Menu
Internal SD Card Information. Serial number /downloading code. The serial number is printed in. Change CID Number /easy method/ - Duration. Raspberry PI Clone SD Card in Windows - Duration.
My recent post on how to on a Samsung Evo Plus SD card has generated some interest, but also a number of people who are having problems with it. I thought it was worth posting an update with some extra information. First off, I suspect some people who are struggling have fake cards – there are a lot out there and some of them look pretty convincing. Others have suggested different hardware / firmware revisions might be an issue – quite possible but I have no way of knowing (all my Evo Plus cards work, so I can’t can’t compare against ones that don’t). I can see no reason why different phones etc.
Would give different results – as long as it’s a proper SD controller (not a USB mass storage adapter) then sending the command should work just fine. Fake cards These are very common and if you google for fake Samsung cards you’ll find lots of info on how to spot them. A few tip I’ve picked up along the way:. Packaging quality – the image should be well printed, in high resolution and good bit depth on the colours (some fakes looks like they’ve been converted down to 256 colours). The gloss overlay over the printed areas should align with the printing below them, if it’s offset that’s a bad sign. Packaging info – the product information should be correct and match the card.
I had one fake that incorrectly stated a 32gb card was SDXC on the pack instead of SDHC, the card itself had SDHC printed on it. The correct size should also be printed on the packet. Look up the UPC from the barcode on the back and make sure that matches the product and size of your card. Hologram, with scratch-to-reveal verification code. The real ones have them (recent ones at least), fakes might but probably don’t. All of mine have, but oddly enough when I tried to check one on the Samsung China website I didn’t get anywhere with the verification code, the site was in Chinese though so I might have been doing something wrong.
The card – lots of subtle details to check. Smooth back, not lumpy showing circuit parts beneath the surface. Black on the back, white on the edges. Slight bevel on the contact side, to help insertion. Correct info printed on the card. Correct font, especially for the capacity digits, some fakes don’t use the correct slim font.
Text on the back is printed so it is read with the card contacts end pointing upward. Mine are made in the Philippines but this is probably not the only place so don’t get hung up on this. Card CID – check it and compare to working ones. See below Card CID An example of the CID on one of my cards: 1b 534d 10 98625deb 0102 a1.
Your card CID should be very similar. The manufacturer ID should be 1b, followed by an application/OEM ID of 534d. The product name is (5 x ASCII ‘0’). The product revision is 10 (1.0). The next 8 hex characters (98625deb) are the SD card serial number, yours will be different!
The manufacturing date is next (0102, or 0 10 2), where the first digit is ignored, the next pair is the year in hex since 2000 and the last digit is the month in hex. So this is February (2) 2016 (2000 + 0x10). I also have March 2016 (0103) cards that work fine. Last is the checksum (a1) which will be different on your card.
I doubt many of the fakes have properly set Samsung CIDs so hopefully this is an easy way to tell. My cards / System Samsung Evo Plus 32gb. Model: MB-MC32D. Model code: MB-MC32D/CN. Purchased from on AliExpress.
I am not affiliated with the seller and get no referral commission from this link. I also cannot guarantee that you’ll get working or even genuine cards, but I have purchased on two occasions from this seller and the cards have been genuine and worked with evopluscid. I have used evopluscid on a Samsung Galaxy Tab 2 (10 inch, wifi model, p5110). The tablet is running CyanogenMod 13 unofficial from. Evopluscid I’ve made a couple of updates to evopluscid. If you supply a full 32 digit CID (and don’t apply a serial number modifier) it will be written as is without recalculation of the checksum.
This was requested by a user for cards that apparently always had a checksum of 00. Although, I’ve got a laptop that always displays 00 for the checksum when showing the CID, so I wonder now if his cards really did need that! I’ve fixed a bug when compiling on 64bit Linux that could prevent the CID being written. I’ve also fixed a bug causing the displayed CID to include some extra ‘FF’s. Dear Richard, some great work here. I’ve tried help everywhere but not getting none for now. To me is happening this: In raspberry PI: desktop:/usr/local/src/evopluscid/jni#./evopluscid /dev/mmcblk0 5d384712750a9e2f0117bf Writing new CID: 5d384712750a9e2f0117bf Success!
Remove and reinsert SD card to check new CID. However cid keeps always the initial one. In SM-T561, Galaxy Tab E, when try to execute./evopluscid.c get./evopluscid.c11: syntax error: ‘(‘ unexpected.
