search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix one too small
[RRG-proxmark3.git] / client / src / scripting.c
blob9c289e9d1d23efdaf007750ad575c11c4526a7a2
1 //-----------------------------------------------------------------------------
2 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
3 //
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // See LICENSE.txt for the text of the license.
15 //-----------------------------------------------------------------------------
16 // Some lua scripting glue to proxmark core.
17 //-----------------------------------------------------------------------------
18 #include "scripting.h"
19
20 #include <stdlib.h>
21 #include <string.h>
22 #include <errno.h>
23
24 #include "lauxlib.h"
25 #include "cmdmain.h"
26 #include "proxmark3.h"
27 #include "comms.h"
28 #include "mifare/mifarehost.h"
29 #include "crc.h"
30 #include "crc64.h"
31 #include "sha1.h"
32 #include "aes.h"
33 #include "cmdcrc.h"
34 #include "cmdhfmfhard.h"
35 #include "cmdhfmfu.h"
36 #include "cmdlft55xx.h" // read t55xx etc
37 #include "nfc/ndef.h" // ndef parsing
38 #include "commonutil.h"
39 #include "ui.h"
40
41 #include "crc16.h"
42 #include "protocols.h"
43 #include "fileutils.h" // searchfile
44 #include "generator.h"
45 #include "cmdlfem4x05.h" // read 4305
46 #include "cmdlfem4x50.h" // read 4350
47 #include "em4x50.h" // 4x50 structs
48 #include "iso7816/iso7816core.h" // ISODEPSTATE
49
50 static int returnToLuaWithError(lua_State *L, const char *fmt, ...) {
51 char buffer[200];
52 va_list args;
53 va_start(args, fmt);
54 vsnprintf(buffer, sizeof(buffer), fmt, args);
55 va_end(args);
56
57 lua_pushnil(L);
58 lua_pushstring(L, buffer);
59 return 2;
60 }
61
62 static int l_clearCommandBuffer(lua_State *L) {
63 clearCommandBuffer();
64 return 0;
65 }
66
67 /**
68 * Enable / Disable fast push mode for lua scripts like hf_mf_keycheck
69 * The following params expected:
70 *
71 *@brief l_fast_push_mode
72 * @param L
73 * @return
74 */
75 static int l_fast_push_mode(lua_State *L) {
76
77 luaL_checktype(L, 1, LUA_TBOOLEAN);
78
79 bool enable = lua_toboolean(L, 1);
80
81 g_conn.block_after_ACK = enable;
82
83 // Disable fast mode and send a dummy command to make it effective
84 if (enable == false) {
85 SendCommandNG(CMD_PING, NULL, 0);
86 if (!WaitForResponseTimeout(CMD_PING, NULL, 1000)) {
87 PrintAndLogEx(WARNING, "command execution time out");
88 return returnToLuaWithError(L, "command execution time out");
89 }
90 }
91
92 //Push the retval on the stack
93 lua_pushboolean(L, enable);
94 return 1;
95 }
96
97 /**
98 * The following params expected:
99 * @brief l_SendCommandMIX
100 * @param L - a lua string with the following five params.
101 * @param cmd must be hexstring, max u64
102 * @param arg0 must be hexstring, max u64
103 * @param arg1 must be hexstring, max u64
104 * @param arg2 must be hexstring, max u64
105 * @param data must be hexstring less than 1024 chars(512bytes)
106 * @return
107 */
108 static int l_SendCommandMIX(lua_State *L) {
109
110 uint64_t cmd, arg0, arg1, arg2;
111 uint8_t data[PM3_CMD_DATA_SIZE] = {0};
112 size_t len = 0, size;
113
114 // check number of arguments
115 int n = lua_gettop(L);
116 if (n != 5)
117 return returnToLuaWithError(L, "You need to supply five parameters");
118
119 // parse input
120 cmd = luaL_checknumber(L, 1);
121 arg0 = luaL_checknumber(L, 2);
122 arg1 = luaL_checknumber(L, 3);
123 arg2 = luaL_checknumber(L, 4);
124
125 // data
126 const char *p_data = luaL_checklstring(L, 5, &size);
127 if (size) {
128 if (size > 1024)
129 size = 1024;
130
131 uint32_t tmp;
132 for (int i = 0; i < size; i += 2) {
133 sscanf(&p_data[i], "%02x", &tmp);
134 data[i >> 1] = tmp & 0xFF;
135 len++;
136 }
137 }
138
139 clearCommandBuffer();
140 SendCommandMIX(cmd, arg0, arg1, arg2, data, len);
141 lua_pushboolean(L, true);
142 return 1;
143 }
144 /**
145 * The following params expected:
146 * @brief l_SendCommandMIX
147 * @param L - a lua string with the following two params.
148 * @param cmd must be hexstring, max u64
149 * @param data must be hexstring less than 1024 chars(512bytes)
150 * @return
151 */
152 static int l_SendCommandNG(lua_State *L) {
153
154 uint8_t data[PM3_CMD_DATA_SIZE] = {0};
155 size_t len = 0, size;
156
157 // check number of arguments
158 int n = lua_gettop(L);
159 if (n != 2)
160 return returnToLuaWithError(L, "You need to supply two parameters");
161
162 // parse input
163 uint16_t cmd = luaL_checknumber(L, 1);
164
165 // data
166 const char *p_data = luaL_checklstring(L, 2, &size);
167 if (size) {
168 if (size > 1024)
169 size = 1024;
170
171 uint32_t tmp;
172 for (int i = 0; i < size; i += 2) {
173 sscanf(&p_data[i], "%02x", &tmp);
174 data[i >> 1] = tmp & 0xFF;
175 len++;
176 }
177 }
178
179 clearCommandBuffer();
180 SendCommandNG(cmd, data, len);
181 lua_pushboolean(L, true);
182 return 1;
183 }
184
185
186 /**
187 * @brief The following params expected:
188 * uint8_t *dest
189 * int bytes
190 * int start_index
191 * @param L
192 * @return
193 */
194 static int l_GetFromBigBuf(lua_State *L) {
195
196 int len = 0, startindex = 0;
197
198 //Check number of arguments
199 int n = lua_gettop(L);
200 if (n == 0) {
201 return returnToLuaWithError(L, "You need to supply number of bytes and startindex");
202 }
203
204 if (n >= 2) {
205 startindex = luaL_checknumber(L, 1);
206 len = luaL_checknumber(L, 2);
207 }
208
209 if (len == 0) {
210 return returnToLuaWithError(L, "You need to supply number of bytes larger than zero");
211 }
212
213 uint8_t *data = calloc(len, sizeof(uint8_t));
214 if (!data) {
215 return returnToLuaWithError(L, "Allocating memory failed");
216 }
217
218 if (!GetFromDevice(BIG_BUF, data, len, startindex, NULL, 0, NULL, 2500, false)) {
219 free(data);
220 return returnToLuaWithError(L, "command execution time out");
221 }
222
223 //Push it as a string
224 lua_pushlstring(L, (const char *)data, len);
225 free(data);
226 return 1; // return 1 to signal one return value
227 }
228
229 /**
230 * @brief The following params expected:
231 * uint8_t *dest
