pwn 0.4.477 → 0.4.478
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/bin/pwn_serial_msr206 +27 -78
- data/lib/pwn/plugins/msr206.rb +336 -22
- data/lib/pwn/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '09d06003d8060cade6a56174ce2237cb1d60044e596117e66b8dd882778bc971'
|
4
|
+
data.tar.gz: 00d295054465bae88230fd25606a00c10fe635478300b40409af241e99f20322
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5ddbe9550e2d6ecf8f480fc76ffaa2c44b04db21e53e3d617a7cc562ffa26a34e44db6aaee0ad1972c96533a3f91ecec97a1f8159a797db3e994405a7163904b
|
7
|
+
data.tar.gz: 309fb8124dbf9c76fa24b89b984b32f1e8f11869395e8e95d3bd6ba79f4438ed814475b5329dd0e5f6e660092e5d7f681cb002d4734a3c5f0af0b7a0fe7cd8d2
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.478]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.478]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn_serial_msr206
CHANGED
@@ -75,26 +75,10 @@ begin
|
|
75
75
|
# )
|
76
76
|
# puts exec_resp.inspect
|
77
77
|
|
78
|
-
|
79
|
-
|
80
|
-
# Probably better to split each bit and then evaluate
|
81
|
-
# binary_resp_arr = binary_resp.chars
|
82
|
-
# --------------------------------------------------
|
83
|
-
# Bit|Bit = 0 |Bit = 1
|
84
|
-
# --------------------------------------------------
|
85
|
-
# 0 |Track 1 Read not present |Track 1 Read present
|
86
|
-
# 1 |Track 2 Read not present |Track 2 Read present
|
87
|
-
# 2 |Track 3 Read not present |Track 3 Read present
|
88
|
-
# 3 |not used – should be 0 |not used
|
89
|
-
# 4 |Track 3 Write not present|Track 3 Write present
|
90
|
-
# 5 |Track 2 Write not present|Track 2 Write present
|
91
|
-
# 6 |Track 1 Write not present|Track 1 Write present
|
92
|
-
# 7 |parity bit** |parity bit**
|
93
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
94
|
-
msr206_obj: msr206_obj,
|
95
|
-
cmd: :configuration_request
|
78
|
+
config_hash = PWN::Plugins::MSR206.get_config(
|
79
|
+
msr206_obj: msr206_obj
|
96
80
|
)
|
97
|
-
puts "Configuration
|
81
|
+
puts "Configuration: #{config_hash.inspect}"
|
98
82
|
|
99
83
|
exec_resp = PWN::Plugins::MSR206.exec(
|
100
84
|
msr206_obj: msr206_obj,
|
@@ -114,9 +98,10 @@ begin
|
|
114
98
|
|
115
99
|
puts "\n>> MAIN MENU OPTIONS:"
|
116
100
|
puts '[(R)ead Card]'
|
101
|
+
puts '[(B)ackup Card]'
|
117
102
|
puts '[(C)opy Card]'
|
103
|
+
puts '[(L)oad Card from File]'
|
118
104
|
puts '[(E)dit Card]'
|
119
|
-
puts '[(B)ackup Card]'
|
120
105
|
puts '[(W)arm Reset]'
|
121
106
|
puts '[(Q)uit]'
|
122
107
|
puts menu_msg
|
@@ -126,77 +111,41 @@ begin
|
|
126
111
|
|
127
112
|
case option
|
128
113
|
when :R
|
129
|
-
menu_msg = '
|
114
|
+
menu_msg = 'READ CARD'
|
130
115
|
# Read Card
|
131
116
|
track_data = PWN::Plugins::MSR206.read_card(
|
132
|
-
msr206_obj: msr206_obj
|
133
|
-
|
117
|
+
msr206_obj: msr206_obj
|
118
|
+
)
|
119
|
+
when :B
|
120
|
+
menu_msg = 'BACKUP CARD TO FILE'
|
121
|
+
# Read Card to Backup
|
122
|
+
track_data = PWN::Plugins::MSR206.backup_card(
|
123
|
+
msr206_obj: msr206_obj
|
134
124
|
)
|
135
125
|
when :C
|
136
|
-
menu_msg = '
|
137
|
-
#
|
138
|
-
track_data = PWN::Plugins::MSR206.
