pwn 0.4.479 → 0.4.482
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/bin/pwn_serial_msr206 +0 -15
- data/lib/pwn/plugins/msr206.rb +156 -87
- data/lib/pwn/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 54dd1a8b28d45a1616960225db556b4378c80f0a786985b63a1a2cf967245968
|
|
4
|
+
data.tar.gz: ff5ab778b15f78de803c1a65d7a30be89e139dbc010f78e764de03fdb93dce8a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 99b9dc25e7728a72bbd545e319c91ba0893b5317a088ac22a26bd7223818b5b0adb2bea31712fd6f480ca6b5b26ec10005866896d652d17042390c86f731177d
|
|
7
|
+
data.tar.gz: b1cb96c6f46add465d909ac0bfc6c58cfc31504932f134450326b740e5a7ad7eb1f99eaf43f410822f8c7d1eaa9d71710d352c1e8e6961769ed8369f39c4a53e
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.482]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.482]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
data/bin/pwn_serial_msr206
CHANGED
|
@@ -101,7 +101,6 @@ begin
|
|
|
101
101
|
puts '[(B)ackup Card]'
|
|
102
102
|
puts '[(C)opy Card]'
|
|
103
103
|
puts '[(L)oad Card from File]'
|
|
104
|
-
puts '[(E)dit Card]'
|
|
105
104
|
puts '[(W)arm Reset]'
|
|
106
105
|
puts '[(Q)uit]'
|
|
107
106
|
puts menu_msg
|
|
@@ -112,38 +111,24 @@ begin
|
|
|
112
111
|
case option
|
|
113
112
|
when :R
|
|
114
113
|
menu_msg = 'READ CARD'
|
|
115
|
-
# Read Card
|
|
116
114
|
track_data = PWN::Plugins::MSR206.read_card(
|
|
117
115
|
msr206_obj: msr206_obj
|
|
118
116
|
)
|
|
119
117
|
when :B
|
|
120
118
|
menu_msg = 'BACKUP CARD TO FILE'
|
|
121
|
-
# Read Card to Backup
|
|
122
119
|
track_data = PWN::Plugins::MSR206.backup_card(
|
|
123
120
|
msr206_obj: msr206_obj
|
|
124
121
|
)
|
|
125
122
|
when :C
|
|
126
123
|
menu_msg = 'COPY CARD'
|
|
127
|
-
# Copy Card
|
|
128
124
|
track_data = PWN::Plugins::MSR206.copy_card(
|
|
129
125
|
msr206_obj: msr206_obj
|
|
130
126
|
)
|
|
131
127
|
when :L
|
|
132
128
|
menu_msg = 'LOAD FROM FILE'
|
|
133
|
-
# Read Card to Backup
|
|
134
129
|
track_data = PWN::Plugins::MSR206.load_card_from_file(
|
|
135
130
|
msr206_obj: msr206_obj
|
|
136
131
|
)
|
|
137
|
-
when :E
|
|
138
|
-
menu_msg = 'EDIT'
|
|
139
|
-
# Read Target Card
|
|
140
|
-
track_data = PWN::Plugins::MSR206.edit_card(
|
|
141
|
-
msr206_obj: msr206_obj
|
|
142
|
-
)
|
|
143
|
-
|
|
144
|
-
# TODO: Save Original Card Contents
|
|
145
|
-
# arm_to_write card to edit
|
|
146
|
-
# read edited card to verify successful write
|
|
147
132
|
when :W
|
|
148
133
|
menu_msg = 'WARM RESET'
|
|
149
134
|
exec_resp = PWN::Plugins::MSR206.exec(
|
data/lib/pwn/plugins/msr206.rb
CHANGED
|
@@ -613,6 +613,7 @@ module PWN
|
|
|
613
613
|
msr206_obj: msr206_obj,
|
|
614
614
|
cmd: type
|
|
615
615
|
)
|
|
616
|
+
puts exec_resp.inspect
|
|
616
617
|
|
|
617
618
|
print 'Ready to Read. Please Swipe Card Now:'
|
|
618
619
|
loop do
|
|
@@ -621,6 +622,7 @@ module PWN
|
|
|
621
622
|
cmd: type
|
|
622
623
|
)
|
|
623
624
|
|
|
625
|
+
puts exec_resp[:msg]
|
|
624
626
|
break if exec_resp[:msg] == :ack_command_completed
|
|
625
627