232 * int bytes
233 * int start_index
234 * @param L
235 * @return
236 */
237 static int l_GetFromFlashMem(lua_State *L) {
238
239 if (IfPm3Flash()) {
240 int len = 0, startindex = 0;
241
242 int n = lua_gettop(L);
243 if (n == 0)
244 return returnToLuaWithError(L, "You need to supply number of bytes and startindex");
245
246 if (n >= 2) {
247 startindex = luaL_checknumber(L, 1);
248 len = luaL_checknumber(L, 2);
249 }
250
251 if (len == 0)
252 return returnToLuaWithError(L, "You need to supply number of bytes larger than zero");
253
254 uint8_t *data = calloc(len, sizeof(uint8_t));
255 if (!data)
256 return returnToLuaWithError(L, "Allocating memory failed");
257
258 if (!GetFromDevice(FLASH_MEM, data, len, startindex, NULL, 0, NULL, -1, false)) {
259 free(data);
260 return returnToLuaWithError(L, "command execution time out");
261 }
262
263 lua_pushlstring(L, (const char *)data, len);
264 free(data);
265 return 1;
266 } else {
267 return returnToLuaWithError(L, "No FLASH MEM support");
268 }
269 }
270
271 /**
272 * @brief The following params expected:
273 * uint8_t *destfilename
274 * @param L
275 * @return
276 */
277 static int l_GetFromFlashMemSpiffs(lua_State *L) {
278
279 if (IfPm3Flash() == false) {
280 return returnToLuaWithError(L, "No FLASH MEM support");
281 }
282
283 uint32_t start_index = 0, len = 0x40000; //FLASH_MEM_MAX_SIZE
284 char destfilename[32] = {0};
285 size_t size;
286
287 int n = lua_gettop(L);
288 if (n == 0)
289 return returnToLuaWithError(L, "You need to supply the destination filename");
290
291 if (n >= 1) {
292 const char *p_filename = luaL_checklstring(L, 1, &size);
293 if (size != 0)
294 memcpy(destfilename, p_filename, 31);
295 }
296
297 if (destfilename[0] == '\0')
298 return returnToLuaWithError(L, "Filename missing or invalid");
299
300 // get size from spiffs itself !
301 SendCommandNG(CMD_SPIFFS_STAT, (uint8_t *)destfilename, 32);
302 PacketResponseNG resp;
303 if (!WaitForResponseTimeout(CMD_SPIFFS_STAT, &resp, 2000))
304 return returnToLuaWithError(L, "No response from the device");
305
306 len = resp.data.asDwords[0];
307
308 if (len == 0)
309 return returnToLuaWithError(L, "Filename invalid or empty");
310
311 uint8_t *data = calloc(len, sizeof(uint8_t));
312 if (!data)
313 return returnToLuaWithError(L, "Allocating memory failed");
314
315 if (!GetFromDevice(SPIFFS, data, len, start_index, (uint8_t *)destfilename, 32, NULL, -1, true)) {
316 free(data);
317 return returnToLuaWithError(L, "ERROR; downloading from spiffs(flashmemory)");
318 }
319
320 lua_pushlstring(L, (const char *)data, len);
321 lua_pushunsigned(L, len);
322 free(data);
323 return 2;
324 }
325
326 /**
327 * @brief The following params expected:
328 * uint32_t cmd
329 * size_t ms_timeout
330 * @param L
331 * @return struct of PacketResponseNG
332 */
333 static int l_WaitForResponseTimeout(lua_State *L) {
334
335 uint32_t cmd = 0;
336 size_t ms_timeout = -1;
337
338 //Check number of arguments
339 int n = lua_gettop(L);
340 if (n == 0)
341 return returnToLuaWithError(L, "You need to supply at least command to wait for");
342
343 // extract first param. cmd byte to look for
344 if (n >= 1)
345 cmd = luaL_checkunsigned(L, 1);
346
347 // extract second param. timeout value
348 if (n >= 2)
349 ms_timeout = luaL_checkunsigned(L, 2);
350
351 PacketResponseNG resp;
352 if (WaitForResponseTimeout(cmd, &resp, ms_timeout) == false) {
353 return returnToLuaWithError(L, "No response from the device");
354 }
355
356 char foo[sizeof(PacketResponseNG)];
357 n = 0;
358
359 memcpy(foo + n, &resp.cmd, sizeof(resp.cmd));
360 n += sizeof(resp.cmd);
361
362 memcpy(foo + n, &resp.length, sizeof(resp.length));
363 n += sizeof(resp.length);
364
365 memcpy(foo + n, &resp.magic, sizeof(resp.magic));
366 n += sizeof(resp.magic);
367
368 memcpy(foo + n, &resp.status, sizeof(resp.status));
369 n += sizeof(resp.status);
370
371 memcpy(foo + n, &resp.crc, sizeof(resp.crc));
372 n += sizeof(resp.crc);
373
374 memcpy(foo + n, &resp.oldarg[0], sizeof(resp.oldarg[0]));
375 n += sizeof(resp.oldarg[0]);
376
377 memcpy(foo + n, &resp.oldarg[1], sizeof(resp.oldarg[1]));
378 n += sizeof(resp.oldarg[1]);
379
380 memcpy(foo + n, &resp.oldarg[2], sizeof(resp.oldarg[2]));
381 n += sizeof(resp.oldarg[2]);
382
383 memcpy(foo + n, resp.data.asBytes, sizeof(resp.data));
384 n += sizeof(resp.data);
385
386 memcpy(foo + n, &resp.ng, sizeof(resp.ng));
387 n += sizeof(resp.ng);
388 (void) n;
389
390 //Push it as a string
391 lua_pushlstring(L, (const char *)&foo, sizeof(foo));
392 return 1;
393 }
394
395 static int l_mfDarkside(lua_State *L) {
396
397 uint32_t blockno = 0;
398 uint32_t keytype = MIFARE_AUTH_KEYA;
399 uint64_t key = 0;
400 size_t size;
401
402 //Check number of arguments
403 int n = lua_gettop(L);
404 switch (n) {
405 case 2: {
406 const char *p_keytype = luaL_checklstring(L, 2, &size);
407 if (size != 2) return returnToLuaWithError(L, "Wrong size of keytype, got %d bytes, expected 1", (int) size);
408 sscanf(p_keytype, "%x", &keytype);
409 }
410 case 1: {
411 const char *p_blockno = luaL_checklstring(L, 1, &size);
412 if (size != 2) return returnToLuaWithError(L, "Wrong size of blockno, got %d bytes, expected 2", (int) size);
413 sscanf(p_blockno, "%02x", &blockno);
414 break;
415 }
416 default :
417 break;
418 }
419
420 int retval = mfDarkside(blockno & 0xFF, keytype & 0xFF, &key);
421
422 uint8_t dest_key[8];
423 num_to_bytes(key, sizeof(dest_key), dest_key);
424
425 //Push the retval on the stack
426 lua_pushinteger(L, retval);
427 lua_pushlstring(L, (const char *) dest_key, sizeof(dest_key));
428 return 2;
429 }
430
431 /**
432 * @brief l_foobar is a dummy function to test lua-integration with
433 * @param L
434 * @return
435 */
436 static int l_foobar(lua_State *L) {
437 //Check number of arguments
438 int n = lua_gettop(L);
439 PrintAndLogEx(INFO, "foobar called with %d arguments", n);
440 lua_settop(L, 0);
441 PrintAndLogEx(INFO, "Arguments discarded, stack now contains %d elements", lua_gettop(L));
442
443 // todo: this is not used, where was it intended for?
