pwn 0.4.477 → 0.4.480
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/README.md +2 -2
- data/bin/pwn_perimeter_recon +2 -2
- data/bin/pwn_serial_msr206 +27 -78
- data/bin/pwn_shodan_search +1 -1
- data/lib/pwn/plugins/msr206.rb +401 -22
- data/lib/pwn/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1745701a8f5d6aaca6159fc1a05fbc82fe547bc7e410215af1b69ca013d4e98d
|
4
|
+
data.tar.gz: de67baa326728cbf3add2ef72498263fbf8d813e079e42e0c0af166a27b2a492
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e06d7f528cdadd19f7941bae1682dff378a39388425caa5d29cabe0a3e297b1ce89678a31d1c5a0917c8af194e9bc0eaa0164e6c2fbea167f47d6f6911d1e893
|
7
|
+
data.tar.gz: 64385168c97cada272ce1e3049367901952090070513a6d0e6196d6b9be0a2e2b4aeacfc58833c47a62653b1b9e5f4a1cdee33fcbf25890435010a962ace48fc
|
data/Gemfile
CHANGED
@@ -33,12 +33,12 @@ gem 'ipaddress', '0.8.3'
|
|
33
33
|
gem 'js-beautify', '0.1.8'
|
34
34
|
gem 'json', '2.6.2'
|
35
35
|
gem 'jsonpath', '1.1.2'
|
36
|
-
gem 'jwt', '2.
|
36
|
+
gem 'jwt', '2.4.0'
|
37
37
|
gem 'luhn', '1.0.2'
|
38
38
|
gem 'mail', '2.7.1'
|
39
39
|
gem 'mongo', '2.17.1'
|
40
40
|
gem 'msfrpc-client', '1.1.2'
|
41
|
-
gem 'net-ldap', '0.17.
|
41
|
+
gem 'net-ldap', '0.17.1'
|
42
42
|
gem 'net-openvpn', '0.8.7'
|
43
43
|
gem 'net-smtp', '0.3.1'
|
44
44
|
gem 'nexpose', '7.3.0'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.480]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.480]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn_perimeter_recon
CHANGED
@@ -130,7 +130,7 @@ def invoke_burp(opts = {})
|
|
130
130
|
)
|
131
131
|
|
132
132
|
File.open(json_results, 'w') do |f|
|
133
|
-
f.puts scan_issues_hash
|
133
|
+
f.puts JSON.pretty_generate(scan_issues_hash)
|
134
134
|
end
|
135
135
|
puts "#{@green}complete.#{@end_of_color}\n\n\n"
|
136
136
|
|
@@ -190,7 +190,7 @@ unless ipinfo.nil?
|
|
190
190
|
|
191
191
|
ipinfo_struc = PWN::Plugins::IPInfo.get(ip_or_host: ipinfo_target)
|
192
192
|
File.open(ipinfo_json_results, 'w') do |f|
|
193
|
-
f.puts ipinfo_struc
|
193
|
+
f.puts JSON.pretty_generate(ipinfo_struc)
|
194
194
|
end
|
195
195
|
end
|
196
196
|
end
|
data/bin/pwn_serial_msr206
CHANGED
@@ -75,26 +75,10 @@ begin
|
|
75
75
|
# )
|
76
76
|
# puts exec_resp.inspect
|
77
77
|
|
78
|
-
|
79
|
-
|
80
|
-
# Probably better to split each bit and then evaluate
|
81
|
-
# binary_resp_arr = binary_resp.chars
|
82
|
-
# --------------------------------------------------
|
83
|
-
# Bit|Bit = 0 |Bit = 1
|
84
|
-
# --------------------------------------------------
|
85
|
-
# 0 |Track 1 Read not present |Track 1 Read present
|
86
|
-
# 1 |Track 2 Read not present |Track 2 Read present
|
87
|
-
# 2 |Track 3 Read not present |Track 3 Read present
|
88
|
-
# 3 |not used – should be 0 |not used
|
89
|
-
# 4 |Track 3 Write not present|Track 3 Write present
|
90
|
-
# 5 |Track 2 Write not present|Track 2 Write present
|