|
end
|
|
626
628
|
|
|
@@ -660,6 +662,7 @@ module PWN
|
|
|
660
662
|
params: [param]
|
|
661
663
|
)
|
|
662
664
|
exec_resp[:encoding] = encoding
|
|
665
|
+
exec_resp[:track_format] = [param]
|
|
663
666
|
puts exec_resp[:decoded]
|
|
664
667
|
puts exec_resp.inspect
|
|
665
668
|
track_data_arr.push(exec_resp)
|
|
@@ -685,17 +688,20 @@ module PWN
|
|
|
685
688
|
params: [param]
|
|
686
689
|
)
|
|
687
690
|
exec_resp[:encoding] = encoding
|
|
691
|
+
exec_resp[:track_format] = [param]
|
|
688
692
|
puts exec_resp[:decoded]
|
|
689
693
|
puts exec_resp.inspect
|
|
690
694
|
track_data_arr.push(exec_resp)
|
|
691
695
|
|
|
692
696
|
# 3 byte command
|
|
697
|
+
param = [0x5f] + [param]
|
|
693
698
|
exec_resp = exec(
|
|
694
699
|
msr206_obj: msr206_obj,
|
|
695
700
|
cmd: cmd,
|
|
696
|
-
params:
|
|
701
|
+
params: param
|
|
697
702
|
)
|
|
698
703
|
exec_resp[:encoding] = encoding
|
|
704
|
+
exec_resp[:track_format] = param
|
|
699
705
|
puts exec_resp[:decoded]
|
|
700
706
|
puts exec_resp.inspect
|
|
701
707
|
track_data_arr.push(exec_resp)
|
|
@@ -706,6 +712,9 @@ module PWN
|
|
|
706
712
|
:arm_to_write_with_raw,
|
|
707
713
|
:arm_to_write_with_raw_speed_prompts
|
|
708
714
|
|
|
715
|
+
# TODO: Set Write Density for Tracks Here
|
|
716
|
+
# >>>
|
|
717
|
+
|
|
709
718
|
if encoding == :iso
|
|
710
719
|
cmds_arr = %i[
|
|
711
720
|
load_iso_std_data_for_writing_track1
|
|
@@ -713,69 +722,96 @@ module PWN
|
|
|
713
722
|
load_iso_std_data_for_writing_track3
|
|
714
723
|
]
|
|
715
724
|
|
|
725
|
+
# TODO: Get Data by cmd (e.g. load_iso_std_data_for_writing_track1)
|
|
716
726
|
cmds_arr.each_with_index do |cmd, track|
|
|
717
727
|
puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
|
728
|
+
puts track_data[track][:decoded]
|
|
729
|
+
next if track_data[track][:decoded] == '+'
|
|
730
|
+
|
|
718
731
|
this_track = track_data[track][:decoded].chars.map do |c|
|
|
719
732
|
c.unpack1('H*').to_i(16)
|
|
720
733
|
end
|
|
721
|
-
|
|
722
|
-
|
|
734
|
+
track_eot = [0x04]
|
|
735
|
+
track_payload = this_track + track_eot
|
|
736
|
+
puts track_payload.inspect
|
|
723
737
|
exec_resp = exec(
|
|
724
738
|
msr206_obj: msr206_obj,
|
|
725
739
|
cmd: cmd,
|
|
726
|
-
params:
|
|
740
|
+
params: track_payload
|
|
741
|
+
)
|
|
742
|
+
exec_resp[:encoding] = encoding
|
|
743
|
+
puts exec_resp.inspect
|
|
744
|
+
track_data_arr.push(exec_resp)
|
|
745
|
+
end
|
|
746
|
+
end
|
|
747
|
+
|
|
748
|
+
if encoding == :iso_alt
|
|
749
|
+
cmds_arr = %i[
|
|
750
|
+
alt_load_iso_std_data_for_writing_track1
|
|
751
|
+
alt_load_iso_std_data_for_writing_track2
|
|
752
|
+
alt_load_iso_std_data_for_writing_track3
|
|
753
|
+
]
|
|
754
|
+
|
|
755
|
+
# TODO: Get Data by cmd (e.g. alt_load_iso_std_data_for_writing_track1)
|
|
756
|
+
cmds_arr.each_with_index do |cmd, track|
|
|
757
|
+
puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
|
758
|
+
puts track_data[track][:decoded]
|
|
759
|
+
next if track_data[track][:decoded] == '+'
|
|
760
|
+
|
|
761
