pwn 0.4.465 → 0.4.468

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0ce80ecfe98017552fc1b5da930b332b64284fa51ae55465fd8774bcdc354a77
-  data.tar.gz: 70880e0ec3b2c750e0c2ac60cd41deaea5aada6bfd191cd9ce21d7a1dd7e7bbf
+  metadata.gz: 98c7c96215e79c7af756b24a758d15c55ee42fddc0822d90350c5476059f5573
+  data.tar.gz: 75ecc6b0534b384612dae50bb7d23143e4e11a5c3a2bddda8fc6f14ea1f8c44e
 SHA512:
-  metadata.gz: 3abe9759400c7cc906788386eb0efe23f0411a93f6ae299ad0f365ba9358c9440fd550d710eec59eba01fc7947e6403f44ce78b408a9a54e4e365fbff76a6140
-  data.tar.gz: a25c91a96cf55c80ba0ba8b3e080ddc1a6a712082a00c3b8fb16869d621f97a693b3220c105e942c1b9b36cc3453cd94fd7d6747f9517a6a0d8bd1244fb9eeee
+  metadata.gz: ee8208c011822cee15ef9d92a564ce3e3027c61dd2f975acb7d154e398b763a1bb820a56d6c56fe6ec63b9c0fbd6bf80528f0a05db6081d2327b831bde5f5bd1
+  data.tar.gz: 747b0b22555e4f75be1b25455bbe07e903e82184bbbd68d67a6981e41c7f8f82173003cd6986e6953b5d3cc3e6fbf70aff3aaacd5f24b33881709c90494e007e

data/Gemfile

@@ -13,12 +13,12 @@ gemspec
 # to review these custom flags (e.g. pg, serialport, etc).
 gem 'activesupport', '7.0.3'
 gem 'anemone', '0.7.2'
-gem 'authy', '3.0.0'
+gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.1.0'
 gem 'bettercap', '1.6.2'
 gem 'brakeman', '5.2.3'
 gem 'bson', '4.15.0'
-gem 'bundler', '>=2.3.14'
+gem 'bundler', '>=2.3.15'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.19.0'
 gem 'colorize', '0.8.1'
@@ -80,4 +80,4 @@ gem 'watir', '7.1.0'
 gem 'waveform', '0.1.2'
 gem 'webrick', '1.7.0'
 gem 'wicked_pdf', '2.6.3'
-gem 'yard', '0.9.27'
+gem 'yard', '0.9.28'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.465]:001 >>> PWN.help
+pwn[v0.4.468]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.465]:001 >>> PWN.help
+pwn[v0.4.468]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_serial_msr206

@@ -3,6 +3,7 @@
 
 require 'pwn'
 require 'optparse'
+require 'json'
 
 opts = {}
 OptionParser.new do |options|
@@ -67,6 +68,27 @@ begin
     cmd: :simulate_power_cycle_warm_reset
   )
 
+  # TODO: Parse Binary Bits to Derive Readable Configuration
+  # e.g. 'Read & Write All Three Tracks' if binary_resp == '11101111'
+  # Probably better to split each bit and then evaluate
+  # binary_resp_arr = binary_resp.chars
+  # --------------------------------------------------
+  # Bit|Bit = 0                  |Bit = 1
+  # --------------------------------------------------
+  # 0  |Track 1 Read not present |Track 1 Read present
+  # 1  |Track 2 Read not present |Track 2 Read present
+  # 2  |Track 3 Read not present |Track 3 Read present
+  # 3  |not used – should be 0   |not used
+  # 4  |Track 3 Write not present|Track 3 Write present
+  # 5  |Track 2 Write not present|Track 2 Write present
+  # 6  |Track 1 Write not present|Track 1 Write present
+  # 7  |parity bit**             |parity bit**
+  exec_resp = PWN::Plugins::MSR206.exec(
+    msr206_obj: msr206_obj,
+    cmd: :configuration_request
+  )
+  puts "Configuration Bits: #{exec_resp[:binary].first}"
+
   exec_resp = PWN::Plugins::MSR206.exec(
     msr206_obj: msr206_obj,
     cmd: :version_report
@@ -79,7 +101,7 @@ begin
     unless menu_msg.include?('ERROR')
       exec_resp = PWN::Plugins::MSR206.exec(
         msr206_obj: msr206_obj,
-        cmd: :yellow_on
+        cmd: :green_flash
       )
     end
 
