Oh my mistake, I thought the questionable command also appeared during reads. Can you potentially send the write command multiple times to the same card in the same session? In other words, if you send a write command, over and over until you send the reply OK command? If so, I'm wondering if you can just use that same write session to test on the same card before end of card write.
I haven't done any write tests with my own code yet. It appears that the game will initiate the authentication procedure at the beginning of read/write, even multiple times in the same session. One of the commands may be an end command, requiring authentication to read/write again. There are some commands that get the same reply, regardless of card:
CMD: 02 07 D1 00 00 00 28 03 FD - unknown command - always same reply no matter which card
ACK: 02 07 D1 63 30 30 0A 03 BC
CMD:02 07 D1 00 00 00 F7 03 22 - unknown command - always same reply no matter which card
ACK:02 07 D1 63 30 30 0A 03 BC
CMD:02 07 D1 00 00 00 48 03 9D - unknown command - always same reply no matter which card
ACK:02 08 D1 63 30 30 1A 40 03 E3
CMD:02 07 D1 00 00 00 38 03 ED - unknown command - always same reply no matter which card
ACK:02 07 D1 63 30 30 0A 03 BC
The nice thing about an emulator, though, is if it's always the same ACK for a given CMD, I don't actually have to know what it means if it isn't impacting data that is read or written. I just need the game to see an expected ACK so that it won't error out.
It's those variable ACKs I'm not sure of, which could end up complicating this.
From the perspective of using a script to write to the cards, that gets a little tricky. I was thinking I would just use the authentication commands found in the logs for the given card I want to blank out. I have no idea how the game is reading the ID and generating an authentication code. It's probably some kind of algorithm I won't be able to figure out, so I will only be able to rewrite cards where I can see logs to get the auth code, which is fine for my purposes, but I likley won't be able to release any kind of useful script that others could use.
Examples:
ID code - Generated Authentication Code
80 51 F6 6B - 9B A4 5D FF
81 2C 63 BC - 98 58 25 EE
80 48 70 82 - 48 77 B6 04
81 42 41 48 - 5B 54 C4 04