from __future__ import annotations from flask import Flask, render_template import subprocess from time import sleep app = Flask(__name__) def extractAsciiFromDump(dump: [str]) -> [str]: res = "" for line in dump: res += line.split("|")[-1].strip() return res usingPm3 = False @app.route('/api/uid') def uid(): ''' Read the UID of a visible ISO-14443A card. ''' uid = None global usingPm3 while usingPm3: sleep(0.1) usingPm3 = True try: output = subprocess.check_output(["proxmark3", "/dev/ttyACM0", "-c", "hf 14a read"], text=True, stderr=subprocess.DEVNULL).split("\n") for line in output: if "UID: " in line: uid = line[line.index("UID: ")+4:].strip() break except Exception as e: print(repr(e)) finally: print(uid) usingPm3 = False return { "uid": uid } @app.route('/api/sector/') def sector(sector): ''' Read a sector from a visible Mifare Classic card. ''' dump = None global usingPm3 while usingPm3: sleep(0.1) usingPm3 = True try: output = subprocess.check_output(["proxmark3", "/dev/ttyACM0", "-c", f"hf mf cgetsc -s {sector}"], text=True, stderr=subprocess.DEVNULL).split("\n") for i, line in enumerate(output): if "--> hf mf cgetsc -s " in line: dump = extractAsciiFromDump(output[i+4:]) break finally: usingPm3 = False return { "dump": dump } @app.route('/') def index(): return render_template("door.html", title="Office Front Door", allowed_ids={ # "44 61 76 65": ["Welcome CEO", [(3, "I am a very important CEO so open this door now!.........i......")]], "44 61 76 65": ["Welcome CEO

flag{yep_big_boss}", []], # CEO "3C 36 6A 22": ["The site manager would like to see you in their office. Please speak to APO Grove, and tell him the cleaner sent you.

flag{ooh_a_manager}", []], # Developer "2F 92 5D B2": ["Thanks for doing our cleaning! I found a card on a desk earlier. It has a label saying \"UID: 3C 36 6A 22\". Not sure what to do with it.

flag{another_lost_card}", []], # Cleaner }) app.run(host='127.0.0.1', port=8080)