|
139
|
-
msr206_obj: msr206_obj
|
140
|
-
|
126
|
+
menu_msg = 'COPY CARD'
|
127
|
+
# Copy Card
|
128
|
+
track_data = PWN::Plugins::MSR206.copy_card(
|
129
|
+
msr206_obj: msr206_obj
|
130
|
+
)
|
131
|
+
when :L
|
132
|
+
menu_msg = 'LOAD FROM FILE'
|
133
|
+
# Read Card to Backup
|
134
|
+
track_data = PWN::Plugins::MSR206.load_card_from_file(
|
135
|
+
msr206_obj: msr206_obj
|
141
136
|
)
|
142
|
-
|
143
|
-
# TODO: Save Original Card Contents
|
144
|
-
# arm_to_write card to clone
|
145
|
-
# read cloned card to verify successful write
|
146
137
|
when :E
|
147
|
-
menu_msg = '
|
138
|
+
menu_msg = 'EDIT'
|
148
139
|
# Read Target Card
|
149
|
-
track_data = PWN::Plugins::MSR206.
|
150
|
-
msr206_obj: msr206_obj
|
151
|
-
type: :arm_to_read
|
140
|
+
track_data = PWN::Plugins::MSR206.edit_card(
|
141
|
+
msr206_obj: msr206_obj
|
152
142
|
)
|
153
143
|
|
154
144
|
# TODO: Save Original Card Contents
|
155
145
|
# arm_to_write card to edit
|
156
146
|
# read edited card to verify successful write
|
157
|
-
when :B
|
158
|
-
menu_msg = 'READY TO BACKUP - PLEASE SWIPE CARD'
|
159
|
-
# Read Card to Backup
|
160
|
-
track_data = PWN::Plugins::MSR206.read_card(
|
161
|
-
msr206_obj: msr206_obj,
|
162
|
-
type: :arm_to_read
|
163
|
-
)
|
164
|
-
|
165
|
-
file = ''
|
166
|
-
backup_msg = ''
|
167
|
-
loop do
|
168
|
-
if backup_msg.empty?
|
169
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
170
|
-
msr206_obj: msr206_obj,
|
171
|
-
cmd: :green_flash
|
172
|
-
)
|
173
|
-
end
|
174
|
-
|
175
|
-
print 'Enter File Name to Save Backup: '
|
176
|
-
file = gets.scrub.chomp.strip
|
177
|
-
file_dir = File.dirname(file)
|
178
|
-
break if Dir.exist?(file_dir)
|
179
|
-
|
180
|
-
backup_msg = "\n****** ERROR: Directory #{file_dir} for #{file} does not exist ******"
|
181
|
-
puts backup_msg
|
182
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
183
|
-
msr206_obj: msr206_obj,
|
184
|
-
cmd: :green_off
|
185
|
-
)
|
186
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
187
|
-
msr206_obj: msr206_obj,
|
188
|
-
cmd: :yellow_flash
|
189
|
-
)
|
190
|
-
end
|
191
|
-
|
192
|
-
File.write(file, "#{track_data.to_json}\n")
|
193
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
194
|
-
msr206_obj: msr206_obj,
|
195
|
-
cmd: :yellow_off
|
196
|
-
)
|
197
|
-
|
198
|
-
puts 'complete.'
