Merge pull request #471 from bogiton/master

read_pwd_mem lua scripts update
2025-08-21 13:53:55 -07:00 · 2019-11-08 20:23:34 +01:00 · 2019-11-08 20:23:34 +01:00 · ed0bbe45f3
commit ed0bbe45f3
parent 2c0a8bbd91 a0168441d8
3 changed files with 44 additions and 26 deletions
--- a/armsrc/Standalone/hf_bog.c
+++ b/armsrc/Standalone/hf_bog.c
@ -249,5 +249,5 @@ void RunMod() {
    LEDsoff();
    SpinDelay(300);
    Dbprintf("- [ End ] -> You can take shell back ...");
-    Dbprintf("- [  !  ] -> use 'script run read_pwd_mem' to print passwords");
+    Dbprintf("- [  !  ] -> use 'script run read_pwd_mem_spiffs' to print passwords");
 }
--- a/client/luascripts/read_pwd_mem.lua
+++ b/client/luascripts/read_pwd_mem.lua
@ -3,11 +3,13 @@ local bin = require('bin')

 copyright = 'Copyright (c) 2018 Bogito. All rights reserved.'
 author = 'Bogito'
-version = 'v1.0.2'
+version = 'v1.0.3'
 desc =
 [[
-This script will read the flash memory of RDV4 and print the stored passwords.
-It was meant to be used as a help tool after using the BogRun standalone mode.
+This script will read the flash memory of RDV4 and print the stored passwords/keys.
+
+It was meant to be used as a help tool after using the BogRun standalone mode before SPIFFS.
+You should now use read_pwd_mem_spiffs instead after the updated BogRun standalone mode.

 (Iceman) script adapted to read and print keys in the default dictionary flashmemory sections.
 ]]
@ -22,8 +24,14 @@ example =
    -- This will scan 32 bytes of flash memory at offset 64 for stored passwords
    script run read_pwd_mem -o 64 -l 32

-    -- This will print found
-    script run read_pwd_mem -o 241664 -k 6
+    -- This will print the stored Mifare dictionary keys
+    script run read_pwd_mem -m
+	
+    -- This will print the stored t55xx dictionary passwords
+    script run read_pwd_mem -t
+	
+    -- This will print the stored iClass dictionary keys
+    script run read_pwd_mem -i
 ]]
 usage =
 [[
@ -66,7 +74,6 @@ local function main(args)
    print()

    local data, err, quadlet
-    local cnt = 0
    local offset = 0
    local length = 256
    local keylength = 4
--- a/client/luascripts/read_pwd_mem_spiffs.lua
+++ b/client/luascripts/read_pwd_mem_spiffs.lua
@ -3,7 +3,7 @@ local bin = require('bin')

 copyright = 'Copyright (c) 2019 Bogito. All rights reserved.'
 author = 'Bogito'
-version = 'v1.1.0'
+version = 'v1.1.1'
 desc =
 [[
 This script will read the flash memory of RDV4 using SPIFFS and print the stored passwords.
@ -16,15 +16,19 @@ example =

    -- This will read the other.log file in SPIFFS and print the stored passwords
    script run read_pwd_mem_spiffs -f other.log
+	
+    -- This will delete the hf_bog.log file from SPIFFS
+    script run read_pwd_mem_spiffs -r
 ]]
 usage =
 [[
 Usage:
-    script run read_pwd_mem_spiffs -h -f <filename>
+    script run read_pwd_mem_spiffs -h -f <filename> -r

 Arguments:
    -h              :  this help
    -f <filename>   :  filename in SPIFFS
+    -r              :  delete filename from SPIFFS
 ]]
 ---
 -- This is only meant to be used when errors occur
@ -49,42 +53,49 @@ end
 local function main(args)

    print( string.rep('--',20) )
-	print('Read passwords stored in memory (SPIFFS)')
+    print('Read passwords stored in memory (SPIFFS)')
    print( string.rep('--',20) )
    print()

-    local data, length, err
-    local cnt = 0
+    local data, length, err, removeflag
    local filename = 'hf_bog.log'
-	local keylength = 4
+    local keylength = 4

-    for o, a in getopt.getopt(args, 'f:h') do
+    for o, a in getopt.getopt(args, 'rf:h') do

        -- help
        if o == 'h' then return help() end

        -- offset
        if o == 'f' then filename = a end
+		
+        -- remove
+        if o == 'r' then removeflag = true end

-	end
+    end

+    if removeflag then
+        print('Deleting file '..filename.. ' from SPIFFS if exists')
+        core.console("mem spiffs remove " ..filename)
+        return
+    end
+	
    data, length, err = core.GetFromFlashMemSpiffs(filename)
    if data == nil then return oops('Problem while reading file from SPIFFS') end

    --print('Filename', filename)
-	--print('Filesize (B)', length)
+    --print('Filesize (B)', length)

-	_, s = bin.unpack('H'..length, data)
+    _, s = bin.unpack('H'..length, data)

-	local cnt = 0, i
-	for i = 1, length/keylength do
-		key  = string.sub(s, (i-1)*8+1, i*8)
-		if key == 'FFFFFFFF' then break end
-		print(string.format('[%02d] %s',i, key))
-		cnt = cnt + 1
-	end
-	print( string.rep('--',20) )
-	print( ('[+] found %d passwords'):format(cnt))
+    local cnt = 0, i
+    for i = 1, length/keylength do
+        key  = string.sub(s, (i-1)*8+1, i*8)
+        print(string.format('[%02d] %s',i, key))
+        cnt = cnt + 1
+    end
+    print( string.rep('--',20) )
+    print( ('[+] found %d passwords'):format(cnt))

 end