|
+
this_track = track_data[track][:decoded].chars.map do |c|
|
|
762
|
+
c.unpack1('H*').to_i(16)
|
|
763
|
+
end
|
|
764
|
+
track_format = track_data[track][:track_format]
|
|
765
|
+
track_eot = [0x04]
|
|
766
|
+
track_payload = track_format + this_track + track_eot
|
|
767
|
+
puts track_payload.inspect
|
|
768
|
+
exec_resp = exec(
|
|
769
|
+
msr206_obj: msr206_obj,
|
|
770
|
+
cmd: cmd,
|
|
771
|
+
params: track_payload
|
|
727
772
|
)
|
|
728
773
|
exec_resp[:encoding] = encoding
|
|
729
|
-
puts exec_resp[:decoded]
|
|
730
774
|
puts exec_resp.inspect
|
|
731
775
|
track_data_arr.push(exec_resp)
|
|
732
776
|
end
|
|
733
777
|
end
|
|
734
778
|
|
|
735
|
-
|
|
736
|
-
|
|
737
|
-
|
|
738
|
-
|
|
739
|
-
|
|
740
|
-
|
|
741
|
-
|
|
742
|
-
|
|
743
|
-
|
|
744
|
-
|
|
745
|
-
|
|
746
|
-
|
|
747
|
-
|
|
748
|
-
|
|
749
|
-
|
|
750
|
-
|
|
751
|
-
|
|
752
|
-
|
|
753
|
-
|
|
754
|
-
|
|
755
|
-
|
|
756
|
-
|
|
757
|
-
|
|
758
|
-
|
|
759
|
-
|
|
760
|
-
|
|
761
|
-
|
|
762
|
-
|
|
763
|
-
|
|
764
|
-
|
|
765
|
-
# msr206_obj: msr206_obj,
|
|
766
|
-
# cmd: cmd
|
|
767
|
-
# )
|
|
768
|
-
# exec_resp[:encoding] = encoding
|
|
769
|
-
# puts exec_resp[:decoded]
|
|
770
|
-
# puts exec_resp.inspect
|
|
771
|
-
# track_data_arr.push(exec_resp)
|
|
772
|
-
# end
|
|
773
|
-
# end
|
|
779
|
+
if encoding == :raw
|
|
780
|
+
cmds_arr = %i[
|
|
781
|
+
load_custom_data_for_writing_track1
|
|
782
|
+
load_custom_data_for_writing_track2
|
|
783
|
+
load_custom_data_for_writing_track3
|
|
784
|
+
]
|
|
785
|
+
|
|
786
|
+
# TODO: Get Data by cmd (e.g. load_custom_data_for_writing_track1)
|
|
787
|
+
cmds_arr.each_with_index do |cmd, track|
|
|
788
|
+
puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
|
|
789
|
+
puts track_data[track][:decoded]
|
|
790
|
+
next if track_data[track][:decoded] == '+'
|
|
791
|
+
|
|
792
|
+
this_track = track_data[track][:decoded].chars.map do |c|
|
|
793
|
+
c.unpack1('H*').to_i(16)
|
|
794
|
+
end
|
|
795
|
+
track_format = track_data[track][:track_format]
|
|
796
|
+
track_eot = [0x04]
|
|
797
|
+
track_payload = track_format + this_track + track_eot
|
|
798
|
+
puts track_payload.inspect
|
|
799
|
+
exec_resp = exec(
|
|
800
|
+
msr206_obj: msr206_obj,
|
|
801
|
+
cmd: cmd,
|
|
802
|
+
params: track_payload
|
|
803
|
+
)
|
|
804
|
+
exec_resp[:encoding] = encoding
|
|
805
|
+
puts exec_resp.inspect
|
|
806
|
+
track_data_arr.push(exec_resp)
|
|
807
|
+
end
|
|
808
|
+
end
|
|
774
809
|
|
|
775
810
|
exec_resp = PWN::Plugins::MSR206.exec(
|
|
776
811
|
msr206_obj: msr206_obj,
|
|
777
812
|
cmd: type
|
|
778
813
|
)
|
|
814
|
+
puts exec_resp.inspect
|
|
779
815
|
|
|
780
816
|
print 'Ready to Write. Please Swipe Card Now:'
|
|
781
817
|
loop do
|
|
@@ -887,7 +923,80 @@ module PWN
|
|
|
887
923
|
cmd: :yellow_off
|
|
888
924
|
)
|
|
889
925
|
|
|
890
|
-
|
|
926
|
+
track_data
|
|
927
|
+
rescue StandardError => e
|
|
928
|
+
raise e
|
|
929
|
+
end
|
|
930
|
+
|
|
931
|
+
# Supported Method Parameters::
|
|
932
|
+
