From 80b1b53fa35b51a05bb8b32cbb9498132e94430b Mon Sep 17 00:00:00 2001
From: iceman1001 <iceman@iuse.se>
Date: Tue, 20 Jan 2015 21:55:19 +0100
Subject: [PATCH] SUGGESTED FIX:

Issue: https://github.com/Proxmark/proxmark3/issues/35
Forum:  http://www.proxmark.org/forum/viewtopic.php?pid=7883#p7883

Where "hf mf csetuid"  empties the rest of the block0 bytes.
This fix loads the old block0 and replaces the uid+sak+ataq bytes only.
---
 client/mifarehost.c | 42 ++++++++++++++++++++++++++++++++----------
 1 file changed, 32 insertions(+), 10 deletions(-)

diff --git a/client/mifarehost.c b/client/mifarehost.c
index d025918d..e62d6260 100644
--- a/client/mifarehost.c
+++ b/client/mifarehost.c
@@ -232,14 +232,27 @@ int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount) {
 // "MAGIC" CARD
 
 int mfCSetUID(uint8_t *uid, uint8_t *oldUID, bool wantWipe) {
+	
+	uint8_t oldblock0[16] = {0x00};
 	uint8_t block0[16] = {0x00};
 	memcpy(block0, uid, 4); 
 	block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // Mifare UID BCC
 	// mifare classic SAK(byte 5) and ATQA(byte 6 and 7)
-	block0[5] = 0x08;
-	block0[6] = 0x04;
-	block0[7] = 0x00;
+	//block0[5] = 0x08;
+	//block0[6] = 0x04;
+	//block0[7] = 0x00;
+	
+	block0[5] = 0x01;  //sak
+	block0[6] = 0x01;
+	block0[7] = 0x0f;
 	
+	int old = mfCGetBlock(0, oldblock0, CSETBLOCK_SINGLE_OPER);
+	if ( old == 0) {
+		memcpy(block0+8, oldblock0+8, 8);
+		PrintAndLog("block 0:  %s", sprint_hex(block0,16));
+	} else {
+		PrintAndLog("Couldn't get olddata. Will write over the last bytes of Block 0.");
+	}
 	return mfCSetBlock(0, block0, oldUID, wantWipe, CSETBLOCK_SINGLE_OPER);
 }
 
@@ -253,8 +266,10 @@ int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, bool wantWipe, uin
   UsbCommand resp;
 	if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
 		isOK  = resp.arg[0] & 0xff;
-		if (uid != NULL) memcpy(uid, resp.d.asBytes, 4);
-		if (!isOK) return 2;
+		if (uid != NULL) 
+			memcpy(uid, resp.d.asBytes, 4);
+		if (!isOK) 
+			return 2;
 	} else {
 		PrintAndLog("Command execute timeout");
 		return 1;
@@ -323,13 +338,16 @@ int isBlockTrailer(int blockN) {
 
 int loadTraceCard(uint8_t *tuid) {
 	FILE * f;
-	char buf[64];
-	uint8_t buf8[64];
+	char buf[64] = {0x00};
+	uint8_t buf8[64] = {0x00};
 	int i, blockNum;
 	
-	if (!isTraceCardEmpty()) saveTraceCard();
+	if (!isTraceCardEmpty()) 
+		saveTraceCard();
+		
 	memset(traceCard, 0x00, 4096);
 	memcpy(traceCard, tuid + 3, 4);
+
 	FillFileNameByUID(traceFileName, tuid, ".eml", 7);
 
 	f = fopen(traceFileName, "r");
@@ -380,10 +398,14 @@ int saveTraceCard(void) {
 
 int mfTraceInit(uint8_t *tuid, uint8_t *atqa, uint8_t sak, bool wantSaveToEmlFile) {
 
-	if (traceCrypto1) crypto1_destroy(traceCrypto1);
+	if (traceCrypto1) 
+		crypto1_destroy(traceCrypto1);
+
 	traceCrypto1 = NULL;
 
-	if (wantSaveToEmlFile) loadTraceCard(tuid);
+	if (wantSaveToEmlFile) 
+		loadTraceCard(tuid);
+		
 	traceCard[4] = traceCard[0] ^ traceCard[1] ^ traceCard[2] ^ traceCard[3];
 	traceCard[5] = sak;
 	memcpy(&traceCard[6], atqa, 2);
-- 
2.39.5