RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-03-20 12:07:05 +08:00
Code Issues Projects Releases Packages Wiki Activity

FIX: 'script run mifare_autopwn' - now doesn't crash

Browse source
This commit is contained in:
osboxes.org 2019-02-04 22:16:12 +01:00
parent 6fea6e9ac7
commit cd44ea27b7
2 changed files with 34 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
client/scripts/mifare_autopwn.lua
View file

@ -12,8 +12,10 @@ This is a script which automates cracking and dumping mifare classic cards. It s
place by the device. place by the device.
Arguments: Arguments:
-d debug logging on -h this help
-h this help -d debug logging on
-k known key for Sector 0 , keytype A
Output files from this operation: Output files from this operation:
<uid>.eml - emulator file <uid>.eml - emulator file
@ -73,12 +75,12 @@ local function nested(key,sak)
if 0x18 == sak then --NXP MIFARE Classic 4k | Plus 4k | Ev1 4k if 0x18 == sak then --NXP MIFARE Classic 4k | Plus 4k | Ev1 4k
typ = 4 typ = 4
elseif 0x08 == sak then -- NXP MIFARE CLASSIC 1k | Plus 2k | Ev1 1K elseif 0x08 == sak then -- NXP MIFARE CLASSIC 1k | Plus 2k | Ev1 1K
typ= 1 typ = 1
elseif 0x09 == sak then -- NXP MIFARE Mini 0.3k elseif 0x09 == sak then -- NXP MIFARE Mini 0.3k
typ = 0 typ = 0
elseif 0x10 == sak then-- "NXP MIFARE Plus 2k" elseif 0x10 == sak then-- "NXP MIFARE Plus 2k"
typ = 2 typ = 2
elseif 0x01 == sak then-- "NXP MIFARE TNP3xxx 1K" elseif 0x01 == sak then-- "NXP MIFARE TNP3xxx 1K"
typ = 1 typ = 1
else else
print("I don't know how many sectors there are on this type of card, defaulting to 16") print("I don't know how many sectors there are on this type of card, defaulting to 16")
@ -87,22 +89,40 @@ local function nested(key,sak)
core.console(cmd) core.console(cmd)
end end
local function dump(uid) local function dump(uid, numsectors)
dbg('dumping tag memory') dbg('dumping tag memory')
local typ = 1
if 0x18 == sak then --NXP MIFARE Classic 4k | Plus 4k | Ev1 4k
typ = 4
elseif 0x08 == sak then -- NXP MIFARE CLASSIC 1k | Plus 2k | Ev1 1K
typ = 1
elseif 0x09 == sak then -- NXP MIFARE Mini 0.3k
typ = 0
elseif 0x10 == sak then-- "NXP MIFARE Plus 2k"
typ = 2
elseif 0x01 == sak then-- "NXP MIFARE TNP3xxx 1K"
typ = 1
end
if utils.confirm('Do you wish to create a memory dump of tag?') then if utils.confirm('Do you wish to create a memory dump of tag?') then
core.console("hf mf dump") local dumpfile = 'hf-mf-'..uid..'-data.bin'
local dmp = ('hf mf dump %s f %s'):format(typ, dumpfile)
core.console(dmp)
-- Save the global args, those are *our* arguments -- Save the global args, those are *our* arguments
local myargs = args local myargs = args
-- Set the arguments for htmldump script -- Set the arguments for htmldump script
args =("-o %s.html"):format(uid) args =('-i %s -o %s.html'):format(dumpfile, uid)
-- call it -- call it
require('../scripts/htmldump') require('htmldump')
args =""
-- dump to emulator -- dump to emulator
require('../scripts/dumptoemul') args =('-i %s -o %s.eml'):format(dumpfile, uid)
require('dumptoemul')
-- Set back args. Not that it's used, just for the karma... -- Set back args. Not that it's used, just for the karma...
args = myargs args = myargs
end end
@ -177,9 +197,9 @@ local function main(args)
print("Found valid key: "..key); print("Found valid key: "..key);
end end
-- Use nested attack -- Use nested attack
nested(key,sak) nested(key, sak)
-- Dump info -- Dump info
dump(uid) dump(uid, sak)
if #key == 12 then exit = true end if #key == 12 then exit = true end
else else

1
client/scripts/remagic.lua
View file

@ -72,6 +72,7 @@ local function sendCmds( cmds )
if cmds[i] then if cmds[i] then
print ( cmds[i] ) print ( cmds[i] )
core.console( cmds[i] ) core.console( cmds[i] )
core.clearCommandBuffer()
end end
end end
end end