91
|
-
# 6 |Track 1 Write not present|Track 1 Write present
|
92
|
-
# 7 |parity bit** |parity bit**
|
93
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
94
|
-
msr206_obj: msr206_obj,
|
95
|
-
cmd: :configuration_request
|
78
|
+
config_hash = PWN::Plugins::MSR206.get_config(
|
79
|
+
msr206_obj: msr206_obj
|
96
80
|
)
|
97
|
-
puts "Configuration
|
81
|
+
puts "Configuration: #{config_hash.inspect}"
|
98
82
|
|
99
83
|
exec_resp = PWN::Plugins::MSR206.exec(
|
100
84
|
msr206_obj: msr206_obj,
|
@@ -114,9 +98,10 @@ begin
|
|
114
98
|
|
115
99
|
puts "\n>> MAIN MENU OPTIONS:"
|
116
100
|
puts '[(R)ead Card]'
|
101
|
+
puts '[(B)ackup Card]'
|
117
102
|
puts '[(C)opy Card]'
|
103
|
+
puts '[(L)oad Card from File]'
|
118
104
|
puts '[(E)dit Card]'
|
119
|
-
puts '[(B)ackup Card]'
|
120
105
|
puts '[(W)arm Reset]'
|
121
106
|
puts '[(Q)uit]'
|
122
107
|
puts menu_msg
|
@@ -126,77 +111,41 @@ begin
|
|
126
111
|
|
127
112
|
case option
|
128
113
|
when :R
|
129
|
-
menu_msg = '
|
114
|
+
menu_msg = 'READ CARD'
|
130
115
|
# Read Card
|
131
116
|
track_data = PWN::Plugins::MSR206.read_card(
|
132
|
-
msr206_obj: msr206_obj
|
133
|
-
|
117
|
+
msr206_obj: msr206_obj
|
118
|
+
)
|
119
|
+
when :B
|
120
|
+
menu_msg = 'BACKUP CARD TO FILE'
|
121
|
+
# Read Card to Backup
|
122
|
+
track_data = PWN::Plugins::MSR206.backup_card(
|
123
|
+
msr206_obj: msr206_obj
|
134
124
|
)
|
135
125
|
when :C
|
136
|
-
menu_msg = '
|
137
|
-
#
|
138
|
-
track_data = PWN::Plugins::MSR206.
|
139
|
-
msr206_obj: msr206_obj
|
140
|
-
|
126
|
+
menu_msg = 'COPY CARD'
|
127
|
+
# Copy Card
|
128
|
+
track_data = PWN::Plugins::MSR206.copy_card(
|
129
|
+
msr206_obj: msr206_obj
|
130
|
+
)
|
131
|
+
when :L
|
132
|
+
menu_msg = 'LOAD FROM FILE'
|
133
|
+
# Read Card to Backup
|
134
|
+
track_data = PWN::Plugins::MSR206.load_card_from_file(
|
135
|
+
msr206_obj: msr206_obj
|
141
136
|
)
|
142
|
-
|
143
|
-
# TODO: Save Original Card Contents
|
144
|
-
# arm_to_write card to clone
|
145
|
-
# read cloned card to verify successful write
|
146
137
|
when :E
|
147
|
-
menu_msg = '
|
138
|
+
menu_msg = 'EDIT'
|
148
139
|
# Read Target Card
|
149
|
-
track_data = PWN::Plugins::MSR206.
|
150
|
-
msr206_obj: msr206_obj
|
151
|
-
type: :arm_to_read
|
140
|
+
track_data = PWN::Plugins::MSR206.edit_card(
|
141
|
+
msr206_obj: msr206_obj
|
152
142
|
)
|
153
143
|
|
154
144
|
# TODO: Save Original Card Contents
|
155
145
|
# arm_to_write card to edit
|
156
146
|
# read edited card to verify successful write
|
157
|
-
when :B
|
158
|
-
menu_msg = 'READY TO BACKUP - PLEASE SWIPE CARD'
|
159
|
-
# Read Card to Backup
|
160
|
-
track_data = PWN::Plugins::MSR206.read_card(
|
161
|
-
msr206_obj: msr206_obj,
|
162
|
-
type: :arm_to_read
|
163
|
-
)
|
164
|
-
|
165
|
-
file = ''
|
166
|
-
backup_msg = ''
|
167
|
-
loop do
|
168
|
-
if backup_msg.empty?