@@ -99,14 +121,14 @@ begin
     when :R
       menu_msg = 'READY TO READ - PLEASE SWIPE CARD'
       # Read Card
-      PWN::Plugins::MSR206.wait_for_swipe(
+      track_data = PWN::Plugins::MSR206.wait_for_swipe(
         msr206_obj: msr206_obj,
         type: :arm_to_read
       )
     when :C
       menu_msg = 'READY TO COPY - PLEASE SWIPE ORIGINAL CARD'
       # Read Original Card
-      PWN::Plugins::MSR206.wait_for_swipe(
+      track_data = PWN::Plugins::MSR206.wait_for_swipe(
         msr206_obj: msr206_obj,
         type: :arm_to_read
       )
@@ -117,7 +139,7 @@ begin
     when :E
       menu_msg = 'READY TO EDIT - PLEASE SWIPE TARGET CARD'
       # Read Target Card
-      PWN::Plugins::MSR206.wait_for_swipe(
+      track_data = PWN::Plugins::MSR206.wait_for_swipe(
         msr206_obj: msr206_obj,
         type: :arm_to_read
       )
@@ -128,10 +150,40 @@ begin
     when :B
       menu_msg = 'READY TO BACKUP - PLEASE SWIPE CARD'
       # Read Card
-      PWN::Plugins::MSR206.wait_for_swipe(
+      track_data = PWN::Plugins::MSR206.wait_for_swipe(
         msr206_obj: msr206_obj,
         type: :arm_to_read
       )
+      file = ''
+      loop do
+        exec_resp = PWN::Plugins::MSR206.exec(
+          msr206_obj: msr206_obj,
+          cmd: :green_flash
+        )
+
+        print 'Enter File Name to Save Backup: '
+        file = gets.scrub.chomp.strip
+        file_dir = File.dirname(file)
+        break if Dir.exist?(file_dir)
+
+        puts "\nDirectory #{file_dir} for #{file} does not exist."
+        exec_resp = PWN::Plugins::MSR206.exec(
+          msr206_obj: msr206_obj,
+          cmd: :green_off
+        )
+        exec_resp = PWN::Plugins::MSR206.exec(
+          msr206_obj: msr206_obj,
+          cmd: :yellow_flash
+        )
+      end
+
+      File.write(file, "#{track_data.to_json}\n")
+      exec_resp = PWN::Plugins::MSR206.exec(
+        msr206_obj: msr206_obj,
+        cmd: :yellow_off
+      )
+
+      puts 'complete.'
     when :W
       exec_resp = PWN::Plugins::MSR206.exec(
         msr206_obj: msr206_obj,
@@ -144,12 +196,12 @@ begin
       menu_msg = '****** ERROR: Invalid Menu Option Selected ******'
       exec_resp = PWN::Plugins::MSR206.exec(
         msr206_obj: msr206_obj,
-        cmd: :yellow_off
+        cmd: :green_off
       )
 
       exec_resp = PWN::Plugins::MSR206.exec(
         msr206_obj: msr206_obj,
-        cmd: :red_flash
+        cmd: :yellow_flash
       )
     end
   end

data/lib/pwn/plugins/msr206.rb

@@ -308,6 +308,26 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # parsed_cmd_resp_arr = binary(
+      #   raw_byte_arr: 'required - raw_byte_arr produced in #parse_responses'
+      # )
+
+      private_class_method def self.binary(opts = {})
+        raw_byte_arr = opts[:raw_byte_arr]
+
+        binary_byte_arr = []
+        if raw_byte_arr
+          raw_byte_arr.first.split.each do |byte_str|
+            binary_byte_arr.push([byte_str].pack('H*').unpack1('B*').reverse)
+          end
+        end
+
+        binary_byte_arr
+      rescue StandardError => e
+        raise e
+      end
+
       # Supported Method Parameters::
       # parsed_cmd_resp_arr = parse_responses(
       #   cmd_resp: 'required - command response string'
@@ -342,31 +362,31 @@ module PWN
           end
 
           case cmd_resp
-          when '21'
+          when '21', 'A1'
             response[:msg] = :invalid_command
-          when '28'
+          when '28', 'A8'
             response[:msg] = :card_speed_measurement_start
-          when '29'
+          when '29', 'A9'
             response[:msg] = :card_speed_measurement_end
-          when '2A'
+          when '2A', 'AA'
             response[:msg] = :error
-          when '2B'
+          when '2B', 'AB'
             response[:msg] = :no_data_found
-          when '2D'
+          when '2D', 'AD'
             response[:msg] = :insufficient_leading_zeros_for_custom_writing
-          when '2F'
+          when '2F', 'AF'
             response[:msg] = :first_lsb_char_not_one_for_custom_writing
-          when '3A'
-            response[:msg] = :power_on_report
-          when '31'
+          when '31', 'B1'
             response[:msg] = :unsuccessful_read_after_write_track1
-          when '32'
+          when '32', 'B2'
             response[:msg] = :unsuccessful_read_after_write_track2
-          when '33'
+          when '33', 'B3'
             response[:msg] = :unsuccessful_read_after_write_track3
-          when '3E'
+          when '3A', 'BA'
+            response[:msg] = :power_on_report
+          when '3E', 'BE'
             response[:msg] = :card_edge_detected
-          when '3F'
+          when '3F', 'BF'
             response[:msg] = :communications_error
           when '5E'
             response[:msg] = :ack_command_completed
@@ -382,6 +402,7 @@ module PWN
         end
 
         response[:raw] = raw_byte_arr
+        response[:binary] = binary(raw_byte_arr: raw_byte_arr)
         response[:decoded] = decode(raw_byte_arr: raw_byte_arr)
         response
       rescue StandardError => e
@@ -534,6 +555,7 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::MSR206.wait_for_swipe(
       #   msr206_obj: 'required - msr206_obj returned from #connect method'
+      #   type: 'required - swipe type'
       # )
 
       public_class_method def self.wait_for_swipe(opts = {})
@@ -549,6 +571,8 @@ module PWN
 
         raise "ERROR Unsupported type in #wait_for_swipe - #{type}. Valid types:\n#{types_arr}" unless types_arr.include?(type)
 