And when try to gcc evopluscid.c -o evopluscid android says already compiled. Also read about some mmc32 and mmc64 that I believe is another code to do the job. But can’t find it. I’m using a EVO card MB-MP64D Any thoughts? Thanks Richard. I’m noob but I suspected that, so was trying to compile evopluscid.c in android with CppDroid ? without success.
But no one explain that simple thing anywhere “the compiled binary file to android is libs/armabi folder. So now everybody who reads this will Know. My card is mmc1:59b4.
So I believe it wont works anyway. Read this somewhere “if you have an entry with eg. “mmc0: 59b4″, you can stop or test another microSD card”. However I will keep trying just because. In tabE, when mount, or df only see dev/block/vold/179:129 not “/ dev / mmcblk.
Do you believe TabE is incompatible? Sorry poor English. Thanks again for trying to teach us. Dear Richard, I bought a 100% genuine EVO Plus 64gb from Korea. ( I made the necessary write/ read speed tests, and the test that detemines the real capacity. Everything seems to be fine with the card). I know that your trick works mostly with the earlier made cards (earlier than 2017), and my card was manufactured in Nov 2017, but I want to make sure, that I didn’t make anything wrong during the porcess.
I did everything as you described, but after I had given the command “find /sys -name cid -print, there was nothing shown on the console! I use an older laptop with an integrated SD card reader, but after the “mount” command is given, my result is different from the expected one.
It looks like “/dev/sdbk1” or something like that, and not “/dev/ mmcblk0.” Although I couldn’t get the CID Number, I tried the ”./evopluscid ” command, and got the following result: Failed to enter vendor mode. Genuine Samsung Evo Plus? May it be that there is something wrong with the SD card reader, or it’s more likely that the card is not suitable for the action? Is there any other way to try it on a smartphone, or can you recommend me a place where I can find a card, that probably wil work?
I promised my firend to help him in this issue, because he is 38% disabled, but he has to travel a lot with his parents! Many thanks for your help! It’s against the specification for the cid to be writeable. There is a command in the specification for writing it, but this is obviously intended to be single use only, during manufacturing. While there may well be a backdoor in many sd cards, allowing them the cid to be rewritten by some method, this must be undocumented or the card doesn’t meet the spec (technically having the capability at all, even if it is hidden, means it doesn’t meet the spec, but no one would know). Anyway, my point is it’s unlikely that any branded cards are known to be exploitable (Samsung is the only one I know that has been and they fixed that pretty quickly) and certainly they aren’t going to put the tools to do it on their public website.
If there are tools available the easiest way to get one might be to buy the card you mentioned. On the other hand they might just have a key gen for the nav system and send you a key file/code for your card for an update, not actually modify the cid at all.
Let me know if you find any more out. I think the best bet is cheap cards from China. You can buy them from ali with any cid set from lots of sellers. I assume that these can be easily set with some dodgy Chinese software if you can find it (a bit like all the tools you can get for fiddling with the controllers on usb memory sticks). Wenth through all of internet because my navigation sd card started “dying” – throws card errors and sometimes did not even show up in pc.
I managet to get an image of the card and also, got card info on my linux laptop, since this image did not work in my car. The strange part starts now: On Linux laptop I get different last bit of CID than i see in TomTom home software. Tomtom:AB997100C405 LinuxPC:ab997100c401 Since I cannot change CID (did not find any Samsung card that would work the way I need) I decided to order 3 cards from China (seller was king enough to accept compromise of MOQ) and give seller CID to program to these cards. I will have 3 spare cards and no stress of loosing a card or dying card.
The problem ir – which CID I should give the seller? I am not a good programmer – just a sysadmin with a cheap french car and I did not wish to purchase new card from Renault for 260€.
Anyone has experience with correctness of laptop card readers and CID? It’s no possible to force a specific CRC since it depend on the whole previous 15 bytes being it the CRC7 polynomial of them. By writing/rewriting the CID on the card the sixteenth byte, the CRC, doesn’t matter, since the result only depend on the previous 15 bytes, them are that do the CID. The microprocessor contained in the controller inside the card is the only responsible for calculating the CRC7 based on the 15 bytes which precede, nothing and no one can force that value unless the controller firmware has been specially rewritten. Some have it, some don’t, so in order to read the actual whole CID, CRC included, it’s better acces the card via SPI using appropriate devices, not Android nor Linux. Hi, i try to change cid but i have little problem 1.