444 // PacketCommandOLD response = {CMD_HF_MIFARE_READBL, {1337, 1338, 1339}, {{0}}};
445
446 PrintAndLogEx(INFO, "Now returning a uint64_t as a string");
447 uint64_t x = 0xDEADC0DE;
448 uint8_t destination[8];
449 num_to_bytes(x, sizeof(x), destination);
450 lua_pushlstring(L, (const char *)&x, sizeof(x));
451 lua_pushlstring(L, (const char *)destination, sizeof(destination));
452 return 2;
453 }
454
455 /**
456 * @brief Utility to check if a key has been pressed by the user. This method does not block.
457 * @param L
458 * @return boolean, true if kbhit, false otherwise.
459 */
460 static int l_kbd_enter_pressed(lua_State *L) {
461 lua_pushboolean(L, kbd_enter_pressed() ? true : false);
462 return 1;
463 }
464
465 /**
466 * @brief Calls the command line parser to deal with the command. This enables
467 * lua-scripts to do stuff like "core.console('hf mf mifare')"
468 * @param L
469 * @return
470 */
471 static int l_CmdConsole(lua_State *L) {
472 CommandReceived((char *)luaL_checkstring(L, 1));
473 return 0;
474 }
475
476 static int l_iso15693_crc(lua_State *L) {
477 uint32_t tmp;
478 unsigned char buf[PM3_CMD_DATA_SIZE] = {0x00};
479 size_t size = 0;
480 const char *data = luaL_checklstring(L, 1, &size);
481
482 for (int i = 0; i < size; i += 2) {
483 sscanf(&data[i], "%02x", &tmp);
484 buf[i / 2] = tmp & 0xFF;
485 }
486
487 size /= 2;
488 compute_crc(CRC_15693, buf, size, &buf[size], &buf[size + 1]);
489 lua_pushlstring(L, (const char *)&buf, size + 2);
490 return 1;
491 }
492
493 static int l_iso14443b_crc(lua_State *L) {
494 uint32_t tmp;
495 unsigned char buf[PM3_CMD_DATA_SIZE] = {0x00};
496 size_t size = 0;
497 const char *data = luaL_checklstring(L, 1, &size);
498
499 for (int i = 0; i < size; i += 2) {
500 sscanf(&data[i], "%02x", &tmp);
501 buf[i / 2] = tmp & 0xFF;
502 }
503
504 size /= 2;
505 compute_crc(CRC_14443_B, buf, size, &buf[size], &buf[size + 1]);
506 lua_pushlstring(L, (const char *)&buf, size + 2);
507 return 1;
508 }
509
510 /*
511 Simple AES 128 cbc hook up to OpenSSL.
512 params: key, input
513 */
514 static int l_aes128decrypt_cbc(lua_State *L) {
515 //Check number of arguments
516 int i;
517 uint32_t tmp;
518 size_t size;
519 const char *p_key = luaL_checklstring(L, 1, &size);
520 if (size != 32)
521 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
522
523 const char *p_encTxt = luaL_checklstring(L, 2, &size);
524
525 unsigned char indata[16] = {0x00};
526 unsigned char outdata[16] = {0x00};
527 unsigned char aes_key[16] = {0x00};
528 unsigned char iv[16] = {0x00};
529
530 // convert key to bytearray and convert input to bytearray
531 for (i = 0; i < 32; i += 2) {
532 sscanf(&p_encTxt[i], "%02x", &tmp);
533 indata[i / 2] = tmp & 0xFF;
534 sscanf(&p_key[i], "%02x", &tmp);
535 aes_key[i / 2] = tmp & 0xFF;
536 }
537
538 mbedtls_aes_context ctx;
539 mbedtls_aes_init(&ctx);
540 mbedtls_aes_setkey_dec(&ctx, aes_key, 128);
541 mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, sizeof(indata), iv, indata, outdata);
542 //Push decrypted array as a string
543 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
544 return 1;// return 1 to signal one return value
545 }
546 static int l_aes128decrypt_ecb(lua_State *L) {
547 //Check number of arguments
548 int i;
549 uint32_t tmp;
550 size_t size;
551 const char *p_key = luaL_checklstring(L, 1, &size);
552 if (size != 32)
553 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
554
555 const char *p_encTxt = luaL_checklstring(L, 2, &size);
556
557 unsigned char indata[16] = {0x00};
558 unsigned char outdata[16] = {0x00};
559 unsigned char aes_key[16] = {0x00};
560
561 // convert key to bytearray and convert input to bytearray
562 for (i = 0; i < 32; i += 2) {
563 sscanf(&p_encTxt[i], "%02x", &tmp);
564 indata[i / 2] = tmp & 0xFF;
565 sscanf(&p_key[i], "%02x", &tmp);
566 aes_key[i / 2] = tmp & 0xFF;
567 }
568 mbedtls_aes_context ctx;
569 mbedtls_aes_init(&ctx);
570 mbedtls_aes_setkey_dec(&ctx, aes_key, 128);
571 mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_DECRYPT, indata, outdata);
572
573 //Push decrypted array as a string
574 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
575 return 1;// return 1 to signal one return value
576 }
577
578 static int l_aes128encrypt_cbc(lua_State *L) {
579 //Check number of arguments
580 int i;
581 uint32_t tmp;
582 size_t size;
583 const char *p_key = luaL_checklstring(L, 1, &size);
584 if (size != 32)
585 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
586
587 const char *p_txt = luaL_checklstring(L, 2, &size);
588
589 unsigned char indata[16] = {0x00};
590 unsigned char outdata[16] = {0x00};
591 unsigned char aes_key[16] = {0x00};
592 unsigned char iv[16] = {0x00};
593
594 for (i = 0; i < 32; i += 2) {
595 sscanf(&p_txt[i], "%02x", &tmp);
596 indata[i / 2] = tmp & 0xFF;
597 sscanf(&p_key[i], "%02x", &tmp);
598 aes_key[i / 2] = tmp & 0xFF;
599 }
600
601 mbedtls_aes_context ctx;
602 mbedtls_aes_init(&ctx);
603 mbedtls_aes_setkey_enc(&ctx, aes_key, 128);
604 mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, sizeof(indata), iv, indata, outdata);