+        track_data = {}
+
         exec_resp = exec(
           msr206_obj: msr206_obj,
           cmd: :red_off
@@ -584,57 +608,64 @@ module PWN
           break if exec_resp[:msg] == :ack_command_completed
         end
 
-        puts "*** ISO Track Format: Standard #{'*' * 17}"
+        puts "\n*** ISO Track Format: Standard #{'*' * 17}"
         print 'TRACK 1 >>> '
         exec_resp = exec(
           msr206_obj: msr206_obj,
-          cmd: :tx_iso_std_data_track1,
-          params: [0x31]
+          cmd: :tx_iso_std_data_track1
         )
         puts exec_resp[:decoded]
         puts exec_resp.inspect
-
-        # print ">> Track 1 (ALT DATA)\n"
-        # exec_resp = exec(
-        #   msr206_obj: msr206_obj,
-        #   cmd: :alt_tx_iso_std_data_track1,
-        #   params: [0x31]
-        # )
-        # puts exec_resp.inspect
+        track_data[:track1] = exec_resp
+
+        # (1..3).each do |n|
+        #   print ">> Track 1 (ALT DATA) ISO Track Format: #{n}\n"
+        #   exec_resp = exec(
+        #     msr206_obj: msr206_obj,
+        #     cmd: :alt_tx_iso_std_data_track1,
+        #     params: [n.to_s]
+        #   )
+        #   puts exec_resp.inspect
+        # end
 
         print "\nTRACK 2 >>> "
         exec_resp = exec(
           msr206_obj: msr206_obj,
-          cmd: :tx_iso_std_data_track2,
-          params: [0x32]
+          cmd: :tx_iso_std_data_track2
         )
         puts exec_resp[:decoded]
         puts exec_resp.inspect
-
-        # print ">> Track 2 (ALT DATA)\n"
-        # exec_resp = exec(
-        #   msr206_obj: msr206_obj,
-        #   cmd: :alt_tx_iso_std_data_track2,
-        #   params: [0x32]
-        # )
-        # puts exec_resp.inspect
+        track_data[:track2] = exec_resp
+
+        # (1..3).each do |n|
+        #   print ">> Track 2 (ALT DATA) ISO Track Format: #{n}\n"
+        #   exec_resp = exec(
+        #     msr206_obj: msr206_obj,
+        #     cmd: :alt_tx_iso_std_data_track2,
+        #     params: [n.to_s]
+        #   )
+        #   puts exec_resp.inspect
+        # end
 
         print "\nTRACK 3 >>> "
         exec_resp = exec(
           msr206_obj: msr206_obj,
-          cmd: :tx_iso_std_data_track3,
-          params: [0x33]
+          cmd: :tx_iso_std_data_track3
         )
         puts exec_resp[:decoded]
         puts exec_resp.inspect
-
-        # print ">> Track 3 (ALT DATA)\n"
-        # exec_resp = exec(
-        #   msr206_obj: msr206_obj,
-        #   cmd: :alt_tx_iso_std_data_track3,
-        #   params: [0x33]
-        # )
-        # puts exec_resp.inspect
+        track_data[:track3] = exec_resp
+
+        # (1..3).each do |n|
+        #   print ">> Track 3 (ALT DATA) ISO Track Format: #{n}\n"
+        #   exec_resp = exec(
+        #     msr206_obj: msr206_obj,
+        #     cmd: :alt_tx_iso_std_data_track3,
+        #     params: [n.to_s]
+        #   )
+        #   puts exec_resp.inspect
+        # end
+        track_data
       rescue StandardError => e
         raise e
       ensure

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.465'
+  VERSION = '0.4.468'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.465
+  version: 0.4.468
 platform: ruby
 authors:
 - 0day Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-05-27 00:00:00.000000000 Z
+date: 2022-06-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 3.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 3.0.1
 - !ruby/object:Gem::Dependency
   name: aws-sdk
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.3.14
+        version: 2.3.15
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.3.14
+        version: 2.3.15
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -968,14 +968,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.9.27
+        version: 0.9.28
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.9.27
+        version: 0.9.28
 description: https://github.com/0dayinc/pwn/README.md
 email:
 - request.pentest@0dayinc.com
@@ -1972,7 +1972,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.14
+rubygems_version: 3.3.15
 signing_key: 
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond