Magic Card
Ultimate Magic Card
4B UID S70 4K KeyFob
6-in-1 KeyFob
NTAG 213 215 216
NTAG ISO15693
ISO15693 TAG – 64B
UHF 900MHZ TAG
RFID Reader
PN532 BLE
PcrReader(IC+ID)
iCopy-XS
ISO15693 Reader
UHF Reader
NFCKill Pro
125KHz T5577 Cloner
RFID Emulator
RF Detector
Chameleon Ultra SE
Chameleon Lite
Chameleon Mini 2022
Pixl Amiibo
WiFi Killer
Deauther Watch V2
WiFI Deauther MiNi
LAN Hack
Shark Jack
Packet Squirrel
USB Hack
Plugin
店小秘 PayPal 物流同步
Product Category Banner
YMM Car Bulb Size
Attributes Separator
OpenAI Reviewer
Code
MTools Activation Code
View All
Home
RFID Reader
RFID Apps
Tutorial
iOS
Android
Blog
Tips
Documents
Downloads
Support
How To Use
Chameleon Ultra
Nov
As we know, the iPhone 6 and iPhone 6 Plus are equipped with NFC technology. It is a new technology that allows you to use your iPhone to make payments, share information, and more. But the NFC hardware on iPhone is limited with few features for clients. So we can’t use it to do some interesting things. But we can use it to do some interesting things with the help of some third-party apps and external hardware. In this article, I will introduce how to change the UID of a Chinese magic card on the iPhone with the PN532 NFC module and the MTools Lite Tools.
What is UID?
UID is the abbreviation of Unique Identifier. It is a unique number that is assigned to each NFC tag. The UID bytes of the Chinese magic card is the first 4 bytes in block 0 of sector 0. The 5th byte is the BCC byte of the UID, which comes from the XOR value of the UID.
The type of Chinese magic card
The Chinese magic card stands for the UID changeable Mifare Classic 1K card. There are 3 generations of the Chinese magic card: 1gen, 2gen, and 3gen.
| Generation | Backdoor Command | Support Hardware |
|---|---|---|
| 1gen | Yes | PN532, ACR122U, Proxmark3, iCopy-X |
| 2gen | Yes | Android NFC, PN532, ACR122U, Proxmark3, iCopy-X |
| 3gen | No | Proxmark3, iCopy-X |
PN532-based hardware can change the UID of the 1gen and 2gen Chinese magic card. But the 3gen Chinese magic card can only be changed with the Proxmark3 and iCopy-X.
The hardware
Probably the PN532 BLE is the only RFID Reader for both Android and iOS. It is an NFC module that is based on the PN532 chip. It supports the ISO14443A and ISO14443B protocols. It can be used to read and write the UID of the Chinese magic card. It is also a BLE module, so it can be used to communicate with the iPhone via BLE. The PN532 BLE is a very good choice for the UID change of the Chinese magic card.
Where to buy the PN532 BLE?
You can buy the PN532 BLE from the following links:
How to DIY the PN532 with the BLE module?
We’ve made a tutorial about how to do the PN532 with the BLE module. You can check out the tutorial with the video from the following link:
How to DIY the PN532 with Bluetooth module
The software
MTools Lite app is an Android and iOS app that can be used with the PN532 BLE module to read and write the UID of the Chinese magic card with backdoor command support.
Download the MTools Lite app
You can download the MTools Lite app from the following links:
How to change the UID of a Chinese magic card on the iPhone?
Step 1: Connect the PN532 BLE module to the iPhone
First, you need to connect the PN532 BLE module to the iPhone. You can use the MTools Lite app to connect the PN532 BLE module to the iPhone. The MTools Lite app will search the PN532 BLE module automatically. When the PN532 BLE module is found, you can tap the “Connect” button to connect the PN532 BLE module to the iPhone.
Step 2: Navigate to the “Tool” page and click the “Terminal” button
After the PN532 BLE module is connected to the iPhone, you can navigate to the “Tool” page and click the “Terminal” button to open the terminal page. The terminal page is used to send the backdoor command to the Chinese magic card.
Step 3: Active the reader and Scan the tag
Click the “Power” icon to activate the PN532 Reader. Then you can scan the Chinese magic card. The UID of the Chinese magic card will be displayed on the terminal page.
Step 4: Choose to Customize the UID function
Choose the Customize UID function after clicking the “Auto” icon right to the “Send” button. In the popup dialog, you can input the new UID of the Chinese magic card. Then click the “OK” button to send the backdoor command to the Chinese magic card. Also, the factory bytes of the tag can be changed in the popup dialog. The App does not allow you to change the 5th byte of the UID, which is the BCC byte. The BCC byte will be calculated automatically by the App which will reduce the possibility of the UID change failure. Any failure of the BCC byte will damage the 2gen Chinese magic card. So you should be careful when you change the UID of the 2gen Chinese magic card.
Conclusion
Even the hardware of the iPhone is limited. But we can still use external RFID readers to change the UID of Chinese magic cards on the iPhone. The MTools Lite app not only provides the standard Reading and Writing functions of sectors of Mifare Classic 1K card with Pretty UID, but also the Full APDU command in the terminal tool. You can learn more about the APDU commands of the NFC cards under the ISO14443A protocol from the following link: ISO14443A APDU Commands.
