This commit is contained in:
iceman1001 2019-04-29 01:39:40 +02:00
parent c92a58acf3
commit 47fbb557b4
2 changed files with 57 additions and 45 deletions

View file

@ -2,11 +2,13 @@ local getopt = require('getopt')
copyright = ''
author = "Neuromancer"
version = 'v1.0.0'
version = 'v1.0.1'
desc = [[
This script tries to decode Mifare Classic Access bytes
]]
example = 'script run mifare_access -a 7F0F0869'
example = [[
1. script run mifare_access -a 7F0F0869
]]
usage = [[
script run mifare_access -h -a <access bytes>
@ -24,20 +26,21 @@ local rshift = bit32.rshift
-- A debug printout-function
local function dbg(args)
if not DEBUG then return end
if type(args) == "table" then
if type(args) == 'table' then
local i = 1
while args[i] do
dbg(args[i])
i = i+1
end
else
print("###", args)
print('###', args)
end
end
---
-- This is only meant to be used when errors occur
local function oops(err)
print("ERROR: ",err)
print('ERROR:', err)
core.clearCommandBuffer()
return nil, err
end
---
@ -49,6 +52,7 @@ local function help()
print(desc)
print('Example usage')
print(example)
print(usage)
end
local access_condition_sector_trailer = {}
@ -81,13 +85,13 @@ local function main(args)
-- Read the parameters
for o, a in getopt.getopt(args, 'ha:') do
if o == "h" then return help() end
if o == "a" then access = a end
if o == 'h' then return help() end
if o == 'a' then access = a end
end
if access == nil then return oops('empty ACCESS CONDITIONS') end
if #access == 0 then return oops('empty ACCESS CONDITIONS') end
if #access ~= 8 then return oops("Wrong length. Should be 4 hex bytes ACCESS CONDITIONS (e.g. 7F0F0869)") end
if #access ~= 8 then return oops('Wrong length. Should be 4 hex bytes ACCESS CONDITIONS (e.g. 7F0F0869)') end
local c2_b = tonumber(string.sub(access, 1, 1), 16)
local c1_b = tonumber(string.sub(access, 2, 2), 16)
@ -97,34 +101,34 @@ local function main(args)
local c2 = tonumber(string.sub(access, 6, 6), 16)
local gpb = string.sub(access, 7, 8)
if bxor(c1, c1_b) ~= 0xF then print("!!! bitflip in c1") end
if bxor(c2, c2_b) ~= 0xF then print("!!! bitflip in c2") end
if bxor(c3, c3_b) ~= 0xF then print("!!! bitflip in c3") end
if bxor(c1, c1_b) ~= 0xF then print('!!! bitflip in c1') end
if bxor(c2, c2_b) ~= 0xF then print('!!! bitflip in c2') end
if bxor(c3, c3_b) ~= 0xF then print('!!! bitflip in c3') end
local ab = c1 * 256 + c2 * 16 + c3
for block = 0,3 do
print("--> block "..block)
print('--> block '..block)
-- mask bits for block
local abi = band(rshift(ab, block), 0x111)
-- compress bits
abi = band(abi + rshift(abi, 3) + rshift(abi, 6),7)
-- print(abi)
if block == 3 then
print(" KEYSECXA read: "..access_condition_sector_trailer[abi][1])
print(" KEYSECXA write: "..access_condition_sector_trailer[abi][2])
print(" ACCESS COND. read: "..access_condition_sector_trailer[abi][3])
print("ACCESS COND. write: "..access_condition_sector_trailer[abi][4])
print(" KEYSECXB read: "..access_condition_sector_trailer[abi][5])
print(" KEYSECXB write: "..access_condition_sector_trailer[abi][6])
print(' KEYSECXA read: '..access_condition_sector_trailer[abi][1])
print(' KEYSECXA write: '..access_condition_sector_trailer[abi][2])
print(' ACCESS COND. read: '..access_condition_sector_trailer[abi][3])
print('ACCESS COND. write: '..access_condition_sector_trailer[abi][4])
print(' KEYSECXB read: '..access_condition_sector_trailer[abi][5])
print(' KEYSECXB write: '..access_condition_sector_trailer[abi][6])
else
print(" read: "..access_condition_data_block[abi][1])
print(" write: "..access_condition_data_block[abi][2])
print(" inc: "..access_condition_data_block[abi][3])
print("decr, transfer, restore: "..access_condition_data_block[abi][4])
print(' read: '..access_condition_data_block[abi][1])
print(' write: '..access_condition_data_block[abi][2])
print(' inc: '..access_condition_data_block[abi][3])
print('decr, transfer, restore: '..access_condition_data_block[abi][4])
end
end
print("GPB: "..gpb)
print('GPB: '..gpb)
end
main(args)