
Copy link
Owner

You do have a sense of humor. Excellent.

securechicken pushed a commit to securechicken/ChameleonMini-rebooted that referenced this issue Aug 15, 2019
@ShinHub
Deny block0 write noticed in iceman1001#38. Small cleanup.
48df5e2
securechicken pushed a commit to securechicken/ChameleonMini-rebooted that referenced this issue Aug 15, 2019
@ShinHub
Deny block0 write noticed in iceman1001#38. Small cleanup.
67710ae
securechicken pushed a commit to securechicken/ChameleonMini-rebooted that referenced this issue Aug 15, 2019
@ShinHub
Deny block0 write noticed in iceman1001#38. Small cleanup.
d8c14aa
securechicken pushed a commit to securechicken/ChameleonMini-rebooted that referenced this issue Aug 15, 2019
@ShinHub
Fix iceman1001#38 writable block0. Clean and refactor MF.
cc80917
securechicken pushed a commit to securechicken/ChameleonMini-rebooted that referenced this issue Aug 15, 2019
@ShinHub
Fix iceman1001#38 writable block0. Some Mifare refactor.
d6dad03
securechicken pushed a commit to securechicken/ChameleonMini-rebooted that referenced this issue Aug 17, 2019
@ShinHub
Fix iceman1001#38: block0 was always writable
dfe5685
This was referenced Aug 17, 2019
Closed
Merged
iceman1001 added a commit that referenced this issue Aug 17, 2019
@iceman1001
Merge pull request #120 from shinhub/atomic_fix_writable_block0
28678d3 
Fix #38: block0 was always writable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@slurdge @quantum-x @iceman1001 @ceres-c @kevin2008-01 @securechicken