# PWN::Plugins::MSR206.write_card(
|
|
933
|
+
# msr206_obj: 'required - msr206_obj returned from #connect method',
|
|
934
|
+
# encoding: 'required - :iso || :alt_iso || :raw',
|
|
935
|
+
# track_data: 'requred - track data to write (see #backup_card for structure)'
|
|
936
|
+
# )
|
|
937
|
+
|
|
938
|
+
public_class_method def self.write_card(opts = {})
|
|
939
|
+
msr206_obj = opts[:msr206_obj]
|
|
940
|
+
encoding = opts[:encoding].to_s.scrub.strip.chomp.to_sym
|
|
941
|
+
track_data = opts[:track_data]
|
|
942
|
+
|
|
943
|
+
puts 'IN ORDER TO GET BLANK TRACKS, A STRONG MAGNETIC FIELD MUST BE PRESENT TO FIRST WIPE THE CARD TARGETED FOR WRITING.'
|
|
944
|
+
# puts 'Default Write Current:'
|
|
945
|
+
# exec_resp = exec(
|
|
946
|
+
# msr206_obj: msr206_obj,
|
|
947
|
+
# cmd: :view_default_write_current
|
|
948
|
+
# )
|
|
949
|
+
# puts exec_resp.inspect
|
|
950
|
+
|
|
951
|
+
# puts 'Temporary Write Current:'
|
|
952
|
+
# exec_resp = exec(
|
|
953
|
+
# msr206_obj: msr206_obj,
|
|
954
|
+
# cmd: :view_temp_write_current
|
|
955
|
+
# )
|
|
956
|
+
# puts exec_resp.inspect
|
|
957
|
+
|
|
958
|
+
coercivity = :waiting_for_selection
|
|
959
|
+
loop do
|
|
960
|
+
puts "\nCOERCIVITY OPTIONS:"
|
|
961
|
+
puts '[(H)igh (Most Often Black Stripe)]'
|
|
962
|
+
puts '[(L)ow (Most Often Brown Stripe)]'
|
|
963
|
+
print 'COERCIVITY LEVEL >>> '
|
|
964
|
+
coercivity_choice = gets.scrub.chomp.strip.upcase.to_sym
|
|
965
|
+
|
|
966
|
+
# Write Current Settings vs. Media Coercivties
|
|
967
|
+
# Media Coercivity (Oersteds)|Write Current Setting*|Typical Usage
|
|
968
|
+
# 300 |36 |Low coercivity
|
|
969
|
+
# 600 | |
|
|
970
|
+
# 1800 | |
|
|
971
|
+
# 3600+ |255 |Typical high corcivity
|
|
972
|
+
|
|
973
|
+
case coercivity_choice
|
|
974
|
+
when :H
|
|
975
|
+
coercivity = [0x32, 0x35, 0x35]
|
|
976
|
+
break
|
|
977
|
+
when :L
|
|
978
|
+
coercivity = [0x30, 0x33, 0x36]
|
|
979
|
+
break
|
|
980
|
+
end
|
|
981
|
+
end
|
|
982
|
+
|
|
983
|
+
exec_resp = exec(
|
|
984
|
+
msr206_obj: msr206_obj,
|
|
985
|
+
cmd: :set_temp_write_current,
|
|
986
|
+
params: coercivity
|
|
987
|
+
)
|
|
988
|
+
|
|
989
|
+
track_data = wait_for_swipe(
|
|
990
|
+
msr206_obj: msr206_obj,
|
|
991
|
+
type: :arm_to_write_no_raw,
|
|
992
|
+
encoding: encoding,
|
|
993
|
+
track_data: track_data
|
|
994
|
+
)
|
|
995
|
+
|
|
996
|
+
exec_resp = PWN::Plugins::MSR206.exec(
|
|
997
|
+
msr206_obj: msr206_obj,
|
|
998
|
+
cmd: :simulate_power_cycle_warm_reset
|
|
999
|
+
)
|
|
891
1000
|
|
|
892
1001
|
track_data
|
|
893
1002
|
rescue StandardError => e
|
|
@@ -909,16 +1018,11 @@ module PWN
|
|
|
909
1018
|
|
|
910
1019
|
encoding = track_data.first[:encoding] if track_data.length == 3
|
|
911
1020
|
# TODO: Save Original Card Contents
|
|
912
|
-
|
|
1021
|
+
write_card(
|
|
913
1022
|
msr206_obj: msr206_obj,
|
|
914
|
-
type: :arm_to_write_no_raw,
|
|
915
1023
|
encoding: encoding,
|
|
916
1024
|
track_data: track_data
|
|
917
1025
|
)
|
|
918
|
-
|
|
919
|
-
puts 'complete.'