|
199
147
|
when :W
|
148
|
+
menu_msg = 'WARM RESET'
|
200
149
|
exec_resp = PWN::Plugins::MSR206.exec(
|
201
150
|
msr206_obj: msr206_obj,
|
202
151
|
cmd: :simulate_power_cycle_warm_reset
|
data/lib/pwn/plugins/msr206.rb
CHANGED
@@ -402,7 +402,7 @@ module PWN
|
|
402
402
|
when '7E'
|
403
403
|
response[:msg] = :command_not_supported_by_hardware
|
404
404
|
else
|
405
|
-
response[:msg] = :
|
405
|
+
response[:msg] = :response
|
406
406
|
end
|
407
407
|
|
408
408
|
next_response_detected = false
|
@@ -410,7 +410,7 @@ module PWN
|
|
410
410
|
keep_parsing_responses = false
|
411
411
|
end
|
412
412
|
|
413
|
-
response[:
|
413
|
+
response[:hex] = raw_byte_arr
|
414
414
|
response[:binary] = binary(raw_byte_arr: raw_byte_arr)
|
415
415
|
response[:decoded] = decode(raw_byte_arr: raw_byte_arr)
|
416
416
|
response
|
@@ -574,16 +574,18 @@ module PWN
|
|
574
574
|
end
|
575
575
|
|
576
576
|
# Supported Method Parameters::
|
577
|
-
# wait_for_swipe(
|
577
|
+
# MSR206.wait_for_swipe(
|
578
578
|
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
579
579
|
# type: 'required - swipe type :arm_to_read || :arm_to_read_w_speed_prompts || :arm_to_write_no_raw || :arm_to_write_with_raw || :arm_to_write_with_raw_speed_prompts',
|
580
|
-
# encoding: required - :iso || :iso_alt || :raw'
|
580
|
+
# encoding: 'required - :iso || :iso_alt || :raw',
|
581
|
+
# track_data: 'optional - track_data to write'
|
581
582
|
# )
|
582
583
|
|
583
584
|
private_class_method def self.wait_for_swipe(opts = {})
|
584
585
|
msr206_obj = opts[:msr206_obj]
|
585
586
|
type = opts[:type].to_s.scrub.strip.chomp.to_sym
|
586
587
|
encoding = opts[:encoding].to_s.scrub.strip.chomp.to_sym
|
588
|
+
track_data = opts[:track_data]
|
587
589
|
|
588
590
|
exec_resp = exec(
|
589
591
|
msr206_obj: msr206_obj,
|
@@ -600,26 +602,26 @@ module PWN
|
|
600
602
|
cmd: :green_on
|
601
603
|
)
|
602
604
|
|
603
|
-
|
604
|
-
msr206_obj: msr206_obj,
|
605
|
-
cmd: type
|
606
|
-
)
|
605
|
+
track_data_arr = []
|
607
606
|
|
608
|
-
|
609
|
-
|
610
|
-
|
607
|
+
case type
|
608
|
+
when :arm_to_read,
|
609
|
+
:arm_to_read_w_speed_prompts
|
610
|
+
|
611
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
611
612
|
msr206_obj: msr206_obj,
|
612
613
|
cmd: type
|
613
614
|
)
|
614
615
|
|
615
|
-
|
616
|
-
|
617
|
-
|
618
|
-
|
616
|
+
print 'Ready to Read. Please Swipe Card Now:'
|
617
|
+
loop do
|
618
|
+
exec_resp = parse_responses(
|
619
|
+
msr206_obj: msr206_obj,
|
620
|
+
cmd: type
|
621
|
+
)
|
619
622
|
|
620
|
-
|
621
|
-
|
622
|
-
:arm_to_read_w_speed_prompts
|
623
|
+
break if exec_resp[:msg] == :ack_command_completed
|
624
|
+
end
|
623
625
|
|
624
626
|
if encoding == :iso
|
625
627
|
cmds_arr = %i[
|
@@ -633,6 +635,7 @@ module PWN
|
|
633
635
|
msr206_obj: msr206_obj,
|
634
636
|
cmd: cmd
|
635
637
|
)
|
638
|
+
exec_resp[:encoding] = encoding
|
636
639
|
puts exec_resp[:decoded]
|
637
640
|
puts exec_resp.inspect
|
638
641
|
track_data_arr.push(exec_resp)
|
@@ -655,6 +658,7 @@ module PWN
|
|
655
658
|
cmd: cmd,
|
656
659
|
params: [param]
|
657
660
|
)
|
661
|
+
exec_resp[:encoding] = encoding
|
658
662
|
puts exec_resp[:decoded]
|
659
663
|