605 //Push encrypted array as a string
606 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
607 return 1;// return 1 to signal one return value
608 }
609
610 static int l_aes128encrypt_ecb(lua_State *L) {
611 //Check number of arguments
612 int i;
613 uint32_t tmp;
614 size_t size;
615 const char *p_key = luaL_checklstring(L, 1, &size);
616 if (size != 32)
617 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
618
619 const char *p_txt = luaL_checklstring(L, 2, &size);
620
621 unsigned char indata[16] = {0x00};
622 unsigned char outdata[16] = {0x00};
623 unsigned char aes_key[16] = {0x00};
624
625 for (i = 0; i < 32; i += 2) {
626 sscanf(&p_txt[i], "%02x", &tmp);
627 indata[i / 2] = tmp & 0xFF;
628 sscanf(&p_key[i], "%02x", &tmp);
629 aes_key[i / 2] = tmp & 0xFF;
630 }
631 mbedtls_aes_context ctx;
632 mbedtls_aes_init(&ctx);
633 mbedtls_aes_setkey_enc(&ctx, aes_key, 128);
634 mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT, indata, outdata);
635 //Push encrypted array as a string
636 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
637 return 1;// return 1 to signal one return value
638 }
639
640 static int l_crc8legic(lua_State *L) {
641 size_t size;
642 const char *p_hexstr = luaL_checklstring(L, 1, &size);
643 uint16_t retval = CRC8Legic((uint8_t *)p_hexstr, size);
644 lua_pushunsigned(L, retval);
645 return 1;
646 }
647
648 static int l_crc16legic(lua_State *L) {
649 size_t hexsize, uidsize;
650
651 // data as hex string
652 const char *p_hexstr = luaL_checklstring(L, 1, &hexsize);
653
654 // calc uid crc based on uid hex
655 const char *p_uid = luaL_checklstring(L, 2, &uidsize);
656 uint16_t uidcrc = CRC8Legic((uint8_t *)p_uid, uidsize);
657
658 init_table(CRC_LEGIC_16);
659 uint16_t retval = crc16_legic((uint8_t *)p_hexstr, hexsize, uidcrc);
660 lua_pushunsigned(L, retval);
661 return 1;
662 }
663
664
665 static int l_crc16(lua_State *L) {
666 size_t size;
667 const char *p_str = luaL_checklstring(L, 1, &size);
668
669 uint16_t checksum = Crc16ex(CRC_CCITT, (uint8_t *) p_str, size);
670 lua_pushunsigned(L, checksum);
671 return 1;
672 }
673
674 static int l_crc64(lua_State *L) {
675 size_t size;
676 uint64_t crc = 0;
677 unsigned char outdata[8] = {0x00};
678
679 const char *p_str = luaL_checklstring(L, 1, &size);
680
681 crc64((uint8_t *) p_str, size, &crc);
682
683 outdata[0] = (uint8_t)(crc >> 56) & 0xff;
684 outdata[1] = (uint8_t)(crc >> 48) & 0xff;
685 outdata[2] = (uint8_t)(crc >> 40) & 0xff;
686 outdata[3] = (uint8_t)(crc >> 32) & 0xff;
687 outdata[4] = (uint8_t)(crc >> 24) & 0xff;
688 outdata[5] = (uint8_t)(crc >> 16) & 0xff;
689 outdata[6] = (uint8_t)(crc >> 8) & 0xff;
690 outdata[7] = crc & 0xff;
691 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
692 return 1;
693 }
694
695 // TO BE IMPLEMENTED
696 static int l_crc64_ecma182(lua_State *L) {
697 //size_t size;
698 uint64_t crc = 0;
699 unsigned char outdata[8] = {0x00};
700 //const char *p_str = luaL_checklstring(L, 1, &size);
701
702 //init
703 //crc64_ecma182(NULL, 0, &crc);
704 crc = 0x338103260CC4;
705
706 // calc hash
707 //crc64_ecma182((uint8_t*) p_str, size, &crc);
708
709 outdata[0] = (uint8_t)(crc >> 56) & 0xff;
710 outdata[1] = (uint8_t)(crc >> 48) & 0xff;
711 outdata[2] = (uint8_t)(crc >> 40) & 0xff;
712 outdata[3] = (uint8_t)(crc >> 32) & 0xff;
713 outdata[4] = (uint8_t)(crc >> 24) & 0xff;
714 outdata[5] = (uint8_t)(crc >> 16) & 0xff;
715 outdata[6] = (uint8_t)(crc >> 8) & 0xff;
716 outdata[7] = crc & 0xff;
717 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
718 return 1;
719 }
720
721 static int l_sha1(lua_State *L) {
722 size_t size;
723 const char *p_str = luaL_checklstring(L, 1, &size);
724 unsigned char outdata[20] = {0x00};
725 mbedtls_sha1((uint8_t *) p_str, size, outdata);
726 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
727 return 1;
728 }
729
730 static int l_reveng_models(lua_State *L) {
731
732 // This array needs to be adjusted if RevEng adds more crc-models.
733 #define NMODELS 106
734
735 int count = 0;
736 uint8_t in_width = luaL_checkunsigned(L, 1);
737 if (in_width > 89)
738 return returnToLuaWithError(L, "Width cannot exceed 89, got %d", in_width);
739
740 uint8_t width[NMODELS];
741 memset(width, 0, sizeof(width));
742 char *models[NMODELS];
743
744 width[0] = in_width;
745
746 if (!GetModels(models, &count, width))
747 return returnToLuaWithError(L, "didn't find any models");
748
749 lua_newtable(L);
750 for (int i = 0; i < count; i++) {
751 lua_pushstring(L, (const char *)models[i]);
752 lua_rawseti(L, -2, i + 1);
753 free(models[i]);
754 }
755 return 1;
756 }
757
758 //Called with 4 parameters.
759 // inModel ,string containing the crc model name: 'CRC-8'
760 // inHexStr ,string containing the hex representation of the data that will be used for CRC calculations.
761 // reverse ,int 0/1 (bool) if 1, calculate the reverse CRC
762 // endian ,char, 'B','b','L','l','t','r' describing if Big-Endian or Little-Endian should be used in different combinations.