|
169
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
170
|
-
msr206_obj: msr206_obj,
|
171
|
-
cmd: :green_flash
|
172
|
-
)
|
173
|
-
end
|
174
|
-
|
175
|
-
print 'Enter File Name to Save Backup: '
|
176
|
-
file = gets.scrub.chomp.strip
|
177
|
-
file_dir = File.dirname(file)
|
178
|
-
break if Dir.exist?(file_dir)
|
179
|
-
|
180
|
-
backup_msg = "\n****** ERROR: Directory #{file_dir} for #{file} does not exist ******"
|
181
|
-
puts backup_msg
|
182
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
183
|
-
msr206_obj: msr206_obj,
|
184
|
-
cmd: :green_off
|
185
|
-
)
|
186
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
187
|
-
msr206_obj: msr206_obj,
|
188
|
-
cmd: :yellow_flash
|
189
|
-
)
|
190
|
-
end
|
191
|
-
|
192
|
-
File.write(file, "#{track_data.to_json}\n")
|
193
|
-
exec_resp = PWN::Plugins::MSR206.exec(
|
194
|
-
msr206_obj: msr206_obj,
|
195
|
-
cmd: :yellow_off
|
196
|
-
)
|
197
|
-
|
198
|
-
puts 'complete.'
|
199
147
|
when :W
|
148
|
+
menu_msg = 'WARM RESET'
|
200
149
|
exec_resp = PWN::Plugins::MSR206.exec(
|
201
150
|
msr206_obj: msr206_obj,
|
202
151
|
cmd: :simulate_power_cycle_warm_reset
|
data/bin/pwn_shodan_search
CHANGED
data/lib/pwn/plugins/msr206.rb
CHANGED
@@ -106,6 +106,7 @@ module PWN
|
|
106
106
|
decoded_data_str = ''
|
107
107
|
if raw_byte_arr
|
108
108
|
raw_byte_arr.first.split.each do |byte_str|
|
109
|
+
# TODO: Different case statements for each parity
|
109
110
|
case byte_str
|
110
111
|
when '1B'
|
111
112
|
decoded_data_str += ''
|
@@ -402,7 +403,7 @@ module PWN
|
|
402
403
|
when '7E'
|
403
404
|
response[:msg] = :command_not_supported_by_hardware
|
404
405
|
else
|
405
|
-
response[:msg] = :
|
406
|
+
response[:msg] = :response
|
406
407
|
end
|
407
408
|
|
408
409
|
next_response_detected = false
|
@@ -410,7 +411,7 @@ module PWN
|
|
410
411
|
keep_parsing_responses = false
|
411
412
|
end
|
412
413
|
|
413
|
-
response[:
|
414
|
+
response[:hex] = raw_byte_arr
|
414
415
|
response[:binary] = binary(raw_byte_arr: raw_byte_arr)
|
415
416
|
response[:decoded] = decode(raw_byte_arr: raw_byte_arr)
|
416
417
|
response
|
@@ -574,16 +575,18 @@ module PWN
|
|
574
575
|
end
|
575
576
|
|
576
577
|
# Supported Method Parameters::
|
577
|
-
# wait_for_swipe(
|
578
|
+
# MSR206.wait_for_swipe(
|
578
579
|
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
579
580
|
# type: 'required - swipe type :arm_to_read || :arm_to_read_w_speed_prompts || :arm_to_write_no_raw || :arm_to_write_with_raw || :arm_to_write_with_raw_speed_prompts',
|
580
|
-
# encoding: required - :iso || :iso_alt || :raw'
|
581
|
+
# encoding: 'required - :iso || :iso_alt || :raw',
|
582
|
+
# track_data: 'optional - track_data to write'
|
581
583
|
# )
|
582
584
|
|
583
585
|
private_class_method def self.wait_for_swipe(opts = {})
|
584
586
|
msr206_obj = opts[:msr206_obj]
|
585
587
|
type = opts[:type].to_s.scrub.strip.chomp.to_sym
|
586
588
|
encoding = opts[:encoding].to_s.scrub.strip.chomp.to_sym
|
589
|
+
track_data = opts[:track_data]
|
587
590
|
|
588
591
|
exec_resp = exec(
|
589
592
|
msr206_obj: msr206_obj,