puts exec_resp.inspect
|
660
664
|
track_data_arr.push(exec_resp)
|
@@ -679,6 +683,7 @@ module PWN
|
|
679
683
|
cmd: cmd,
|
680
684
|
params: [param]
|
681
685
|
)
|
686
|
+
exec_resp[:encoding] = encoding
|
682
687
|
puts exec_resp[:decoded]
|
683
688
|
puts exec_resp.inspect
|
684
689
|
track_data_arr.push(exec_resp)
|
@@ -689,6 +694,7 @@ module PWN
|
|
689
694
|
cmd: cmd,
|
690
695
|
params: [0x5f] + [param]
|
691
696
|
)
|
697
|
+
exec_resp[:encoding] = encoding
|
692
698
|
puts exec_resp[:decoded]
|
693
699
|
puts exec_resp.inspect
|
694
700
|
track_data_arr.push(exec_resp)
|
@@ -699,8 +705,86 @@ module PWN
|
|
699
705
|
:arm_to_write_with_raw,
|
700
706
|
:arm_to_write_with_raw_speed_prompts
|
701
707
|
|
702
|
-
|
703
|
-
|
708
|
+
if encoding == :iso
|
709
|
+
cmds_arr = %i[
|
710
|
+
load_iso_std_data_for_writing_track1
|
711
|
+
load_iso_std_data_for_writing_track2
|
712
|
+
load_iso_std_data_for_writing_track3
|
713
|
+
]
|
714
|
+
|
715
|
+
cmds_arr.each_with_index do |cmd, track|
|
716
|
+
puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
717
|
+
this_track = track_data[track][:decoded].chars.map do |c|
|
718
|
+
c.unpack1('H*').to_i(16)
|
719
|
+
end
|
720
|
+
this_track_w_eot = this_track + [0x04]
|
721
|
+
puts this_track_w_eot.inspect
|
722
|
+
exec_resp = exec(
|
723
|
+
msr206_obj: msr206_obj,
|
724
|
+
cmd: cmd,
|
725
|
+
params: this_track_w_eot
|
726
|
+
)
|
727
|
+
exec_resp[:encoding] = encoding
|
728
|
+
puts exec_resp[:decoded]
|
729
|
+
puts exec_resp.inspect
|
730
|
+
track_data_arr.push(exec_resp)
|
731
|
+
end
|
732
|
+
end
|
733
|
+
|
734
|
+
# if encoding == :iso_alt
|
735
|
+
# cmds_arr = %i[
|
736
|
+
# alt_load_iso_std_data_for_writing_track1
|
737
|
+
# alt_load_iso_std_data_for_writing_track2
|
738
|
+
# alt_load_iso_std_data_for_writing_track3
|
739
|
+
# ]
|
740
|
+
|
741
|
+
# cmds_arr.each do |cmd|
|
742
|
+
# puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
743
|
+
# exec_resp = exec(
|
744
|
+
# msr206_obj: msr206_obj,
|
745
|
+
# cmd: cmd
|
746
|
+
# )
|
747
|
+
# exec_resp[:encoding] = encoding
|
748
|
+
# puts exec_resp[:decoded]
|
749
|
+
# puts exec_resp.inspect
|
750
|
+
# track_data_arr.push(exec_resp)
|
751
|
+
# end
|
752
|
+
# end
|
753
|
+
|
754
|
+
# if encoding == :raw
|
755
|
+
# cmds_arr = %i[
|
756
|
+
# load_custom_data_for_writing_track1
|
757
|
+
# load_custom_data_for_writing_track2
|
758
|
+
# load_custom_data_for_writing_track3
|
759
|
+
# ]
|
760
|
+
|
761
|
+
# cmds_arr.each do |cmd|
|
762
|
+
# puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
763
|
+
# exec_resp = exec(
|
764
|
+
# msr206_obj: msr206_obj,
|
765
|
+
# cmd: cmd
|
766
|
+
# )
|
767
|
+
# exec_resp[:encoding] = encoding
|
768
|
+
# puts exec_resp[:decoded]
|
769
|
+
# puts exec_resp.inspect
|
770
|
+
# track_data_arr.push(exec_resp)
|
771
|
+
# end
|
772
|
+
# end
|
773
|
+
|
774
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
775
|
+
msr206_obj: msr206_obj,
|
776
|
+
cmd: type
|
777
|
+
)
|
778
|
+
|
779
|
+
print 'Ready to Write. Please Swipe Card Now:'
|
780
|
+
loop do
|
781
|
+
exec_resp = parse_responses(
|
782
|
+
msr206_obj: msr206_obj,
|
783
|
+
cmd: type
|
784
|
+
)
|
