RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-04-02 10:30:16 +08:00
Code Issues Projects Releases Packages Wiki Activity

FIX: 'script run mifare_autopwn' - now doesn't crash

Browse source
This commit is contained in:
osboxes.org 2019-02-04 22:16:12 +01:00
parent 6fea6e9ac7
commit cd44ea27b7
2 changed files with 34 additions and 13 deletions

40
client/scripts/mifare_autopwn.lua
View file

@ -12,8 +12,10 @@ This is a script which automates cracking and dumping mifare classic cards. It s
place by the device. place by the device.
Arguments: Arguments:
-d debug logging on
-h this help -h this help
-d debug logging on
-k known key for Sector 0 , keytype A
Output files from this operation: Output files from this operation:
<uid>.eml - emulator file <uid>.eml - emulator file
@ -73,7 +75,7 @@ local function nested(key,sak)
if 0x18 == sak then --NXP MIFARE Classic 4k | Plus 4k | Ev1 4k if 0x18 == sak then --NXP MIFARE Classic 4k | Plus 4k | Ev1 4k
typ = 4 typ = 4
elseif 0x08 == sak then -- NXP MIFARE CLASSIC 1k | Plus 2k | Ev1 1K elseif 0x08 == sak then -- NXP MIFARE CLASSIC 1k | Plus 2k | Ev1 1K
typ= 1 typ = 1
elseif 0x09 == sak then -- NXP MIFARE Mini 0.3k elseif 0x09 == sak then -- NXP MIFARE Mini 0.3k
typ = 0 typ = 0
elseif 0x10 == sak then-- "NXP MIFARE Plus 2k" elseif 0x10 == sak then-- "NXP MIFARE Plus 2k"
@ -87,22 +89,40 @@ local function nested(key,sak)
core.console(cmd) core.console(cmd)
end end
local function dump(uid) local function dump(uid, numsectors)
dbg('dumping tag memory') dbg('dumping tag memory')
local typ = 1
if 0x18 == sak then --NXP MIFARE Classic 4k | Plus 4k | Ev1 4k
typ = 4
elseif 0x08 == sak then -- NXP MIFARE CLASSIC 1k | Plus 2k | Ev1 1K
typ = 1
elseif 0x09 == sak then -- NXP MIFARE Mini 0.3k
typ = 0
elseif 0x10 == sak then-- "NXP MIFARE Plus 2k"
typ = 2
elseif 0x01 == sak then-- "NXP MIFARE TNP3xxx 1K"
typ = 1
end
if utils.confirm('Do you wish to create a memory dump of tag?') then if utils.confirm('Do you wish to create a memory dump of tag?') then
core.console("hf mf dump") local dumpfile = 'hf-mf-'..uid..'-data.bin'
local dmp = ('hf mf dump %s f %s'):format(typ, dumpfile)
core.console(dmp)
-- Save the global args, those are *our* arguments -- Save the global args, those are *our* arguments
local myargs = args local myargs = args
-- Set the arguments for htmldump script -- Set the arguments for htmldump script
args =("-o %s.html"):format(uid) args =('-i %s -o %s.html'):format(dumpfile, uid)
-- call it -- call it
require('../scripts/htmldump') require('htmldump')
args =""
-- dump to emulator -- dump to emulator
require('../scripts/dumptoemul') args =('-i %s -o %s.eml'):format(dumpfile, uid)
require('dumptoemul')
-- Set back args. Not that it's used, just for the karma... -- Set back args. Not that it's used, just for the karma...
args = myargs args = myargs
end end
@ -177,9 +197,9 @@ local function main(args)
print("Found valid key: "..key); print("Found valid key: "..key);
end end
-- Use nested attack -- Use nested attack
nested(key,sak) nested(key, sak)
-- Dump info -- Dump info
dump(uid) dump(uid, sak)
if #key == 12 then exit = true end if #key == 12 then exit = true end
else else

1
client/scripts/remagic.lua
View file

@ -72,6 +72,7 @@ local function sendCmds( cmds )
if cmds[i] then if cmds[i] then
print ( cmds[i] ) print ( cmds[i] )
core.console( cmds[i] ) core.console( cmds[i] )
core.clearCommandBuffer()
end end
end end
end end