Go Down

Topic: Some success with writeCID (Read 40655 times) previous topic - next topic

orsothebear

Please people, don't buy it!
Despite claims of someone here in the forum, arduino can't do the thing otherwise those same users would have already explained how.
Until now they didn't that push me to guess that people who claim to be able to do it having taken few months of hard work or things like that, they are hiding business intentions.
No way.
People who know wouldn't stay silent as for all other matters discussed here in the forum or elsewhere.
All them only claim to have succeeded but never they provide a single clue they are in the position to do the thing really.
Now me too I claim I can do it, anyone can and I'll prove it.
Simply over all the world are sellers who provide personalized cards, you don't need neither to do it yourself or rely on someone in the forum who runs his own business, just buy cards there from them.
Easy!
Why are you in the need to do the thing by yourself with an arduino or let do it someone else that you don't even know who he is and if he can really succeed?
Why are you in the need to send your cards at strangers and maybe even your money so that the same unknown can carry out the thing with don't know what results?
Those who claim to have succeeded on their own words they wrote that they couldn't do the thing on all cards on the market, so be careful!
Special kind of cards or not, don't waste your time and money, simply contact any seller you want and buy the cards you need from them who can for sure provide what you are looking for.
They can do the thing really, they don't use arduino in order to try it but more sofisticated devices, it's their business and at least you know in advance who they are, where they live and how much it is as cost.
Someone of them even provide samples in the need, so you can verify if they can or can't do the thing.
Please trust me, this is the better way.
Maybe even who claim to be able to do the thing actually let do the job at the sellers that I wrote putting as gain some additional expenses as for his own personal profit.
Educational purpose, arduino and all you want are important and good so no problem if someone want to reach the thing by himself, but please don't waste your time and money.
If even a single person who can do the thing really exist, be sure that he would have already explained how to do or at least clarified the issue, doesn't staying silent or even worse going turn around the thing in order to provide more doubts!

legno75

I changed the cid by PC (not arduino). I found source code from https://github.com/raburton/evoplus_cid and I compiled on Linux Ubuntu. This code is only for sd Samsung evolve plus 32Gb.
My pc have a sd-reader not usb.
On this video you can see how to do.
https://youtu.be/mRSprQBsQ6w

With some modifications maybe you can modify to Arduino.

mikrotron

After many hours of reading and testing i managed to wire an SD-Reader with an Nano and was able to read CID information from SD-Cards using default Arduino SD lib. Calling the "readCID()" sub of the lib did the trick. The struct given as paramter is filled with all necessary information. Iterating through the struct with a byte-casted pointer will give me raw data of CID. I've crawled through the lib sources and found that CMD10 is issued therefore, which seems correct.

Now, at this point i'd like to write CID to an other SD. How is it done in general? As menetioned here, the SD must be put into firmware-mode, which means that the manufacturer is able to firstly program and to lately update the firmware of the containing microcontroller of the card.

I'm pretty shure that this task is different for every manufacturer. Somebody had managed to get this information for Samsung Evo cards (looked through the sources, this is heavy stuff, no something to guess or bruteforce), so this seems the only chance for now?

But when i had this type of card, what should i do to programm it? Could i simply send CMD26 with the structdata read from the other card? So maybe through a second SD-Slot with different CS?

modimo

Since recently there is a method of spoofing CID on the fly. There is this uSD to SD adapter that replaces the CID on the fly. It is available at spoofcid.co

JeezyWonder

I have a chinease cards that allows me to send cmd26, i send it , then get respond then send 16 byte cid thourgh data pin, card answers success, but  cid didnt change.  I doing it by CD MODE. So i think im missing some commands.  According to the guys who changed cid in SAMSUNG EVOS cards, they do:
cmd62 0xEFAC62EC (enter vendor mode)
cmd62 0xEF50 (unlock the backdoor)
cmd17 0x00 (confirm Smart Report after reading Sector 1 at Address 0)
cmd26 0x00 0xFE [16bytes NEW CID] (WRITE_CID+single block write start TOKEN+16byte NEW CID)
cmd62 0x00DECCEE (exit vendor mode)

But i dont know, my card doesnt answer on cmd62 also the message seems strange, all cmds in SD card should be 6 bytes, and here its 5 or 2 bytes send.

nm79

I have a chinease cards that allows me to send cmd26, i send it , then get respond then send 16 byte cid thourgh data pin, card answers success, but  cid didnt change.  I doing it by CD MODE. So i think im missing some commands.  According to the guys who changed cid in SAMSUNG EVOS cards, they do:
cmd62 0xEFAC62EC (enter vendor mode)
cmd62 0xEF50 (unlock the backdoor)
cmd17 0x00 (confirm Smart Report after reading Sector 1 at Address 0)
cmd26 0x00 0xFE [16bytes NEW CID] (WRITE_CID+single block write start TOKEN+16byte NEW CID)
cmd62 0x00DECCEE (exit vendor mode)

But i dont know, my card doesnt answer on cmd62 also the message seems strange, all cmds in SD card should be 6 bytes, and here its 5 or 2 bytes send.
Hi,

Can you tell me what type of chinese card are you using?
Where did you bought them?
I would like to buy some card to test them too....


