1. Azel

    Azel GBAtemp Advanced Fan
    Member

    Joined:
    Dec 16, 2014
    Messages:
    630
    Country:
    France
    it's all on @RubyRoid 's website tho :
    1) install the arduino soft, wire the stuff, solder the daughter board, etc etc
    2) get the RFID library
    3) get this https://github.com/konstantin-kelemen/arduino-amiibo-tools
    4) "upload" the dump_amiibo sketch to you arduino, then open the serial monitor, scan the nfc tag you are going to use, and this will give you the UID (under "card UID") (paste you UID in a txt and remove the spaces), close the serial monitor.
    5) go there https://games.kel.mn/amiibo/, paste your UID, and put your retail_key.bin (same for all dumps if I understand correctly) and the amiibo.bin you want to write.
    6) hit start and copy paste the result to the right spot in the write amiibo sketch. (between the brackets), upload that to the arduino and start the serial monitor, you can then put your NTAG215 to be written.
    7) DONE! (close the serial monitor, remove the values you just copy/pasted, don't forget to change the UID in the website, each time to the one of the tag your going to write to (which is unique, pretty much))


    @GraFfiX420 > don't know if anybody is beta testing for him, at least he stated not being open to such requests, looking forward to his soft/any news though^^
     
    Last edited: May 1, 2017
    aleuts likes this.
  2. cybrian

    cybrian GBAtemp Regular
    Member

    Joined:
    Sep 14, 2009
    Messages:
    109
    Country:
    United States
    Conceptually the way it works is that you read the UID (serial number, essentially) of a blank NTAG215 using example code for the RFID module in order to "inject" it into an Amiibo dump, use a website/script/hex editor to decrypt, inject, and reencrypt the dump. Then you paste a hexadecimal representation of the dump into Arduino code that will write it to the first NTAG215 it sees, and allow it to burn your tag. As far as how you actually do that…
    1. Purchase an Arduino (I recommend the Arduino Uno if you're not particularly familiar with Arduino), and an RC522 RFID board, and connect them together the way OP shows in the post. Also get NTAG215 NFC tags (not NTAG216 or any other type). They make them in all sorts of form factors. Some people like the ones that look sort of like a credit card, I purchased ones that are simple round stickers about the size of a US quarter.
    2. Download and install the Arduino IDE, then from the Sketch menu choose Include Library -> Manage Libraries…, search for RFID, and install the latest version of "MFRC522 by GithubCommunity"
    3. Download the Arduino sketches for Amiibo Management from https://games.kel.mn/en/create-amiibo-clones-with-arduino/
    4. In the Arduino IDE, from the File menu choose Examples -> MFRC522 -> DumpInfo and upload the file it opens to your Arduino.
    5. Open Serial Monitor in the Arduino IDE and scan the NTAG215 that you intend to program. It should display something that starts with a line like
      Code:
      Card UID: 04 9B ED F2 48 4D 80
      . Copy that number to the clipboard without any extra spaces around it.
    6. Obtain the retail Amiibo encryption key (search Google for a pastebin that says to use it for encrypting custom Amiibos, and paste the data into a hex editor. Name it key_retail.bin for consistency.)
    7. Obtain an encrypted Amiibo dump for the specific Amiibo you wish to emulate. (Search Google for near-field-communication bank and look around on there).
    8. Go to https://games.kel.mn/amiibo/ and paste the Card UID for the tag you're writing to into the first box
    9. Browse for the Amiibo dump that you made or downloaded in the second box
    10. Browse for key_retail.bin in the third box
    11. Click Submit, you should see a LOT of data that begins with 0x. Select the entire thing and copy it to the clipboard.
    12. Open the Arduino sketch you downloaded in step 3, Write_amiibo.ino. Find the line that says
      Code:
        //    >>> Paste your dump here <<<
      and paste what you got from the website there. It is not case sensitive, but everything else matters, so please copy and paste it so you don't end up wasting a tag. If you write the wrong data to a tag using this program you will not be able to rewrite it. (This goes for any custom Amiibo tags — the rewriteable tags from NaMiio and Datel PowerSaves are an exception as they aren't ordinary NTAG215's). You do not need to remove any of the lines saying to paste your dump or the example dump — those are comments, and will not be written to your tag.
    13. Upload the sketch to your Arduino, open Serial Monitor, place your tag on the RC522, and cross your fingers. When it says it's finished you'll want to test it out, especially if this is the first custom Amiibo. If it works, congratulations. If not, you may have done something wrong.
    EDIT: I was beaten to it.
     
    Last edited: May 1, 2017
    jpx86 and Azel like this.
  3. Azel

    Azel GBAtemp Advanced Fan
    Member

    Joined:
    Dec 16, 2014
    Messages:
    630
    Country:
    France
    You're way more thorough tho ^^
    you might need to set up the arduino on COM5 instead of COM1 too ^^
     
    Last edited: May 1, 2017
  4. RubyRoid

    RubyRoid Member
    Newcomer

    Joined:
    Jan 27, 2014
    Messages:
    22
    Country:
    Cyprus
    Hi, can you send me a PM with UIDs of your failed tags? I'll try to check what could have gone wrong there.