|
@@ -600,26 +603,28 @@ module PWN
|
|
600
603
|
cmd: :green_on
|
601
604
|
)
|
602
605
|
|
603
|
-
|
604
|
-
msr206_obj: msr206_obj,
|
605
|
-
cmd: type
|
606
|
-
)
|
606
|
+
track_data_arr = []
|
607
607
|
|
608
|
-
|
609
|
-
|
610
|
-
|
608
|
+
case type
|
609
|
+
when :arm_to_read,
|
610
|
+
:arm_to_read_w_speed_prompts
|
611
|
+
|
612
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
611
613
|
msr206_obj: msr206_obj,
|
612
614
|
cmd: type
|
613
615
|
)
|
616
|
+
puts exec_resp.inspect
|
614
617
|
|
615
|
-
|
616
|
-
|
617
|
-
|
618
|
-
|
618
|
+
print 'Ready to Read. Please Swipe Card Now:'
|
619
|
+
loop do
|
620
|
+
exec_resp = parse_responses(
|
621
|
+
msr206_obj: msr206_obj,
|
622
|
+
cmd: type
|
623
|
+
)
|
619
624
|
|
620
|
-
|
621
|
-
|
622
|
-
|
625
|
+
puts exec_resp[:msg]
|
626
|
+
break if exec_resp[:msg] == :ack_command_completed
|
627
|
+
end
|
623
628
|
|
624
629
|
if encoding == :iso
|
625
630
|
cmds_arr = %i[
|
@@ -633,6 +638,7 @@ module PWN
|
|
633
638
|
msr206_obj: msr206_obj,
|
634
639
|
cmd: cmd
|
635
640
|
)
|
641
|
+
exec_resp[:encoding] = encoding
|
636
642
|
puts exec_resp[:decoded]
|
637
643
|
puts exec_resp.inspect
|
638
644
|
track_data_arr.push(exec_resp)
|
@@ -655,6 +661,7 @@ module PWN
|
|
655
661
|
cmd: cmd,
|
656
662
|
params: [param]
|
657
663
|
)
|
664
|
+
exec_resp[:encoding] = encoding
|
658
665
|
puts exec_resp[:decoded]
|
659
666
|
puts exec_resp.inspect
|
660
667
|
track_data_arr.push(exec_resp)
|
@@ -679,6 +686,7 @@ module PWN
|
|
679
686
|
cmd: cmd,
|
680
687
|
params: [param]
|
681
688
|
)
|
689
|
+
exec_resp[:encoding] = encoding
|
682
690
|
puts exec_resp[:decoded]
|
683
691
|
puts exec_resp.inspect
|
684
692
|
track_data_arr.push(exec_resp)
|
@@ -689,6 +697,7 @@ module PWN
|
|
689
697
|
cmd: cmd,
|
690
698
|
params: [0x5f] + [param]
|
691
699
|
)
|
700
|
+
exec_resp[:encoding] = encoding
|
692
701
|
puts exec_resp[:decoded]
|
693
702
|
puts exec_resp.inspect
|
694
703
|
track_data_arr.push(exec_resp)
|
@@ -699,8 +708,89 @@ module PWN
|
|
699
708
|
:arm_to_write_with_raw,
|
700
709
|
:arm_to_write_with_raw_speed_prompts
|
701
710
|
|
702
|
-
|
703
|
-
|
711
|
+
if encoding == :iso
|
712
|
+
cmds_arr = %i[
|
713
|
+
load_iso_std_data_for_writing_track1
|
714
|
+
load_iso_std_data_for_writing_track2
|
715
|
+
load_iso_std_data_for_writing_track3
|
716
|
+
]
|
717
|
+
|
718
|
+
cmds_arr.each_with_index do |cmd, track|
|
719
|
+
puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
720
|
+
puts track_data[track][:decoded]
|
721
|
+
next if track_data[track][:decoded] == '+'
|
722
|
+
|
723
|
+
this_track = track_data[track][:decoded].chars.map do |c|
|
724
|
+
c.unpack1('H*').to_i(16)
|
725
|
+
end
|
726
|
+
this_track_w_eot = this_track + [0x04]
|
727
|
+
puts this_track_w_eot.inspect
|
728
|
+
exec_resp = exec(
|
729
|
+
msr206_obj: msr206_obj,
|
730
|
+
cmd: cmd,
|
731
|
+
params: this_track_w_eot
|
732
|
+
)
|
733
|
+
exec_resp[:encoding] = encoding
|
734
|
+
puts exec_resp.inspect
|
735
|
+
track_data_arr.push(exec_resp)
|
736
|
+
end
|
737
|
+
end
|
738
|
+
|
739
|
+
# if encoding == :iso_alt
|