It say ‘s to me ioctl: Connection timed out Unlock command failed. If i repeat command then unlock command failed. Repeat again then Failed to enter vendor mode.
Genuine Samsung Evo Plus? So what is wrong? All information about card is here Samsung evoplus 32gb oot@ubuntu:/Desktop/evopluscid/jni#./evopluscid /dev/mmcblk0 744a454e2f412020106c6d77470104c3 Unlock command failed. Root@ubuntu:/Desktop/evopluscid/jni#./evopluscid /dev/mmcblk0 744a454e2f412020106c6d77470104c3 Failed to enter vendor mode. Genuine Samsung Evo Plus?
Root@ubuntu:/Desktop/evopluscid/jni#./evopluscid /dev/mmcblk0 744a454e2f412020106c6d77470104c3 Failed to enter vendor mode. Genuine Samsung Evo Plus? Root@ubuntu:/Desktop/evopluscid/jni# cat /sys/block/mmcblk0/device/cid 1b503010829b5d02010b01 root@ubuntu:/Desktop/evopluscid/jni# ls -l /sys/block grep mmc lrwxrwxrwx 1 root root 0 Dec 17 20:43 mmcblk0 -./devices/pci00:00:1c.3/0000:04:00.0/rtsxpcisdmmc.0/mmchost/mmc0/mmc0:0001/block/mmcblk0 root@ubuntu:/Desktop/evopluscid/jni#. Hi snoopy, from what I can understand by reading the code evopluscid works by issuing the follow commands: cmd62 0xEFAC62EC (enter vendor mode) cmd62 0xEF50 (unlock the backdoor) cmd17 0x00 (confirm Smart Report after reading Sector 1 at Address 0) cmd26 0x00 0xFE 16bytes NEW CID (WRITECID+single block write start TOKEN+16byte NEW CID) cmd62 0x00DECCEE (exit vendor mode) Despite Richard surely knows the code he wrote it’s weird that he has failed using the Arduino. The only reason I can think of is that the operation should be carried out in SD mode, don’t in normal 2-wires/4-wires SPI protocol. For what I know the SD protocol is not released to the public, you have to pay royalties to use it legally, so even if you could get some working code for Arduino you may not publish or share it easily. In my opinion a simple way to settle the issue it could be to analyze the data bus with a logic analyzer.
Simply you need the right Samsung card and a computer where evopluscid works properly, clip the logic analyzer and acquire the data bus meanwhile it is running. May be that you need a pretty fast logic analyzer and anyway it’s not said that you can easily replicate the acquired sequence using the Arduino. Hi SinWolf, in my opinion what Richard wrote it’s correct. I have some Android devices as well some Linux computers which fail to read CRC even considernig that it’s composed by 8bit of which the last one have to be always 1. As already stated the last bit in CRC byte wrote MSB first is always “1”, “00” is due some misreading of the real one.
In fact at least one bit, the LSB, is always “1” so the CRC can’t be “00”! As Richard said by changing the card’s cid using evopluscid what will be written is exactly what you input regardless, so doesn’t matter if then the device read it wrong. In order to be sure of the true cid it’s better to directly access the card via SPI rather than use Android or Linux, unless the device you are using for sure can retrieve the cid of the card in the right way. The cid you wrote like input for evopluscid is exactly the same you have in the card, unless there has been some mistake, but in that case the program itself would have warned the user.
For the 15 bytes 5d4d31013917ca530104h cid you wrote the correct CRC is 59h, it can’t be 00h! I’ve verified by re-calculating and ultimately it is 59h undoubtedly, in no way it can be wrong!
So totally it can’t be “00”, it’s 59h for sure! Hi rolf2, the CRC calculated by evopluscid is definitely right, no way.
In my opinion the problem you have is only due the way hardware retrieve the CRC. In order to be sure to get the right one it’s better acces the card directly via SPI, not via computer’s hardware, not even if PCI bus based. Richard’s software surely does the job in the correct way, doesn’t matter the CRC you can read via PC’s hardware.
If you send only 30 caracters (15bytes) evopluscid will calculate the correct CRC by itself. Please, though, explains better what you mean by “SD card duplicator” and exactly how you retrieve the CRC.
