Passa al contingut principal

Make a backup clone of your favourite Skylanders with a mfrc522 and esp8266

 

Nowadays there must not be many parents left who don't know the Skylanders video games, they are present on all consoles (Wii, WiiU, 3DS, Nintendo Switch, PS3, PS4, Xbox 360, Xbox One).

As a brief introduction, these games are based on figurines called Skylanders like the one in the next image.



By placing these Skylanders in the "portal", the digital version will appear in our videogame. In other words, the video game without the figurines are useless.

It is quite common to start with a "starter pack", that is, the videogame, the portal and 3 Skylanders, but it is more than usual that our children end up buying new Skylanders (in fact there are stages of the game that can only be played in if you have the right Skylander).



In addition, the progress of our Skylander, as it is played, is stored in the figure so that if you take it to a friend's house it will keep all its progress.

By the other hand, if a Skylander breaks, we will not only lose a figurine but also our progress stored in the Skylander.

All this suggests that it would be more than advisable to have a backup copy of our Skylander.



If you already have experience with arduino and have an ESP8266 you can do it at a very low cost.

Material

In this tutorial you can see how to make a backup copy of your Skylander using the arduino platform.

The Skylanders figures are actually a 1K Mifare Classic-based RFID device.

The material we need is:

- Wemos D1 Mini, nodeMCU based on ESP8266 or equivalent. Approximate cost about 3€.

- RFID reader based on MFRC522 (cost about 1,5€).

- Mifare classic 1k cards with writeable block 0 (cost about 2€ 5 cards)



It is really important that the card supports writing to block 0 to overwrite the UID, these are also called magic cards or block 0 writeble cards.



I bought these from aliexpress:

Wemos D1 Mine https://es.aliexpress.com/item/4001291931302.html

5 Llaveros RFID https://es.aliexpress.com/item/4000308003273.html

Lector MFRC522 https://es.aliexpress.com/item/4000169236189.html



Total approx. 6.5€



Software

To make the copy we need to have sklylander sklykeys.py to generate the read keys:

https://github.com/elbuit/sklylander

and the mfrc522cli to read and write to the card:

https://github.com/elbuit/mfrc522cli



El process

In order to read a Skylander we need the keys of each sector.

These keys are generated by an algorithm based on the Skylander's UID, for more information see https://nfc.toys/#activision-skylanders.

That's why we first need to obtain this UID.

We will do it with the mfrc522cli through the serial port.

# read uid
Scanned PICC's UID:
86FE46F3

With this UID we can generate the keys with sklykeys.py:

python3 sklykeys.py -u 86FE46F3 -o mfrc522cli
lka 0 4b0b2010XXXX
lka 1 7d803723XXXX
lka 2 5bede370XXXX
lka 3 c8db09d9XXXX
[...]

Now we will be able to read the Skylander.

Firstly we have to load these keys in mfrc522cli:

# clear
> clear
lka 0 4b0b2010XXXX
lka 1 7d803723XXXX
lka 2 5bede370XXXX
lka 3 c8db09d9XXXX
[...]
lka 15 76028cc5XXXX
> lka
OK

Once the keys have been loaded into the mfrc522cli, we can read the contents of our Skylander.

# read card
> read
Read CARD:
OK

If we want to see the content of our Skylander:

# show data

The output on screen can be copied to a file to have a backup copy of our Skylander and its progress up to the moment of the copy.

However, if what we want is a physical copy on another RFID card (remember that it should be a magic card):

# write clone
> write

We bring the card closer to our reader/writer:

Write CARD:
OK



With all this we will now have a working copy of our Skylander.



BONUS TRACK

It is possible that we break our card and make it completely unusable.

Also, when we write trailer blocks that include the access keys we won’t be able to read/write these blocs if we don’t remember the keys or even brick it if access bits are set to write protect.

That is why the mfrc522cli has an option to "repair" a card that is in one of these cases, as long as the card is of the "Magic card" type.

The process is very simple:



fix start
fix trailer

We bring the card closer to our reader/writer:

fix stop

This process will overwrite block 0 and the trailer blocks of each sector and leave them with the default key (FFFFFFFFFFFFFFFFFF).



Enlaces:

https://nfc.toys/workflow-sky.html

https://github.com/nfctoys/nfctoys

https://github.com/elbuit/sklylnader

https://github.com/elbuit/mfrc522cli

https://www.elotrolado.net/hilo_tutorial-clonar-skylanders-todos-los-juegos-con-un-pm3-o-acr122u_2311960 (in spanish)





Etiquetes de comentaris:

Comentaris

Publica un comentari a l'entrada