740
|
+
# cmds_arr = %i[
|
741
|
+
# alt_load_iso_std_data_for_writing_track1
|
742
|
+
# alt_load_iso_std_data_for_writing_track2
|
743
|
+
# alt_load_iso_std_data_for_writing_track3
|
744
|
+
# ]
|
745
|
+
|
746
|
+
# cmds_arr.each do |cmd|
|
747
|
+
# puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
748
|
+
# exec_resp = exec(
|
749
|
+
# msr206_obj: msr206_obj,
|
750
|
+
# cmd: cmd
|
751
|
+
# )
|
752
|
+
# exec_resp[:encoding] = encoding
|
753
|
+
# puts exec_resp[:decoded]
|
754
|
+
# puts exec_resp.inspect
|
755
|
+
# track_data_arr.push(exec_resp)
|
756
|
+
# end
|
757
|
+
# end
|
758
|
+
|
759
|
+
# if encoding == :raw
|
760
|
+
# cmds_arr = %i[
|
761
|
+
# load_custom_data_for_writing_track1
|
762
|
+
# load_custom_data_for_writing_track2
|
763
|
+
# load_custom_data_for_writing_track3
|
764
|
+
# ]
|
765
|
+
|
766
|
+
# cmds_arr.each do |cmd|
|
767
|
+
# puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
768
|
+
# exec_resp = exec(
|
769
|
+
# msr206_obj: msr206_obj,
|
770
|
+
# cmd: cmd
|
771
|
+
# )
|
772
|
+
# exec_resp[:encoding] = encoding
|
773
|
+
# puts exec_resp[:decoded]
|
774
|
+
# puts exec_resp.inspect
|
775
|
+
# track_data_arr.push(exec_resp)
|
776
|
+
# end
|
777
|
+
# end
|
778
|
+
|
779
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
780
|
+
msr206_obj: msr206_obj,
|
781
|
+
cmd: type
|
782
|
+
)
|
783
|
+
puts exec_resp.inspect
|
784
|
+
|
785
|
+
print 'Ready to Write. Please Swipe Card Now:'
|
786
|
+
loop do
|
787
|
+
exec_resp = parse_responses(
|
788
|
+
msr206_obj: msr206_obj,
|
789
|
+
cmd: type
|
790
|
+
)
|
791
|
+
|
792
|
+
break if exec_resp[:msg] == :ack_command_completed
|
793
|
+
end
|
704
794
|
else
|
705
795
|
raise "ERROR Unsupported type in #wait_for_swipe - #{type}"
|
706
796
|
end
|
@@ -718,7 +808,6 @@ module PWN
|
|
718
808
|
# Supported Method Parameters::
|
719
809
|
# PWN::Plugins::MSR206.read_card(
|
720
810
|
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
721
|
-
# type: 'required - swipe type :arm_to_read || :arm_to_read_w_speed_prompts || :arm_to_write_no_raw || :arm_to_write_with_raw || :arm_to_write_with_raw_speed_prompts',
|
722
811
|
# )
|
723
812
|
|
724
813
|
public_class_method def self.read_card(opts = {})
|
@@ -749,13 +838,303 @@ module PWN
|
|
749
838
|
|
750
839
|
wait_for_swipe(
|
751
840
|
msr206_obj: msr206_obj,
|
752
|
-
type:
|
841
|
+
type: :arm_to_read,
|
753
842
|
encoding: encoding
|
754
843
|
)
|
755
844
|
rescue StandardError => e
|
756
845
|
raise e
|
757
846
|
end
|
758
847
|
|
848
|
+
# Supported Method Parameters::
|
849
|
+
# PWN::Plugins::MSR206.backup_card(
|
850
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
851
|
+
# )
|
852
|
+
|
853
|
+
public_class_method def self.backup_card(opts = {})
|
854
|
+
msr206_obj = opts[:msr206_obj]
|
855
|
+
type = opts[:type].to_s.scrub.strip.chomp.to_sym
|
856
|
+
|
857
|
+
# Read Card to Backup
|
858
|
+
track_data = read_card(
|
859
|
+
msr206_obj: msr206_obj
|
860
|
+
)
|
861
|
+
|
862
|
+
file = ''
|
863
|
+
backup_msg = ''
|
864
|
+
loop do
|
865
|
+
if backup_msg.empty?