JeezyWonder

FInally guys after few month, i found a company that selling writeble cid sd cards, but their are sellling them only with the device which can write cid. , if you wants some contact me on pm here or mail me -  jeezywoods@gmail.com

J_3

Hello folks, I'm working hard to make this work:

cmd62 0xEFAC62EC (enter vendor mode)
cmd62 0xEF50 (unlock the backdoor)
cmd17 0x00 (confirm Smart Report after reading Sector 1 at Address 0)
cmd26 0x00 0xFE [16bytes NEW CID] (WRITE_CID+single block write start TOKEN+16byte NEW CID)
cmd62 0x00DECCEE (exit vendor mode)

but no joy, it doesn't work for me.  :(
I have the right cards, I'm sure because with this https://github.com/raburton/evoplus_cid I'm able to change the cid on them all, where am I wrong?
Maybe there is a some sort of typo somewhere in the commands' sequence written by JeezyWonder.
Is there anyone who tried those commands with Arduino, mine is a MEGA 2560, and can confirm that it works?
Cards I own allows answer on cmd62 but then the thing abort with error 04hex (illegal command) while performing cmd26.   >:( 

JeezyWonder

Hello folks, I'm working hard to make this work:

cmd62 0xEFAC62EC (enter vendor mode)
cmd62 0xEF50 (unlock the backdoor)
cmd17 0x00 (confirm Smart Report after reading Sector 1 at Address 0)
cmd26 0x00 0xFE [16bytes NEW CID] (WRITE_CID+single block write start TOKEN+16byte NEW CID)
cmd62 0x00DECCEE (exit vendor mode)

but no joy, it doesn't work for me.  :(
I have the right cards, I'm sure because with this https://github.com/raburton/evoplus_cid I'm able to change the cid on them all, where am I wrong?
Maybe there is a some sort of typo somewhere in the commands' sequence written by JeezyWonder.
Is there anyone who tried those commands with Arduino, mine is a MEGA 2560, and can confirm that it works?
Cards I own allows answer on cmd62 but then the thing abort with error 04hex (illegal command) while performing cmd26.   >:( 
Contact me through PM, bro

orsothebear

#39
Sep 21, 2018, 11:45 am Last Edit: Sep 21, 2018, 11:47 am by orsothebear
I doubt that arduino can do the job, but this would seem to partially succeed on it: https://www.youtube.com/watch?v=ZAe61GZ-52Y
If it's not a joke and it really works, the whole thing can check if the card under test allows the back door or not.
This is interesting because it means that with small changes it would be possible to automate the modification of the cid.
I don't want to be a devil's advocate, but I think it's actually a hoax and it will not work.
Ok this is an arm cortex m3 @72MHz, not a uno or mega, but in my opinion the back door is only usable via sd mode, not spi, and the sd mode protocol in addition to not being documented requires the payment of royalties for its use, it isn't free and documented as the well-known protocol spi.
It's not just a matter of hardware capability, if it supports the sd mode protocol or not, it's that even if the target could be reached then the code couldn't be freely distributed.
For this reason I believe that in reality the thing will not work as shown in the video, but even if it weren't so, the code could not be easily distributed due to the issue of royalties.
I repeat, educational purpose, arduino and all you want are important and good so no problem if someone want to reach the thing by himself, but please don't waste your time and money.
If even a single person who can do the thing really exist, be sure that he would have already explained how to do or at least clarified the issue, doesn't staying silent or even worse going turn around the thing in order to provide more doubts!

zoomx

but in my opinion the back door is only usable via sd mode, not spi, and the sd mode protocol in addition to not being documented requires the payment of royalties for its use, it isn't free and documented as the well-known protocol spi.
If you're talking about sdio mode, it is supported by the sdfat library and it works on Teensy.

orsothebear

If you're talking about sdio mode, it is supported by the sdfat library and it works on Teensy.
I'm not talking about sdio, I'm talking about sd mode.
sdio isn't sd mode at all, sdio requires special cards: https://tinyurl.com/ybh9vqv6
Moreover the sd mode protocol requires the payment of royalties to be used, it isn't free.

zoomx

I'm not talking about sdio, I'm talking about sd mode.
sdio isn't sd mode at all, sdio requires special cards: https://tinyurl.com/ybh9vqv6
Moreover the sd mode protocol requires the payment of royalties to be used, it isn't free.
According to this
https://electronics.stackexchange.com/questions/124234/difference-between-1-bit-4-bit-and-8-bit-sdio
they are the same.

Have you a web page or document that explain this sd mode?

orsothebear

According to this
https://electronics.stackexchange.com/questions/124234/difference-between-1-bit-4-bit-and-8-bit-sdio
they are the same.
From the link you wrote: "...SD mode (sometimes incorrectly called SDIO)..."
Please read the free documentation I linked, there it's clearly indicated that sd mode and sdio are not the same thing.
All the specifications related to that type of products are decided by the sd association (sdca), nobody else, you can trust their documents: sd mode and sdio are two totally different things.



Have you a web page or document that explain this sd mode?
As I already wrote the documentation about sd mode isn't widespread because it's available only to members of the sdca (https://www.sdcard.org).
You must be a member of them to use all the information you want, obviously paying, it's implied.
Only a very small amount of documents in circulation are in the public domain, the remaining part (the most important ones) is paid service for members of the sdca, not free for everyone.
Once one person pays for the information it will be difficult that him want to divulge the content for any reason (free or paid), also because this would entail violation of the terms of the contract signed for the membership and among other things, to use that confidential information it's necessary to pay royalties.
Talking about mmc cards, that it's in topic here since already someone mentions it in this thread, it all depends on jedec-mmca (https://www.jedec.org) and even there you have to pay and be a member to access the information whose use will be restricted by the stipulated contractual conditions exactly as in the case of the sdca.


Go Up