If you want write here the new cid you intend to use and I will calculate for you its correct CRC, just to ensure that there are no other problems. So, Hi everybody, I take back my guenuine Samsung Evo+ 32 Go to the shop and i take a Samsung Evo+ 64 Go.and now, the writing process was sucessful. I will try on the RNS315 soon. I think that effectively the backdoor on some Samsung Evo+ 32 Go is closed by the manufacturer. Another thing, yous must format the Samsung Evo+ 64 Go in FAT32 and i do that with a MacBook Air because you cannot do that with Windows.
Windows have just two possibilities, NTFS or ExtFat wich is not recognised by UBUNTu. Thanks for all and i hope that my feedback will help others. Hi menn0, surely you can try so, I guess it will work fine. In my opinion that is only due the way hardware retrieve the CRC. In order to be sure to get the right one it’s better acces the card directly via SPI, not via computer’s hardware, not even if PCI bus based.
Richard’s software surely does the job in the correct way, doesn’t matter the CRC you can read via PC’s hardware. If you send only 30 caracters (15bytes) evopluscid will calculate the correct CRC by itself. Since you wrote /mmc progcid /dev/mmcblk0 I wonder what tool it is and where take it. Hi simon666, Also mine are 0001 but this time I don’t agree with Richard because some cards recognized as 59b4 are working the same like 0001’s and their cid can be changed in the same way. In most cases the 0001 always work (not only “evo+” type), but also among 59b4 (not only “evo+” type) there are some that work the same way. It doesn’t matter really, though the cards that are working not only allow for cmd62 but also for the specific backdoor. Your card answer “Success!
Remove and re-insert card to check CID” but the CID has not changed because it allows for cmd62 but doesn’t for the specific backdoor. Hi simon666, the crc in the cid you’ve got is indeed wrong, it can’t be “00”. The real one is b5h, so the whole real cid is 1b5030100a8d55cc0107b5, don’t 1b5030100a8d55cc010700. Ok for manufacture date as July 2016.
My two cards are of April 2016 and April 2013. May be your isn’t the good one, may be they have fixed the issue even if I don’t think so. More simply that’s not the lucky card, you need a substitute for.
I know 64evo+ always work, you could try one of them. Also some Verbatim SD. Would be great to find a standard card (not HC) that works.
Hi laerseon, as already stated the last bit in CRC byte wrote MSB first is always “1”, “00” is due some misreading of the real one: due the fact that at least one bit, the LSB, is always “1” the CRC can’t be “00”. Anyway I can confirm that despite what could show the device you are using for, the cid you wrote like input for evopluscid is exactly the same you have in the card, unless there has been some mistake, but in that case the program itself would have warned the user. By default CRC isn’t active in SPI mode unless it’s forced on by CMD59. In order to be sure of the real content of the cid the better way is to acces the card via SPI. Hi laerseon, in my opinion what Richard wrote it’s correct. I can confirm his statements. I have some Android devices as well some Linux computers which fail to read CRC even considernig that it’s composed by 8bit of which the last one have to be always 1.
Anyway by changing the card’s cid using evopluscid what will be wrote is exactly what you input regardless, so doesn’t matter if then the device read it wrong. In order to be sure of the true cid it’s better to directly access the card via SPI rather than use Android or Linux, unless the device you are using for surely can retrieve the cid of the card in the right way. Could be that raspberry can’t read the true cid of the card. One last thing.
Which raspberry model are you using? Due raspberry has a single microsd card slot, are you sure it’s safe change the cid directly on the OS mass memory storage? Hi laerseon, ok, I undertand. In my opinion thats could not be so safe, though.
For me isn’t somebody can change the CRC from “00” to another value, it’s that the real one can’t be “00”. Anyway I confirm that despite what you can then read from the device you are using for, the cid that you input in evopluscid is exactly the same that you have inserted, doesn’t matter what you are seeing which it’s depending from the hardware you are using. In order to be sure of the true value of the cid the better way is to access the card via SPI.
Hi Richard, great job!, well done! For me it works on 32GB Samsung EVO+ 04/2016 and 16GB Samsung uSDHC 04/2013. I’ve used Linux Fedora. I wonder if it can be successfully used on not HC cards (size below 4GB).
I believe with Samsung’s 2GB cards marked using blu screenprinted capacity it could work, though I have to find that kind of card. Thank you for the sharing! @Sanchez “When I try change CID of these 16 and 32 GB cards, evopluscid return success, but CID is not changed.” Hi, in my opinion that cards allow for CMD62 but manufacturer porpouse for them is different or their cid backdoor set is so.