|
866
|
+
exec_resp = exec(
|
867
|
+
msr206_obj: msr206_obj,
|
868
|
+
cmd: :green_flash
|
869
|
+
)
|
870
|
+
end
|
871
|
+
|
872
|
+
print 'Enter File Name to Save Backup: '
|
873
|
+
file = gets.scrub.chomp.strip
|
874
|
+
file_dir = File.dirname(file)
|
875
|
+
break if Dir.exist?(file_dir)
|
876
|
+
|
877
|
+
backup_msg = "\n****** ERROR: Directory #{file_dir} for #{file} does not exist ******"
|
878
|
+
puts backup_msg
|
879
|
+
exec_resp = exec(
|
880
|
+
msr206_obj: msr206_obj,
|
881
|
+
cmd: :green_off
|
882
|
+
)
|
883
|
+
exec_resp = exec(
|
884
|
+
msr206_obj: msr206_obj,
|
885
|
+
cmd: :yellow_flash
|
886
|
+
)
|
887
|
+
end
|
888
|
+
|
889
|
+
File.write(file, "#{JSON.pretty_generate(track_data)}\n")
|
890
|
+
exec_resp = exec(
|
891
|
+
msr206_obj: msr206_obj,
|
892
|
+
cmd: :yellow_off
|
893
|
+
)
|
894
|
+
|
895
|
+
track_data
|
896
|
+
rescue StandardError => e
|
897
|
+
raise e
|
898
|
+
end
|
899
|
+
|
900
|
+
# Supported Method Parameters::
|
901
|
+
# PWN::Plugins::MSR206.write_card(
|
902
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method',
|
903
|
+
# encoding: 'required - :iso || :alt_iso || :raw',
|
904
|
+
# track_data: 'requred - track data to write (see #backup_card for structure)'
|
905
|
+
# )
|
906
|
+
|
907
|
+
public_class_method def self.write_card(opts = {})
|
908
|
+
msr206_obj = opts[:msr206_obj]
|
909
|
+
encoding = opts[:encoding].to_s.scrub.strip.chomp.to_sym
|
910
|
+
track_data = opts[:track_data]
|
911
|
+
|
912
|
+
puts 'IN ORDER TO GET BLANK TRACKS, A STRONG MAGNETIC FIELD MUST BE PRESENT TO FIRST WIPE THE CARD TARGETED FOR WRITING.'
|
913
|
+
# puts 'Default Write Current:'
|
914
|
+
# exec_resp = exec(
|
915
|
+
# msr206_obj: msr206_obj,
|
916
|
+
# cmd: :view_default_write_current
|
917
|
+
# )
|
918
|
+
# puts exec_resp.inspect
|
919
|
+
|
920
|
+
# puts 'Temporary Write Current:'
|
921
|
+
# exec_resp = exec(
|
922
|
+
# msr206_obj: msr206_obj,
|
923
|
+
# cmd: :view_temp_write_current
|
924
|
+
# )
|
925
|
+
# puts exec_resp.inspect
|
926
|
+
|
927
|
+
coercivity = :waiting_for_selection
|
928
|
+
loop do
|
929
|
+
puts "\nCOERCIVITY OPTIONS:"
|
930
|
+
puts '[(H)igh (Black Stripe)]'
|
931
|
+
puts '[(L)ow (Brown Stripe)]'
|
932
|
+
print 'COERCIVITY LEVEL >>> '
|
933
|
+
coercivity_choice = gets.scrub.chomp.strip.upcase.to_sym
|
934
|
+
|
935
|
+
# Write Current Settings vs. Media Coercivties
|
936
|
+
# Media Coercivity (Oersteds)|Write Current Setting*|Typical Usage
|
937
|
+
# 300 |36 |Low coercivity
|
938
|
+
# 600 | |
|
939
|
+
# 1800 | |
|
940
|
+
# 3600+ |255 |Typical high corcivity
|
941
|
+
|
942
|
+
case coercivity_choice
|
943
|
+
when :H
|
944
|
+
coercivity = [0x32, 0x35, 0x35]
|
945
|
+
break
|
946
|
+
when :L
|
947
|
+
coercivity = [0x30, 0x33, 0x36]
|
948
|
+
break
|
949
|
+
end
|
950
|
+
end
|
951
|
+
|
952
|
+
exec_resp = exec(
|
953
|
+
msr206_obj: msr206_obj,
|
954
|
+
cmd: :set_temp_write_current,
|
955
|
+
params: coercivity
|
956
|
+
)
|
957
|
+
|
958
|
+
track_data = wait_for_swipe(
|
959
|
+
msr206_obj: msr206_obj,
|
960
|
+
type: :arm_to_write_no_raw,
|
961
|
+
encoding: encoding,
|
962
|
+
track_data: track_data
|
963
|
+
)
|
964
|
+
|
965
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
966
|
+
msr206_obj: msr206_obj,
|
967
|
+
cmd: :simulate_power_cycle_warm_reset
|
968
|
+
)
|
969
|
+
|
970
|
+
track_data
|
971
|
+
rescue StandardError => e
|
972
|
+
raise e
|
973
|
+
end
|
974
|
+
|
975
|
+
# Supported Method Parameters::
|
976
|
+
# PWN::Plugins::MSR206.copy_card(
|
977
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
978
|
+
# )
|
979
|
+
|
980
|
+
public_class_method def self.copy_card(opts = {})
|
981
|
+
msr206_obj = opts[:msr206_obj]
|
982
|
+
|
983
|
+
# Read Card to Backup
|
984
|
+
track_data = backup_card(
|
985
|
+
msr206_obj: msr206_obj
|
986
|
+
)
|
987
|
+
|
988
|
+
encoding = track_data.first[:encoding] if track_data.length == 3
|
989
|
+
# TODO: Save Original Card Contents
|
990
|
+
write_card(
|
991
|
+
msr206_obj: msr206_obj,
|
992
|
+
encoding: encoding,
|
993
|
+
track_data: track_data
|
994
|
+
)
|
995
|
+
rescue StandardError => e
|
996
|
+
raise e
|
997
|
+
end
|
998
|
+
|
999
|
+
# Supported Method Parameters::
|
1000
|
+
# PWN::Plugins::MSR206.load_card_from_file(
|
1001
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
1002
|
+
# )
|
1003
|
+
|
1004
|
+
public_class_method def self.load_card_from_file(opts = {})
|
1005
|
+
msr206_obj = opts[:msr206_obj]
|
1006
|
+
|
1007
|
+
file = ''
|
1008
|
+
restore_msg = ''
|
1009
|
+
loop do
|
1010
|
+
if restore_msg.empty?