763 //
764 // outputs: string with hex representation of the CRC result
765 static int l_reveng_runmodel(lua_State *L) {
766 //-c || -v
767 //inModel = valid model name string - CRC-8
768 //inHexStr = input hex string to calculate crc on
769 //reverse = reverse calc option if true
770 //endian = {0 = calc default endian input and output, b = big endian input and output, B = big endian output, r = right justified
771 // l = little endian input and output, L = little endian output only, t = left justified}
772 //result = calculated crc hex string
773 char result[50];
774 memset(result, 0x00, sizeof(result));
775
776 const char *inModel = luaL_checkstring(L, 1);
777 const char *inHexStr = luaL_checkstring(L, 2);
778 bool reverse = lua_toboolean(L, 3);
779 const char endian = luaL_checkstring(L, 4)[0];
780
781 int ans = RunModel((char *)inModel, (char *)inHexStr, reverse, endian, result);
782 if (!ans)
783 return returnToLuaWithError(L, "Reveng failed");
784
785 lua_pushstring(L, result);
786 return 1;
787 }
788
789 static int l_hardnested(lua_State *L) {
790
791 bool haveTarget = true;
792 size_t size;
793 uint32_t tmp;
794 const char *p_blockno = luaL_checklstring(L, 1, &size);
795 if (size != 2)
796 return returnToLuaWithError(L, "Wrong size of blockNo, got %d bytes, expected 2", (int) size);
797
798 const char *p_keytype = luaL_checklstring(L, 2, &size);
799 if (size != 1)
800 return returnToLuaWithError(L, "Wrong size of keyType, got %d bytes, expected 1", (int) size);
801
802 const char *p_key = luaL_checklstring(L, 3, &size);
803 if (size != 12)
804 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 12", (int) size);
805
806 const char *p_trg_blockno = luaL_checklstring(L, 4, &size);
807 if (size != 2)
808 return returnToLuaWithError(L, "Wrong size of trgBlockNo, got %d bytes, expected 2", (int) size);
809
810 const char *p_trg_keytype = luaL_checklstring(L, 5, &size);
811 if (size != 1)
812 return returnToLuaWithError(L, "Wrong size of trgKeyType, got %d bytes, expected 1", (int) size);
813
814 const char *p_trgkey = luaL_checklstring(L, 6, &size);
815 if (size != 12)
816 haveTarget = false;
817
818 const char *p_nonce_file_read = luaL_checklstring(L, 7, &size);
819 if (size != 1)
820 return returnToLuaWithError(L, "Wrong size of nonce_file_read, got %d bytes, expected 1", (int) size);
821
822 const char *p_nonce_file_write = luaL_checklstring(L, 8, &size);
823 if (size != 1)
824 return returnToLuaWithError(L, "Wrong size of nonce_file_write, got %d bytes, expected 1", (int) size);
825
826 const char *p_slow = luaL_checklstring(L, 9, &size);
827 if (size != 1)
828 return returnToLuaWithError(L, "Wrong size of slow, got %d bytes, expected 1", (int) size);
829
830 const char *p_tests = luaL_checklstring(L, 10, &size);
831 if (size != 1)
832 return returnToLuaWithError(L, "Wrong size of tests, got %d bytes, expected 1", (int) size);
833
834 char filename[FILE_PATH_SIZE] = "nonces.bin";
835 const char *p_filename = luaL_checklstring(L, 11, &size);
836 if (size != 0)
837 memcpy(filename, p_filename, FILE_PATH_SIZE - 1);
838
839 uint32_t blockNo = 0, keyType = 0;
840 uint32_t trgBlockNo = 0, trgKeyType = 0;
841 uint32_t slow = 0, tests = 0;
842 uint32_t nonce_file_read = 0, nonce_file_write = 0;
843 sscanf(p_blockno, "%02x", &blockNo);
844 sscanf(p_keytype, "%x", &keyType);
845 sscanf(p_trg_blockno, "%02x", &trgBlockNo);
846 sscanf(p_trg_keytype, "%x", &trgKeyType);
847 sscanf(p_nonce_file_read, "%x", &nonce_file_read);
848 sscanf(p_nonce_file_write, "%x", &nonce_file_write);
849
850 sscanf(p_slow, "%x", &slow);
851 sscanf(p_tests, "%x", &tests);
852
853 uint8_t key[6] = {0, 0, 0, 0, 0, 0};
854 uint8_t trgkey[6] = {0, 0, 0, 0, 0, 0};
855 for (int i = 0; i < 12; i += 2) {
856 sscanf(&p_key[i], "%02x", &tmp);
857 key[i / 2] = tmp & 0xFF;
858 if (haveTarget) {
859 sscanf(&p_trgkey[i], "%02x", &tmp);
860 trgkey[i / 2] = tmp & 0xFF;
861 }
862 }
863
864 uint64_t foundkey = 0;
865 int retval = mfnestedhard(blockNo, keyType, key, trgBlockNo, trgKeyType, haveTarget ? trgkey : NULL, nonce_file_read, nonce_file_write, slow, tests, &foundkey, filename);
866 DropField();
867
868 //Push the key onto the stack
869 uint8_t dest_key[6];
870 num_to_bytes(foundkey, sizeof(dest_key), dest_key);
871
872 //Push the retval on the stack
873 lua_pushinteger(L, retval);
874 lua_pushlstring(L, (const char *) dest_key, sizeof(dest_key));
875 return 2; //Two return values
876 }
877
878 /**
879 * @brief l_validate_prng is a function to test is a nonce is using the weak PRNG
880 * detection = 1 == weak, 0 == hard , -1 = failed
881 * @param L
882 * @return
883 */
884 static int l_detect_prng(lua_State *L) {
885 int res = detect_classic_prng();
886 lua_pushinteger(L, res);
887 return 1;
888 }
889 /*
890 * @brief l_keygen_algoB is a function to calculate pwd/pack using UID, by algo B
891 * @param L
892 * @return
893 */
894 static int l_keygen_algoB(lua_State *L) {
895 //Check number of arguments
896 int n = lua_gettop(L);
897 if (n != 1) {
898 return returnToLuaWithError(L, "Only UID");
899 }
900
901 size_t size;
902 uint32_t tmp;
903 const char *p_uid = luaL_checklstring(L, 1, &size);
904 if (size != 14)
905 return returnToLuaWithError(L, "Wrong size of UID, got %d bytes, expected 14", (int) size);
906
907 uint8_t uid[7] = {0, 0, 0, 0, 0, 0, 0};
908
909 for (int i = 0; i < 14; i += 2) {
910 sscanf(&p_uid[i], "%02x", &tmp);
911 uid[i / 2] = tmp & 0xFF;
912 }
913
914 uint32_t pwd = ul_ev1_pwdgenB(uid);
915 uint16_t pack = ul_ev1_packgenB(uid);
916
917 lua_pushunsigned(L, pwd);
918 lua_pushunsigned(L, pack);
919 return 2;
920 }
921
922 /*
923 * @brief l_keygen_algoD is a function to calculate pwd/pack using UID, by algo D
924 * @param L
925 * @return
926 */
927 static int l_keygen_algoD(lua_State *L) {
928 //Check number of arguments
929 int n = lua_gettop(L);
930 if (n != 1) {
931 return returnToLuaWithError(L, "Only UID");
932 }
933
934 size_t size;
935 uint32_t tmp;
936 const char *p_uid = luaL_checklstring(L, 1, &size);
937 if (size != 14)
938 return returnToLuaWithError(L, "Wrong size of UID, got %d bytes, expected 14", (int) size);
939
940 uint8_t uid[7] = {0, 0, 0, 0, 0, 0, 0};
941
942 for (int i = 0; i < 14; i += 2) {
943 sscanf(&p_uid[i], "%02x", &tmp);
944 uid[i / 2] = tmp & 0xFF;
945 }
946
947 uint32_t pwd = ul_ev1_pwdgenD(uid);
948 uint16_t pack = ul_ev1_packgenD(uid);
949
950 lua_pushunsigned(L, pwd);
951 lua_pushunsigned(L, pack);
952 return 2;
