72 lines
2.0 KiB
Python
72 lines
2.0 KiB
Python
from __future__ import annotations
|
|
from flask import Flask, render_template
|
|
import subprocess
|
|
from time import sleep
|
|
|
|
app = Flask(__name__)
|
|
|
|
def extractAsciiFromDump(dump: [str]) -> [str]:
|
|
res = ""
|
|
for line in dump:
|
|
res += line.split("|")[-1].strip()
|
|
return res
|
|
|
|
usingPm3 = False
|
|
|
|
@app.route('/api/uid')
|
|
def uid():
|
|
'''
|
|
Read the UID of a visible ISO-14443A card.
|
|
'''
|
|
uid = None
|
|
global usingPm3
|
|
while usingPm3:
|
|
sleep(0.1)
|
|
usingPm3 = True
|
|
try:
|
|
output = subprocess.check_output(["proxmark3", "/dev/ttyACM1", "-c", "hf 14a read"], text=True, stderr=subprocess.DEVNULL).split("\n")
|
|
for line in output:
|
|
if "UID: " in line:
|
|
uid = line[line.index("UID: ")+4:].strip()
|
|
break
|
|
except Exception as e:
|
|
print(repr(e))
|
|
finally:
|
|
print(uid)
|
|
usingPm3 = False
|
|
return {
|
|
"uid": uid
|
|
}
|
|
|
|
@app.route('/api/sector/<sector>')
|
|
def sector(sector):
|
|
'''
|
|
Read a sector from a visible Mifare Classic card.
|
|
'''
|
|
dump = None
|
|
global usingPm3
|
|
while usingPm3:
|
|
sleep(0.1)
|
|
usingPm3 = True
|
|
try:
|
|
output = subprocess.check_output(["proxmark3", "/dev/ttyACM1", "-c", f"hf mf cgetsc -s {sector}"], text=True, stderr=subprocess.DEVNULL).split("\n")
|
|
for i, line in enumerate(output):
|
|
if "--> hf mf cgetsc -s " in line:
|
|
dump = extractAsciiFromDump(output[i+4:])
|
|
break
|
|
finally:
|
|
usingPm3 = False
|
|
return {
|
|
"dump": dump
|
|
}
|
|
|
|
@app.route('/')
|
|
def index():
|
|
return render_template("door.html",
|
|
title="CEO's Office Door",
|
|
allowed_ids={
|
|
"44 61 76 65": ["Welcome CEO<br/></br>flag{open_them_all}", [(3, "I am a very important CEO so open this door now!.........i......")]], # CEO
|
|
})
|
|
|
|
app.run(host='127.0.0.1', port=8081)
|