785
|
+
|
786
|
+
break if exec_resp[:msg] == :ack_command_completed
|
787
|
+
end
|
704
788
|
else
|
705
789
|
raise "ERROR Unsupported type in #wait_for_swipe - #{type}"
|
706
790
|
end
|
@@ -718,7 +802,6 @@ module PWN
|
|
718
802
|
# Supported Method Parameters::
|
719
803
|
# PWN::Plugins::MSR206.read_card(
|
720
804
|
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
721
|
-
# type: 'required - swipe type :arm_to_read || :arm_to_read_w_speed_prompts || :arm_to_write_no_raw || :arm_to_write_with_raw || :arm_to_write_with_raw_speed_prompts',
|
722
805
|
# )
|
723
806
|
|
724
807
|
public_class_method def self.read_card(opts = {})
|
@@ -749,9 +832,240 @@ module PWN
|
|
749
832
|
|
750
833
|
wait_for_swipe(
|
751
834
|
msr206_obj: msr206_obj,
|
752
|
-
type:
|
835
|
+
type: :arm_to_read,
|
836
|
+
encoding: encoding
|
837
|
+
)
|
838
|
+
rescue StandardError => e
|
839
|
+
raise e
|
840
|
+
end
|
841
|
+
|
842
|
+
# Supported Method Parameters::
|
843
|
+
# PWN::Plugins::MSR206.backup_card(
|
844
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
845
|
+
# )
|
846
|
+
|
847
|
+
public_class_method def self.backup_card(opts = {})
|
848
|
+
msr206_obj = opts[:msr206_obj]
|
849
|
+
type = opts[:type].to_s.scrub.strip.chomp.to_sym
|
850
|
+
|
851
|
+
# Read Card to Backup
|
852
|
+
track_data = read_card(
|
853
|
+
msr206_obj: msr206_obj
|
854
|
+
)
|
855
|
+
|
856
|
+
file = ''
|
857
|
+
backup_msg = ''
|
858
|
+
loop do
|
859
|
+
if backup_msg.empty?
|
860
|
+
exec_resp = exec(
|
861
|
+
msr206_obj: msr206_obj,
|
862
|
+
cmd: :green_flash
|
863
|
+
)
|
864
|
+
end
|
865
|
+
|
866
|
+
print 'Enter File Name to Save Backup: '
|
867
|
+
file = gets.scrub.chomp.strip
|
868
|
+
file_dir = File.dirname(file)
|
869
|
+
break if Dir.exist?(file_dir)
|
870
|
+
|
871
|
+
backup_msg = "\n****** ERROR: Directory #{file_dir} for #{file} does not exist ******"
|
872
|
+
puts backup_msg
|
873
|
+
exec_resp = exec(
|
874
|
+
msr206_obj: msr206_obj,
|
875
|
+
cmd: :green_off
|
876
|
+
)
|
877
|
+
exec_resp = exec(
|
878
|
+
msr206_obj: msr206_obj,
|
879
|
+
cmd: :yellow_flash
|
880
|
+
)
|
881
|
+
end
|
882
|
+
|
883
|
+
File.write(file, "#{track_data.to_json}\n")
|
884
|
+
exec_resp = exec(
|
885
|
+
msr206_obj: msr206_obj,
|
886
|
+
cmd: :yellow_off
|
887
|
+
)
|
888
|
+
|
889
|
+
puts 'complete.'
|
890
|
+
|
891
|
+
track_data
|
892
|
+
rescue StandardError => e
|
893
|
+
raise e
|
894
|
+
end
|
895
|
+
|
896
|
+
# Supported Method Parameters::
|
897
|
+
# PWN::Plugins::MSR206.copy_card(
|
898
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
899
|
+
# )
|
900
|
+
|
901
|
+
public_class_method def self.copy_card(opts = {})
|
902
|
+
msr206_obj = opts[:msr206_obj]
|
903
|
+
|
904
|
+
# Read Card to Backup
|
905
|
+
track_data = backup_card(
|
906
|
+
msr206_obj: msr206_obj
|
907
|
+
)
|
908
|
+
|
909
|
+
encoding = track_data.first[:encoding] if track_data.length == 3
|
910
|
+
# TODO: Save Original Card Contents
|
911
|
+
track_data = wait_for_swipe(
|
912
|
+
msr206_obj: msr206_obj,
|
913
|
+
type: :arm_to_write_no_raw,
|
914
|
+
encoding: encoding,
|
915
|
+
track_data: track_data
|
916
|
+
)
|
917
|
+
|
918
|
+
puts 'complete.'