953 }
954
955 /*
956 Read T55Xx block.
957 param1 uint8_t block
958 param2 bool page1
959 param3 bool override
960 param4 uint32_t password
961 */
962 static int l_T55xx_readblock(lua_State *L) {
963
964 //Check number of arguments
965 int n = lua_gettop(L);
966 if (n != 4)
967 return returnToLuaWithError(L, "Wrong number of arguments, got %d bytes, expected 4", n);
968
969 uint32_t block, usepage1, override, password = 0;
970 bool usepwd;
971 size_t size;
972
973 const char *p_blockno = luaL_checklstring(L, 1, &size);
974 if (size < 1 || size > 2)
975 return returnToLuaWithError(L, "Wrong size of blockNo, got %d, expected 1 or 2", (int) size);
976
977 sscanf(p_blockno, "%x", &block);
978
979 const char *p_usepage1 = luaL_checklstring(L, 2, &size);
980 if (size != 1)
981 return returnToLuaWithError(L, "Wrong size of usePage1, got %d, expected 1", (int) size);
982
983 sscanf(p_usepage1, "%x", &usepage1);
984
985 const char *p_override = luaL_checklstring(L, 3, &size);
986 if (size != 1)
987 return returnToLuaWithError(L, "Wrong size of override, got %d, expected 1", (int) size);
988
989 sscanf(p_override, "%x", &override);
990
991 const char *p_pwd = luaL_checklstring(L, 4, &size);
992 if (size == 0) {
993 usepwd = false;
994 } else {
995
996 if (size != 8)
997 return returnToLuaWithError(L, "Wrong size of pwd, got %d , expected 8", (int) size);
998
999 sscanf(p_pwd, "%08x", &password);
1000 usepwd = true;
1001 }
1002
1003 //Password mode
1004 if (usepwd) {
1005 // try reading the config block and verify that PWD bit is set before doing this!
1006 if (!override) {
1007
1008 if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, 0)) {
1009 return returnToLuaWithError(L, "Failed to read config block");
1010 }
1011
1012 if (!t55xxTryDetectModulation(0, true)) { // Default to prev. behaviour (default dl mode and print config)
1013 PrintAndLogEx(NORMAL, "Safety Check: Could not detect if PWD bit is set in config block. Exits.");
1014 return 0;
1015 } else {
1016 PrintAndLogEx(NORMAL, "Safety Check: PWD bit is NOT set in config block. Reading without password...");
1017 usepwd = false;
1018 usepage1 = false;
1019 }
1020 } else {
1021 PrintAndLogEx(NORMAL, "Safety Check Overridden - proceeding despite risk");
1022 }
1023 }
1024
1025 if (!AcquireData(usepage1, block, usepwd, password, 0)) {
1026 return returnToLuaWithError(L, "Failed to acquire data from card");
1027 }
1028
1029 if (!DecodeT55xxBlock()) {
1030 return returnToLuaWithError(L, "Failed to decode signal");
1031 }
1032
1033 uint32_t blockData = 0;
1034 if (GetT55xxBlockData(&blockData) == false) {
1035 return returnToLuaWithError(L, "Failed to get actual data");
1036 }
1037
1038 lua_pushunsigned(L, blockData);
1039 return 1;
1040 }
1041
1042 // arg 1 = pwd
1043 // arg 2 = use GB
1044 static int l_T55xx_detect(lua_State *L) {
1045 bool useGB = false, usepwd = false, isok;
1046 uint32_t gb, password = 0;
1047 size_t size;
1048
1049 //Check number of arguments
1050 int n = lua_gettop(L);
1051
1052 switch (n) {
1053 case 2: {
1054 const char *p_gb = luaL_checklstring(L, 2, &size);
1055 if (size != 1)
1056 return returnToLuaWithError(L, "Wrong size of useGB, got %d , expected 1", (int) size);
1057
1058 sscanf(p_gb, "%u", &gb);
1059 useGB = (gb) ? true : false;
1060 PrintAndLogEx(INFO, "p_gb size %zu | %c", size, useGB ? 'Y' : 'N');
1061 }
1062 case 1: {
1063 const char *p_pwd = luaL_checklstring(L, 1, &size);
1064 if (size == 0) {
1065 usepwd = false;
1066 } else {
1067
1068 if (size != 8)
1069 return returnToLuaWithError(L, "Wrong size of pwd, got %d , expected 8", (int) size);
1070
1071 sscanf(p_pwd, "%08x", &password);
1072 usepwd = true;
1073 }
1074 break;
1075 }
1076 default :
1077 break;
1078 }
1079
1080 if (!useGB) {
1081
1082 isok = AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, 0);
1083 if (isok == false) {
1084 return returnToLuaWithError(L, "Failed to acquire LF signal data");
1085 }
1086 }
1087
1088 isok = t55xxTryDetectModulation(0, true); // Default to prev. behaviour (default dl mode and print config)
1089 if (isok == false) {
1090 return returnToLuaWithError(L, "Could not detect modulation automatically. Try setting it manually with \'lf t55xx config\'");
1091 }
1092
1093 lua_pushinteger(L, isok);
1094 lua_pushstring(L, "Success");
1095 return 2;
1096 }
1097
1098 // 4305
1099 static int l_em4x05_read(lua_State *L) {
1100
1101 bool use_pwd = false;
1102 uint32_t addr, password = 0;
1103
1104 //Check number of arguments
1105 //int n = lua_gettop(L);
1106
1107 // get addr
1108 size_t size = 0;
1109 const char *p_addr = luaL_checklstring(L, 1, &size);
1110 sscanf(p_addr, "%u", &addr);
1111
1112 // get password
1113 const char *p_pwd = luaL_checkstring(L, 2);
1114 if (p_pwd == NULL || strlen(p_pwd) == 0) {
1115 use_pwd = false;
1116 } else {
1117 if (strlen(p_pwd) != 8)
1118 return returnToLuaWithError(L, "Wrong size of password, got %zu , expected 8", strlen(p_pwd));
1119
1120 sscanf(p_pwd, "%08x", &password);
1121 use_pwd = true;
1122 }
1123
1124 PrintAndLogEx(DEBUG, "Addr %u", addr);