    Thanks!
     
  5. nitrostemp

    nitrostemp GBAtemp Maniac
    Member

    Joined:
    Mar 15, 2009
    Messages:
    1,470
    Country:

    Your guide is good too, quite detailed.
     
    Azel likes this.
  6. cybrian

    cybrian GBAtemp Regular
    Member

    Joined:
    Sep 14, 2009
    Messages:
    109
    Country:
    United States
    Sure, I can probably send you complete dumps of two of them tomorrow. I may have thrown them out, though. Either way I'm not concerned because now it's working perfect.

    By the way, wouldn't it be relatively simple to write an Arduino sketch that accepts a command (either to dump or to receive an Amiibo bin), and then you simply send it the binary bin file (e.g., cat Amiibo.bin > /dev/tty128 or whatever your Arduino shows up as)? Then a companion script could easily get the UID of a scanned tag, decrypt/inject/encrypt an Amiibo dump, send the binary dump over serial to the Arduino to buffer, and it then write it to the tag? I forked your sketches, gonna see if I can make something that does that myself. I figure since Amiitool is open source and has few requirements to compile without any issues on Windows, Linux, and macOS it shouldn't be hard to automate all of this.


    …I mean, I guess that's what the OP of this entire thread is talking about, but who's waiting?
     
    Azel likes this.
  7. nando

    nando GBAtemp Addict
    Member

    Joined:
    Jan 1, 2008
    Messages:
    2,261
    Country:
    United States
    damn, i ordered the arduino kit from amazon thinking it would be faster but it is shipping from china. i should have just ordered from aliexpress instead since it's cheaper.
     
  8. acidenitr0s

    acidenitr0s Newbie
    Newcomer

    Joined:
    May 2, 2017
    Messages:
    6
    Country:
    France
    bonjour , je ne parvient pas a recharger sur le nfc, j'ai sa comme message d'erreur .
    pouvez vous m'aider ?
    Ready to write.
    Writing data into page 3 ...
    F1 10 FF EE
    MIFARE_Write() failed: Timeout in communication.
    Write process failed, please try once more.
    Your tag is still fine, just remove it and put back again in 3 seconds.
    New attempt in 3...2...1...
    Ready to write.

    Merci

    Hello, I can not reboot on the nfc, I have its error message.
    can you help me ?
    Ready to write.
    Writing data into page 3 ...
    F1 10 FF EE
    MIFARE_Write () failed: Timeout in communication.
    Write process failed, please try once more.
    Your tag is still fine, just remove it and put back again in 3 seconds.
    New attempt in 3 ... 2 ... 1 ...
    Ready to write.


    Thank you
     
  9. GraFfiX420

    GraFfiX420 GBAtemp Fan
    Member

    Joined:
    Oct 14, 2009
    Messages:
    447
    Country:
    United States
    I'm not 100% sure but it looks like maybe the lock bit is set on that nfc tag?
     
  10. cybrian

    cybrian GBAtemp Regular
    Member

    Joined:
    Sep 14, 2009
    Messages:
    109
    Country:
    United States
    I also got a similar error with one of the 1KB non-NTAG215 tags my RC522 came with.
     
    GraFfiX420 likes this.
  11. RubyRoid

    RubyRoid Member
    Newcomer

    Joined:
    Jan 27, 2014
    Messages:
    22
    Country:
    Cyprus
    Hi, please show us a dump of your tag. You can use either Dump_Amiibo or Dumpinfo sketches for that purpose.
     
  12. acidenitr0s

    acidenitr0s Newbie
    Newcomer

    Joined:
    May 2, 2017
    Messages:
    6
    Country:
    France
    Hello, thank you for your reply, here is the Dump:
    Bonjour, merci pour vos réponse , voici le Dump :

    Firmware Version: 0x91 = v1.0
    Scan PICC to see UID, SAK, type, and data blocks...
    Card UID: 64 E6 EF B8
    Card SAK: 08
    PICC type: MIFARE 1KB
    Sector Block 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 AccessBits
    15 63 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    62 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    14 59 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    57 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    13 55 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    52 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    12 51 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    49 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    11 47 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    46 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    44 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    10 43 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    9 39 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    36 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    8 35 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    7 31 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    29 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    6 27 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    26 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    5 23 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    4 19 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    3 15 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    2 11 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 0 0 0 ]
    1 7 00 00 00 00 00 00 19 67 8E 00 00 00 00 00 00 00 [ 0 1 1 ]
    6 BA FF FF FF 45 00 00 00 BA FF FF FF 06 F9 06 F9 [ 1 1 0 ] Value=0xFFFFFFBA Adr=0x6
    5 07 00 00 00 F8 FF FF FF 07 00 00 00 05 FA 05 FA [ 1 1 0 ] Value=0x7 Adr=0x5
    4 01 02 03 04 05 06 07 08 08 09 FF 0B 0C 0D 0E 0F [ 0 0 0 ]
    0 3 00 00 00 00 00 00 FF 07 80 69 FF FF FF FF FF FF [ 0 0 1 ]
    2 20 20 20 20 20 20 20 20 20 20 20 20 20 20 42 38 [ 0 0 0 ]
    1 62 61 64 67 65 20 20 20 20 20 20 20 20 20 20 20 [ 0 0 0 ]
    0 64 E6 EF B8 D5 08 04 00 62 63 64 65 66 67 68 69 [ 0 0 0 ]
     