|
1011
|
+
exec_resp = exec(
|
1012
|
+
msr206_obj: msr206_obj,
|
1013
|
+
cmd: :green_flash
|
1014
|
+
)
|
1015
|
+
end
|
1016
|
+
|
1017
|
+
print 'Enter File Name to Restore to Card: '
|
1018
|
+
file = gets.scrub.chomp.strip
|
1019
|
+
break if File.exist?(file)
|
1020
|
+
|
1021
|
+
restore_msg = "\n****** ERROR: #{file} does not exist ******"
|
1022
|
+
puts restore_msg
|
1023
|
+
exec_resp = exec(
|
1024
|
+
msr206_obj: msr206_obj,
|
1025
|
+
cmd: :green_off
|
1026
|
+
)
|
1027
|
+
exec_resp = exec(
|
1028
|
+
msr206_obj: msr206_obj,
|
1029
|
+
cmd: :yellow_flash
|
1030
|
+
)
|
1031
|
+
end
|
1032
|
+
|
1033
|
+
track_data = JSON.parse(
|
1034
|
+
File.read(file),
|
1035
|
+
symbolize_names: true
|
1036
|
+
)
|
1037
|
+
|
1038
|
+
exec_resp = exec(
|
1039
|
+
msr206_obj: msr206_obj,
|
1040
|
+
cmd: :yellow_off
|
1041
|
+
)
|
1042
|
+
|
1043
|
+
# Read Card from Backup
|
1044
|
+
encoding = track_data.first[:encoding] if track_data.length == 3
|
1045
|
+
|
1046
|
+
# TODO: Save Original Card Contents
|
1047
|
+
write_card(
|
1048
|
+
msr206_obj: msr206_obj,
|
1049
|
+
encoding: encoding,
|
1050
|
+
track_data: track_data
|
1051
|
+
)
|
1052
|
+
rescue StandardError => e
|
1053
|
+
raise e
|
1054
|
+
end
|
1055
|
+
|
1056
|
+
# Supported Method Parameters::
|
1057
|
+
# PWN::Plugins::MSR206.edit_card(
|
1058
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
1059
|
+
# )
|
1060
|
+
|
1061
|
+
public_class_method def self.edit_card(opts = {})
|
1062
|
+
msr206_obj = opts[:msr206_obj]
|
1063
|
+
|
1064
|
+
# Read Card to Backup
|
1065
|
+
track_data = backup_card(
|
1066
|
+
msr206_obj: msr206_obj
|
1067
|
+
)
|
1068
|
+
|
1069
|
+
# TODO: Inline Editing
|
1070
|
+
|
1071
|
+
encoding = track_data.first[:encoding] if track_data.length == 3
|
1072
|
+
# TODO: Save Original Card Contents
|
1073
|
+
write_card(
|
1074
|
+
msr206_obj: msr206_obj,
|
1075
|
+
encoding: encoding,
|
1076
|
+
track_data: track_data
|
1077
|
+
)
|
1078
|
+
rescue StandardError => e
|
1079
|
+
raise e
|
1080
|
+
end
|
1081
|
+
|
1082
|
+
# Supported Method Parameters::
|
1083
|
+
# PWN::Plugins::MSR206.get_config(
|
1084
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
1085
|
+
# )
|
1086
|
+
|
1087
|
+
public_class_method def self.get_config(opts = {})
|
1088
|
+
msr206_obj = opts[:msr206_obj]
|
1089
|
+
|
1090
|
+
# --------------------------------------------------
|
1091
|
+
# Bit|Bit = 0 |Bit = 1
|
1092
|
+
# --------------------------------------------------
|
1093
|
+
# 0 |Track 1 Read not present |Track 1 Read present
|
1094
|
+
# 1 |Track 2 Read not present |Track 2 Read present
|
1095
|
+
# 2 |Track 3 Read not present |Track 3 Read present
|
1096
|
+
# 3 |not used – should be 0 |not used
|
1097
|
+
# 4 |Track 3 Write not present|Track 3 Write present
|
1098
|
+
# 5 |Track 2 Write not present|Track 2 Write present
|
1099
|
+
# 6 |Track 1 Write not present|Track 1 Write present
|
1100
|
+
# 7 |parity bit** |parity bit**
|
1101
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
1102
|
+
msr206_obj: msr206_obj,
|
1103
|
+
cmd: :configuration_request
|
1104
|
+
)
|
1105
|
+
|
1106
|
+
config_arr = exec_resp[:binary].first.reverse.chars
|
1107
|
+
config_hash = {}
|
1108
|
+
config_arr.each_with_index do |bit_str, i|
|
1109
|
+
bit = bit_str.to_i
|
1110
|
+
config_hash[:track1_read] = false if bit.zero? && i.zero?