1125 if (use_pwd)
1126 PrintAndLogEx(DEBUG, " Pwd %08X", password);
1127
1128 uint32_t word = 0;
1129 int res = em4x05_read_word_ext(addr, password, use_pwd, &word);
1130 if (res != PM3_SUCCESS) {
1131 return returnToLuaWithError(L, "Failed to read EM4x05 data");
1132 }
1133
1134 lua_pushinteger(L, word);
1135 return 1;
1136 }
1137
1138 // 4350
1139 static int l_em4x50_read(lua_State *L) {
1140
1141 // get addr
1142 size_t size = 0;
1143 const char *p_addr = luaL_checklstring(L, 1, &size);
1144 uint32_t addr = 0;
1145 sscanf(p_addr, "%u", &addr);
1146
1147 if (addr > 31)
1148 return returnToLuaWithError(L, "Address out-of-range (0..31) got %u", addr);
1149
1150 // setting up structures
1151 em4x50_data_t etd;
1152 memset(&etd, 0x00, sizeof(em4x50_data_t));
1153 etd.addr_given = true;
1154 etd.addresses = addr & 0xFF;
1155
1156 // get password
1157 const char *p_pwd = luaL_checkstring(L, 2);
1158 if (p_pwd == NULL || strlen(p_pwd) == 0) {
1159 etd.pwd_given = false;
1160 } else {
1161 if (strlen(p_pwd) != 8)
1162 return returnToLuaWithError(L, "Wrong size of password, got %zu , expected 8", strlen(p_pwd));
1163
1164 uint32_t pwd = 0;
1165 sscanf(p_pwd, "%08x", &pwd);
1166
1167 PrintAndLogEx(DEBUG, " Pwd %08X", pwd);
1168
1169 etd.password1 = pwd;
1170 etd.pwd_given = true;
1171 }
1172
1173 PrintAndLogEx(DEBUG, "Addr %u", etd.addresses & 0xFF);
1174 if (etd.pwd_given)
1175 PrintAndLogEx(DEBUG, " Pwd %08x", etd.password1);
1176
1177 em4x50_word_t words[EM4X50_NO_WORDS];
1178
1179 int res = em4x50_read(&etd, words);
1180 if (res != PM3_SUCCESS) {
1181 return returnToLuaWithError(L, "Failed to read EM4x50 data");
1182 }
1183
1184 uint32_t word = (
1185 words[etd.addresses & 0xFF].byte[0] << 24 |
1186 words[etd.addresses & 0xFF].byte[1] << 16 |
1187 words[etd.addresses & 0xFF].byte[2] << 8 |
1188 words[etd.addresses & 0xFF].byte[3]
1189 );
1190 lua_pushinteger(L, word);
1191 return 1;
1192 }
1193
1194 //
1195 static int l_ndefparse(lua_State *L) {
1196
1197 //Check number of arguments
1198 int n = lua_gettop(L);
1199 if (n != 3) {
1200 return returnToLuaWithError(L, "You need to supply three parameters");
1201 }
1202
1203 size_t datalen = luaL_checknumber(L, 1);
1204 bool verbose = luaL_checknumber(L, 2);
1205
1206 uint8_t *data = calloc(datalen, sizeof(uint8_t));
1207 if (data == 0) {
1208 return returnToLuaWithError(L, "Allocating memory failed");
1209 }
1210
1211 // data
1212 size_t size;
1213 const char *p_data = luaL_checklstring(L, 3, &size);
1214 if (size) {
1215 if (size > (datalen << 1))
1216 size = (datalen << 1);
1217
1218 uint32_t tmp;
1219 for (int i = 0; i < size; i += 2) {
1220 sscanf(&p_data[i], "%02x", &tmp);
1221 data[i >> 1] = tmp & 0xFF;
1222 }
1223 }
1224
1225 int res = NDEFDecodeAndPrint(data, datalen, verbose);
1226 lua_pushinteger(L, res);
1227 return 1;
1228 }
1229
1230 static int l_ul_read_uid(lua_State *L) {
1231 uint8_t uid[7] = { 0, 0, 0, 0, 0, 0, 0 };
1232 int res = ul_read_uid(uid);
1233 if (res != PM3_SUCCESS) {
1234 return returnToLuaWithError(L, "Failed to read Ultralight/NTAG UID");
1235 }
1236 char buf[15];
1237 memset(buf, 0, sizeof(buf));
1238 snprintf(buf, sizeof(buf), "%02X%02X%02X%02X%02X%02X%02X", uid[0], uid[1], uid[2], uid[3], uid[4], uid[5], uid[6]);
1239 lua_pushstring(L, buf);
1240 return 1;
1241 }
1242
1243 static int l_remark(lua_State *L) {
1244 //Check number of arguments
1245 int n = lua_gettop(L);
1246 if (n != 1) {
1247 return returnToLuaWithError(L, "Only one string allowed");
1248 }
1249
1250 size_t size;
1251 const char *s = luaL_checklstring(L, 1, &size);
1252 int res = CmdRem(s);
1253 lua_pushinteger(L, res);
1254 return 1;
1255 }
1256
1257 static int l_set_iso_dep_state(lua_State *L) {
1258
1259 //Check number of arguments
1260 int n = lua_gettop(L);
1261 if (n != 1) {
1262 return returnToLuaWithError(L, "Only one value allowed");
1263 }
1264
1265 size_t state = luaL_checknumber(L, 1);
1266 switch (state) {
1267 case 0:
1268 SetISODEPState(ISODEP_INACTIVE);
1269 break;
1270 case 1:
1271 SetISODEPState(ISODEP_NFCA);
1272 break;
1273 case 2:
1274 SetISODEPState(ISODEP_NFCB);
1275 break;
1276 case 3:
1277 SetISODEPState(ISODEP_NFCV);
1278 break;
1279 default:
1280 return returnToLuaWithError(L, "Wrong ISODEP STATE value");
1281 }
1282 return 1;
1283 }
1284
1285 // 1. filename
1286 // 2. extension
1287 // output: full search path to file
1288 static int l_searchfile(lua_State *L) {
1289 // Check number of arguments
1290 int n = lua_gettop(L);
1291 if (n != 2) {
1292 return returnToLuaWithError(L, "Only filename and extension");
1293 }
1294
1295 size_t size;
1296 // data
1297 const char *filename = luaL_checklstring(L, 1, &size);
1298 if (size == 0) {
1299 return returnToLuaWithError(L, "Must specify filename");
1300 }
1301
1302 const char *suffix = luaL_checklstring(L, 2, &size);
1303 char *path;
1304 int res = searchFile(&path, "", filename, suffix, false);
1305 if (res != PM3_SUCCESS) {
1306 return returnToLuaWithError(L, "Failed to find file");
1307 }
1308
1309 lua_pushstring(L, path);