|
|
920
|
-
|
|
921
|
-
track_data
|
|
922
1026
|
rescue StandardError => e
|
|
923
1027
|
raise e
|
|
924
1028
|
end
|
|
@@ -971,46 +1075,11 @@ module PWN
|
|
|
971
1075
|
encoding = track_data.first[:encoding] if track_data.length == 3
|
|
972
1076
|
|
|
973
1077
|
# TODO: Save Original Card Contents
|
|
974
|
-
|
|
1078
|
+
write_card(
|
|
975
1079
|
msr206_obj: msr206_obj,
|
|
976
|
-
type: :arm_to_write_no_raw,
|
|
977
1080
|
encoding: encoding,
|
|
978
1081
|
track_data: track_data
|
|
979
1082
|
)
|
|
980
|
-
|
|
981
|
-
puts 'complete.'
|
|
982
|
-
|
|
983
|
-
track_data
|
|
984
|
-
rescue StandardError => e
|
|
985
|
-
raise e
|
|
986
|
-
end
|
|
987
|
-
|
|
988
|
-
# Supported Method Parameters::
|
|
989
|
-
# PWN::Plugins::MSR206.edit_card(
|
|
990
|
-
# msr206_obj: 'required - msr206_obj returned from #connect method'
|
|
991
|
-
# )
|
|
992
|
-
|
|
993
|
-
public_class_method def self.edit_card(opts = {})
|
|
994
|
-
msr206_obj = opts[:msr206_obj]
|
|
995
|
-
|
|
996
|
-
# Read Card to Backup
|
|
997
|
-
track_data = backup_card(
|
|
998
|
-
msr206_obj: msr206_obj
|
|
999
|
-
)
|
|
1000
|
-
|
|
1001
|
-
# TODO: Inline Editing
|
|
1002
|
-
|
|
1003
|
-
encoding = track_data.first[:encoding] if track_data.length == 3
|
|
1004
|
-
# TODO: Save Original Card Contents
|
|
1005
|
-
track_data = wait_for_swipe(
|
|
1006
|
-
msr206_obj: msr206_obj,
|
|
1007
|
-
type: :arm_to_write_no_raw,
|
|
1008
|
-
encoding: encoding
|
|
1009
|
-
)
|
|
1010
|
-
|
|
1011
|
-
puts 'complete.'
|
|
1012
|
-
|
|
1013
|
-
track_data
|
|
1014
1083
|
rescue StandardError => e
|
|
1015
1084
|
raise e
|
|
1016
1085
|
end
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.482
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
@@ -310,14 +310,14 @@ dependencies:
|
|
|
310
310
|
requirements:
|
|
311
311
|
- - '='
|
|
312
312
|
- !ruby/object:Gem::Version
|
|
313
|
-
version: 2.4.
|
|
313
|
+
version: 2.4.1
|
|
314
314
|
type: :runtime
|
|
315
315
|
prerelease: false
|
|
316
316
|
version_requirements: !ruby/object:Gem::Requirement
|
|
317
317
|
requirements:
|
|
318
318
|
- - '='
|
|
319
319
|
- !ruby/object:Gem::Version
|
|
320
|
-
version: 2.4.
|
|
320
|
+
version: 2.4.1
|
|
321
321
|
- !ruby/object:Gem::Dependency
|
|
322
322
|
name: luhn
|
|
323
323
|
requirement: !ruby/object:Gem::Requirement
|