| 3510cdff |
1 | local desc = "How would the classic mifare hack look in lua? Let's find out " |
| 2 | print(desc); |
| 3 | |
| 4 | print("This script isn't even remotely finished!") |
| 5 | print("Checking preconditions"); |
| 6 | print("core", core) |
| 7 | print("core.SendCommand", core.SendCommand) |
| 8 | print("core.WaitForResponseTimeout", core.WaitForResponseTimeout) |
| 9 | print("core.nonce2key", core.nonce2key) |
| 10 | -- To actually send something meaningful, we need to include the 'Binlib' or 'lpack' library. |
| f057bddb |
11 | local cmd = 0x0611 -- CMD_READER_MIFARE - uint_64 |
| 12 | local arg1, arg2, arg3 = "0","0","0" -- 3 x uint_64 |
| 13 | local d = string.rep("00",512)-- 512 bytes |
| 14 | local usbcommand = bin.pack("LLLLH",cmd, arg1, arg2, arg3,d); |
| 15 | print("len(usbcommand): ", string.len(usbcommand)); |
| 16 | local x = core.SendCommand(usbcommand); |
| 17 | local result |
| 18 | repeat |
| 19 | result = core.WaitForResponseTimeout(cmd,1000) |
| 20 | print(".") |
| 21 | until result |
| 22 | |
| 23 | local r_cmd, r_arg1, r_arg2, r_arg3,r_data; |
| 24 | --[[ |
| 25 | response = bin.unpack() |
| 26 | isOK = resp.arg[0] & 0xff; |
| 27 | |
| 28 | uid = (uint32_t)bytes_to_num(resp.d.asBytes + 0, 4); |
| 29 | nt = (uint32_t)bytes_to_num(resp.d.asBytes + 4, 4); |
| 30 | par_list = bytes_to_num(resp.d.asBytes + 8, 8); |
| 31 | ks_list = bytes_to_num(resp.d.asBytes + 16, 8); |
| 32 | |
| 33 | |
| 34 | end |
| 35 | --]] |
| 3510cdff |
36 | --- Oh, and nonce2Key is not 'glued' yet. |
| 37 | print("err", result) |
projects / proxmark3-svn / blame