|
1111
|
+
config_hash[:track1_read] = true if bit == 1 && i.zero?
|
1112
|
+
|
1113
|
+
config_hash[:track2_read] = false if bit.zero? && i == 1
|
1114
|
+
config_hash[:track2_read] = true if bit == 1 && i == 1
|
1115
|
+
|
1116
|
+
config_hash[:track3_read] = false if bit.zero? && i == 2
|
1117
|
+
config_hash[:track3_read] = true if bit == 1 && i == 2
|
1118
|
+
|
1119
|
+
config_hash[:not_used] if i == 3
|
1120
|
+
|
1121
|
+
config_hash[:track1_write] = false if bit.zero? && i == 4
|
1122
|
+
config_hash[:track1_write] = true if bit == 1 && i == 4
|
1123
|
+
|
1124
|
+
config_hash[:track2_write] = false if bit.zero? && i == 5
|
1125
|
+
config_hash[:track2_write] = true if bit == 1 && i == 5
|
1126
|
+
|
1127
|
+
config_hash[:track3_write] = false if bit.zero? && i == 6
|
1128
|
+
config_hash[:track3_write] = true if bit == 1 && i == 6
|
1129
|
+
|
1130
|
+
config_hash[:parity] = true if bit == 1 && i == 7
|
1131
|
+
end
|
1132
|
+
|
1133
|
+
config_hash
|
1134
|
+
rescue StandardError => e
|
1135
|
+
raise e
|
1136
|
+
end
|
1137
|
+
|
759
1138
|
# Supported Method Parameters::
|
760
1139
|
# PWN::Plugins::MSR206.disconnect(
|
761
1140
|
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.480
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-06-
|
11
|
+
date: 2022-06-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -310,14 +310,14 @@ dependencies:
|
|
310
310
|
requirements:
|
311
311
|
- - '='
|
312
312
|
- !ruby/object:Gem::Version
|
313
|
-
version: 2.
|
313
|
+
version: 2.4.0
|
314
314
|
type: :runtime
|
315
315
|
prerelease: false
|
316
316
|
version_requirements: !ruby/object:Gem::Requirement
|
317
317
|
requirements:
|
318
318
|
- - '='
|
319
319
|
- !ruby/object:Gem::Version
|
320
|
-
version: 2.
|
320
|
+
version: 2.4.0
|
321
321
|
- !ruby/object:Gem::Dependency
|
322
322
|
name: luhn
|
323
323
|
requirement: !ruby/object:Gem::Requirement
|
@@ -380,14 +380,14 @@ dependencies:
|
|
380
380
|
requirements:
|
381
381
|
- - '='
|
382
382
|
- !ruby/object:Gem::Version
|
383
|
-
version: 0.17.
|
383
|
+
version: 0.17.1
|
384
384
|
type: :runtime
|
385
385
|
prerelease: false
|
386
386
|
version_requirements: !ruby/object:Gem::Requirement
|
387
387
|
requirements:
|
388
388
|
- - '='
|
389
389
|
- !ruby/object:Gem::Version
|
390
|
-
version: 0.17.
|
390
|
+
version: 0.17.1
|
391
391
|
- !ruby/object:Gem::Dependency
|
392
392
|
name: net-openvpn
|
393
393
|
requirement: !ruby/object:Gem::Requirement
|