|
919
|
+
|
920
|
+
track_data
|
921
|
+
rescue StandardError => e
|
922
|
+
raise e
|
923
|
+
end
|
924
|
+
|
925
|
+
# Supported Method Parameters::
|
926
|
+
# PWN::Plugins::MSR206.load_card_from_file(
|
927
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
928
|
+
# )
|
929
|
+
|
930
|
+
public_class_method def self.load_card_from_file(opts = {})
|
931
|
+
msr206_obj = opts[:msr206_obj]
|
932
|
+
|
933
|
+
file = ''
|
934
|
+
restore_msg = ''
|
935
|
+
loop do
|
936
|
+
if restore_msg.empty?
|
937
|
+
exec_resp = exec(
|
938
|
+
msr206_obj: msr206_obj,
|
939
|
+
cmd: :green_flash
|
940
|
+
)
|
941
|
+
end
|
942
|
+
|
943
|
+
print 'Enter File Name to Restore to Card: '
|
944
|
+
file = gets.scrub.chomp.strip
|
945
|
+
break if File.exist?(file)
|
946
|
+
|
947
|
+
restore_msg = "\n****** ERROR: #{file} does not exist ******"
|
948
|
+
puts restore_msg
|
949
|
+
exec_resp = exec(
|
950
|
+
msr206_obj: msr206_obj,
|
951
|
+
cmd: :green_off
|
952
|
+
)
|
953
|
+
exec_resp = exec(
|
954
|
+
msr206_obj: msr206_obj,
|
955
|
+
cmd: :yellow_flash
|
956
|
+
)
|
957
|
+
end
|
958
|
+
|
959
|
+
track_data = JSON.parse(
|
960
|
+
File.read(file),
|
961
|
+
symbolize_names: true
|
962
|
+
)
|
963
|
+
|
964
|
+
exec_resp = exec(
|
965
|
+
msr206_obj: msr206_obj,
|
966
|
+
cmd: :yellow_off
|
967
|
+
)
|
968
|
+
|
969
|
+
# Read Card from Backup
|
970
|
+
encoding = track_data.first[:encoding] if track_data.length == 3
|
971
|
+
|
972
|
+
# TODO: Save Original Card Contents
|
973
|
+
track_data = wait_for_swipe(
|
974
|
+
msr206_obj: msr206_obj,
|
975
|
+
type: :arm_to_write_no_raw,
|
976
|
+
encoding: encoding,
|
977
|
+
track_data: track_data
|
978
|
+
)
|
979
|
+
|
980
|
+
puts 'complete.'
|
981
|
+
|
982
|
+
track_data
|
983
|
+
rescue StandardError => e
|
984
|
+
raise e
|
985
|
+
end
|
986
|
+
|
987
|
+
# Supported Method Parameters::
|
988
|
+
# PWN::Plugins::MSR206.edit_card(
|
989
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
990
|
+
# )
|
991
|
+
|
992
|
+
public_class_method def self.edit_card(opts = {})
|
993
|
+
msr206_obj = opts[:msr206_obj]
|
994
|
+
|
995
|
+
# Read Card to Backup
|
996
|
+
track_data = backup_card(
|
997
|
+
msr206_obj: msr206_obj
|
998
|
+
)
|
999
|
+
|
1000
|
+
# TODO: Inline Editing
|
1001
|
+
|
1002
|
+
encoding = track_data.first[:encoding] if track_data.length == 3
|
1003
|
+
# TODO: Save Original Card Contents
|
1004
|
+
track_data = wait_for_swipe(
|
1005
|
+
msr206_obj: msr206_obj,
|
1006
|
+
type: :arm_to_write_no_raw,
|
753
1007
|
encoding: encoding
|
754
1008
|
)
|
1009
|
+
|
1010
|
+
puts 'complete.'