  13. RubyRoid

    RubyRoid Member
    Newcomer

    Joined:
    Jan 27, 2014
    Messages:
    22
    Country:
    Cyprus
    Yep, your tag is not NTAG215. Should add some kind of check to code for this scenario.
     
    Azel likes this.
  14. acidenitr0s

    acidenitr0s Newbie
    Newcomer

    Joined:
    May 2, 2017
    Messages:
    6
    Country:
    France
    désolé , je ne comprend pas , mon badge nfc n'est pas compatible ? ces un ntag216 par exemple ?.
    Sorry, I do not understand, my nfc badge is not compatible? Such as a ntag216 for example.
     
  15. RubyRoid

    RubyRoid Member
    Newcomer

    Joined:
    Jan 27, 2014
    Messages:
    22
    Country:
    Cyprus
    Right, only NTAG215 tags are supported. That's the only kind of tags Nintendo use in Amiibo.
     
  16. GraFfiX420

    GraFfiX420 GBAtemp Fan
    Member

    Joined:
    Oct 14, 2009
    Messages:
    447
    Country:
    United States
    Yeah, I got an ntag card and keyfob with the rf shield, thought I might get lucky and they would be ntag215's, no such luck, they are MIFARE 1kb as well.
     
  17. cybrian

    cybrian GBAtemp Regular
    Member

    Joined:
    Sep 14, 2009
    Messages:
    109
    Country:
    United States
    I'm hoping to fork this to modify it myself, but I can't seem to figure out how to prevent it from locking the tag after burning. I commented out the lines that appear to be writing the lock bytes, but the tags still won't let me write to them a second time.
    Code:
     // Write lock bytes - the last thing you should do.
      // If you write them too early - your tag is wasted.
      // Write the Dynamic Lock Bytes
      byte DynamicLockBlock[]    = {
        0x01, 0x00, 0x0F, 0xBD
      };
      Serial.print(F("Writing Dynamic Lock Bytes into page 130"));
      Serial.println(F(" ..."));
      dump_byte_array(DynamicLockBlock, 4); Serial.println();
      //status = (MFRC522::StatusCode) mfrc522.MIFARE_Ultralight_Write(130, DynamicLockBlock, 4);
      if (status != MFRC522::STATUS_OK) {
        Serial.print(F("MIFARE_Write() failed: "));
        Serial.println(mfrc522.GetStatusCodeName(status));
      }
      Serial.println();
    
      // Now we can write Static Lock Bytes
      byte StaticLockBlock[]    = {
        0x0F, 0xE0, 0x0F, 0xE0
      };
      Serial.print(F("Writing Static Lock Bytes into page 2"));
      Serial.println(F(" ..."));
      dump_byte_array(StaticLockBlock, 4); Serial.println();
      //status = (MFRC522::StatusCode) mfrc522.MIFARE_Ultralight_Write(2, StaticLockBlock, 4);
      if (status != MFRC522::STATUS_OK) {
        Serial.print(F("MIFARE_Write() failed: "));
        Serial.println(mfrc522.GetStatusCodeName(status));
      }
      Serial.println();
    
    Is it part of the Amiibo dump I have in there that's locking the tag?
     
  18. GizmoTheGreen

    GizmoTheGreen GBAtemp Advanced Fan
    Member

    Joined:
    Oct 8, 2009
    Messages:
    800
    Country:
    eitherway it won't work unless you lock them. or do you just want to not lock them while you experiement with the software? I can't help you with the code sorry.
     
    Azel likes this.
  19. Chrushev

    Chrushev GBAtemp Advanced Fan
    Member

    Joined:
    Jul 23, 2013
    Messages:
    591
    Country:
    Serbia, Republic of
    Locking them is part of writing them if you dont lock them they wont be readable. So you have to lock them, no way around it. Unless you use a device that was designed to have a circuit to lock and unlock, so that it can lock while you are using it but then unlock later, this is much more expensive than the standard RFID tag which basically burns a fuse when you lock it. A one time use fuse is much cheaper than a reusable one.
     
    aut0mat3d likes this.
  20. Sliter

    Sliter GBAtemp Psycho!
    Member

    Joined:
    Dec 7, 2013
    Messages:
    3,252
    Country:
    Brazil
    wow how did it stoppend notificating me? I lost a lot of progress here o_o
    still haven't ordered my piecess xp
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - AmiiBomb, [Tools],