When using the hardnested branch with a 1K mifare card, it successfully finds the keys, but the saved dump has zeroed the last block's access conditions. When copying the dump to a blank card, it results in zeroing the access conditions on the new card, making the last block of the card unrecoverable.

Command used:
mfoc -O file.dmp

Last two blocks of the file.dmp:
0000:0380 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
0000:0390 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
0000:03A0 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
0000:03B0 | 2A 2C 13 CC 24 2A FF 07 80 69 FF FF FF FF FF FF | *,.Ì$*ÿ..iÿÿÿÿÿÿ
0000:03C0 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
0000:03D0 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
0000:03E0 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................
0000:03F0 | 2A 2C 13 CC 24 2A 00 00 00 00 FF FF FF FF FF FF | ,.Ì$....ÿÿÿÿÿÿ

Expected last line:
0000:03F0 | 2A 2C 13 CC 24 2A FF 07 80 69 FF FF FF FF FF FF | *,.Ì$*ÿ..iÿÿÿÿÿÿ

As you can see the access conditions (FF 07 80 69) are zero'd out.

This has happened on multiple source cards

Hello,

I tried to reproduce your problem without success (neither 1k or 4k cards).

Could you please share your dump (the correct one) and the full mfoc command you use (to replicate the access patterns with the same data).

Also, the output of nfc-list -v would be useful.

Salu2

Answering by email will show the attached files. I think you need upload them through Github Web.

Also, the nfc-list -v should be done with the NFC tag and the reader.

Salu2

Ah, my bad. Hopefully this works better. Attempting to attache files here.
card-dumps.zip

Output with card:

$ nfc-list -v
nfc-list uses libnfc 1.7.1
NFC device: ACS / ACR122U PICC Interface opened
1 ISO14443A passive target(s) found:
ISO/IEC 14443A (106 kbps) target:

    ATQA (SENS_RES): 00  04  
* UID size: single
* bit frame anticollision supported
       UID (NFCID1): 42  d6  7c  6d  
      SAK (SEL_RES): 08  
* Not compliant with ISO/IEC 14443-4
* Not compliant with ISO/IEC 18092

Fingerprinting based on MIFARE type Identification Procedure:
* MIFARE Classic 1K
* MIFARE Plus (4 Byte UID or 4 Byte RID) 2K, Security level 1

* SmartMX with MIFARE 1K emulation
Other possible matches based on ATQA & SAK values:

0 Felica (212 kbps) passive target(s) found.

0 Felica (424 kbps) passive target(s) found.

0 ISO14443B passive target(s) found.

0 ISO14443B' passive target(s) found.

0 ISO14443B-2 ST SRx passive target(s) found.

0 ISO14443B-2 ASK CTx passive target(s) found.

0 Jewel passive target(s) found.

Hi,

The project moved to https://github.com/nfc-tools/mfoc-hardnested

If you feel that this problem should still be solved, reopen the issue there please. Thank you :)