|
1011
|
+
|
1012
|
+
track_data
|
1013
|
+
rescue StandardError => e
|
1014
|
+
raise e
|
1015
|
+
end
|
1016
|
+
|
1017
|
+
# Supported Method Parameters::
|
1018
|
+
# PWN::Plugins::MSR206.get_config(
|
1019
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
1020
|
+
# )
|
1021
|
+
|
1022
|
+
public_class_method def self.get_config(opts = {})
|
1023
|
+
msr206_obj = opts[:msr206_obj]
|
1024
|
+
|
1025
|
+
# --------------------------------------------------
|
1026
|
+
# Bit|Bit = 0 |Bit = 1
|
1027
|
+
# --------------------------------------------------
|
1028
|
+
# 0 |Track 1 Read not present |Track 1 Read present
|
1029
|
+
# 1 |Track 2 Read not present |Track 2 Read present
|
1030
|
+
# 2 |Track 3 Read not present |Track 3 Read present
|
1031
|
+
# 3 |not used – should be 0 |not used
|
1032
|
+
# 4 |Track 3 Write not present|Track 3 Write present
|
1033
|
+
# 5 |Track 2 Write not present|Track 2 Write present
|
1034
|
+
# 6 |Track 1 Write not present|Track 1 Write present
|
1035
|
+
# 7 |parity bit** |parity bit**
|
1036
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
1037
|
+
msr206_obj: msr206_obj,
|
1038
|
+
cmd: :configuration_request
|
1039
|
+
)
|
1040
|
+
|
1041
|
+
config_arr = exec_resp[:binary].first.reverse.chars
|
1042
|
+
config_hash = {}
|
1043
|
+
config_arr.each_with_index do |bit_str, i|
|
1044
|
+
bit = bit_str.to_i
|
1045
|
+
config_hash[:track1_read] = false if bit.zero? && i.zero?
|
1046
|
+
config_hash[:track1_read] = true if bit == 1 && i.zero?
|
1047
|
+
|
1048
|
+
config_hash[:track2_read] = false if bit.zero? && i == 1
|
1049
|
+
config_hash[:track2_read] = true if bit == 1 && i == 1
|
1050
|
+
|
1051
|
+
config_hash[:track3_read] = false if bit.zero? && i == 2
|
1052
|
+
config_hash[:track3_read] = true if bit == 1 && i == 2
|
1053
|
+
|
1054
|
+
config_hash[:not_used] if i == 3
|
1055
|
+
|
1056
|
+
config_hash[:track1_write] = false if bit.zero? && i == 4
|
1057
|
+
config_hash[:track1_write] = true if bit == 1 && i == 4
|
1058
|
+
|
1059
|
+
config_hash[:track2_write] = false if bit.zero? && i == 5
|
1060
|
+
config_hash[:track2_write] = true if bit == 1 && i == 5
|
1061
|
+
|
1062
|
+
config_hash[:track3_write] = false if bit.zero? && i == 6
|
1063
|
+
config_hash[:track3_write] = true if bit == 1 && i == 6
|
1064
|
+
|
1065
|
+
config_hash[:parity] = true if bit == 1 && i == 7
|
1066
|
+
end
|
1067
|
+
|
1068
|
+
config_hash
|
755
1069
|
rescue StandardError => e
|
756
1070
|
raise e
|
757
1071
|
end
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.478
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
@@ -310,14 +310,14 @@ dependencies:
|
|
310
310
|
requirements:
|
311
311
|
- - '='
|
312
312
|
- !ruby/object:Gem::Version
|
313
|
-
version: 2.
|
313
|
+
version: 2.4.0
|
314
314
|
type: :runtime
|
315
315
|
prerelease: false
|
316
316
|
version_requirements: !ruby/object:Gem::Requirement
|
317
317
|
requirements:
|
318
318
|
- - '='
|
319
319
|
- !ruby/object:Gem::Version
|
320
|
-
version: 2.
|
320
|
+
version: 2.4.0
|
321
321
|
- !ruby/object:Gem::Dependency
|
322
322
|
name: luhn
|
323
323
|
requirement: !ruby/object:Gem::Requirement
|