1310 free(path);
1311 return 1;
1312 }
1313
1314 static int l_ud(lua_State *L) {
1315 const char *ud = get_my_user_directory();
1316 lua_pushstring(L, ud);
1317 return 1;
1318 }
1319 static int l_ewd(lua_State *L) {
1320 const char *ewd = get_my_executable_directory();
1321 lua_pushstring(L, ewd);
1322 return 1;
1323 }
1324 static int l_cwd(lua_State *L) {
1325
1326 uint16_t path_len = FILENAME_MAX; // should be a good starting point
1327 char *cwd = (char *)calloc(path_len, sizeof(uint8_t));
1328 if (cwd == NULL) {
1329 return returnToLuaWithError(L, "Failed to allocate memory");
1330 }
1331
1332 while (GetCurrentDir(cwd, path_len) == NULL) {
1333 if (errno == ERANGE) { // Need bigger buffer
1334 path_len += 10; // if buffer was too small add 10 characters and try again
1335 char *cwdNew = realloc(cwd, path_len);
1336 if (cwdNew == NULL) {
1337 free(cwd);
1338 return returnToLuaWithError(L, "Failed to allocate memory");
1339 }
1340 cwd = cwdNew;
1341 } else {
1342 free(cwd);
1343 return returnToLuaWithError(L, "Failed to get current working directory");
1344 }
1345 }
1346 lua_pushstring(L, cwd);
1347 free(cwd);
1348 return 1;
1349 }
1350
1351 // ref: https://github.com/RfidResearchGroup/proxmark3/issues/891
1352 // redirect LUA's print to Proxmark3 PrintAndLogEx
1353 static int l_printandlogex(lua_State *L) {
1354 int n = lua_gettop(L);
1355 for (int i = 1; i <= n; i++) {
1356 if (lua_isstring(L, i)) {
1357 PrintAndLogEx(NORMAL, "%s\t" NOLF, lua_tostring(L, i));
1358 }
1359 }
1360 PrintAndLogEx(NORMAL, "");
1361 return 0;
1362 }
1363
1364 /**
1365 * @brief Sets the lua path to include "./lualibs/?.lua", in order for a script to be
1366 * able to do "require('foobar')" if foobar.lua is within lualibs folder.
1367 * Taken from http://stackoverflow.com/questions/4125971/setting-the-global-lua-path-variable-from-c-c
1368 * @param L
1369 * @param path
1370 * @return
1371 */
1372 static int setLuaPath(lua_State *L, const char *path) {
1373 lua_getglobal(L, "package");
1374 lua_getfield(L, -1, "path"); // get field "path" from table at top of stack (-1)
1375 const char *cur_path = lua_tostring(L, -1); // grab path string from top of stack
1376 int requiredLength = strlen(cur_path) + strlen(path) + 10; //A few bytes too many, whatever we can afford it
1377 char *buf = calloc(requiredLength, sizeof(char));
1378 snprintf(buf, requiredLength, "%s;%s", cur_path, path);
1379 lua_pop(L, 1); // get rid of the string on the stack we just pushed on line 5
1380 lua_pushstring(L, buf); // push the new one
1381 lua_setfield(L, -2, "path"); // set the field "path" in table at -2 with value at top of stack
1382 lua_pop(L, 1); // get rid of package table from top of stack
1383 free(buf);
1384 return 0; // all done!
1385 }
1386
1387 int set_pm3_libraries(lua_State *L) {
1388 static const luaL_Reg libs[] = {
1389 {"SendCommandMIX", l_SendCommandMIX},
1390 {"SendCommandNG", l_SendCommandNG},
1391 {"GetFromBigBuf", l_GetFromBigBuf},
1392 {"GetFromFlashMem", l_GetFromFlashMem},
1393 {"GetFromFlashMemSpiffs", l_GetFromFlashMemSpiffs},
1394 {"WaitForResponseTimeout", l_WaitForResponseTimeout},
1395 {"mfDarkside", l_mfDarkside},
1396 {"foobar", l_foobar},
1397 {"kbd_enter_pressed", l_kbd_enter_pressed},
1398 {"clearCommandBuffer", l_clearCommandBuffer},
1399 {"console", l_CmdConsole},
1400 {"iso15693_crc", l_iso15693_crc},
1401 {"iso14443b_crc", l_iso14443b_crc},
1402 {"aes128_decrypt", l_aes128decrypt_cbc},
1403 {"aes128_decrypt_ecb", l_aes128decrypt_ecb},
1404 {"aes128_encrypt", l_aes128encrypt_cbc},
1405 {"aes128_encrypt_ecb", l_aes128encrypt_ecb},
1406 {"crc8legic", l_crc8legic},
1407 {"crc16legic", l_crc16legic},
1408 {"crc16", l_crc16},
1409 {"crc64", l_crc64},
1410 {"crc64_ecma182", l_crc64_ecma182},
1411 {"sha1", l_sha1},
1412 {"reveng_models", l_reveng_models},
1413 {"reveng_runmodel", l_reveng_runmodel},
1414 {"hardnested", l_hardnested},
1415 {"detect_prng", l_detect_prng},
1416 // {"keygen.algoA", l_keygen_algoA},
1417 {"keygen_algo_b", l_keygen_algoB},
1418 // {"keygen.algoC", l_keygen_algoC},
1419 {"keygen_algo_d", l_keygen_algoD},
1420 {"t55xx_readblock", l_T55xx_readblock},
1421 {"t55xx_detect", l_T55xx_detect},
1422 {"ndefparse", l_ndefparse},
1423 {"fast_push_mode", l_fast_push_mode},
1424 {"search_file", l_searchfile},
1425 {"cwd", l_cwd},
1426 {"ewd", l_ewd},
1427 {"ud", l_ud},
1428 {"rem", l_remark},
1429 {"em4x05_read", l_em4x05_read},
1430 {"em4x50_read", l_em4x50_read},
1431 {"ul_read_uid", l_ul_read_uid},
1432 {"set_isodepstate", l_set_iso_dep_state},
1433 {NULL, NULL}
1434 };
1435
1436 lua_pushglobaltable(L);
1437 // Core library is in this table. Contains '
1438 // this is 'pm3' table
1439 lua_newtable(L);
1440
1441 // put the function into the hash table.
1442 for (int i = 0; libs[i].name; i++) {
1443 lua_pushcfunction(L, libs[i].func);
1444 lua_setfield(L, -2, libs[i].name);//set the name, pop stack
1445 }
1446 // Name of 'core'
1447 lua_setfield(L, -2, "core");
1448
1449 // remove the global environment table from the stack
1450 lua_pop(L, 1);
1451
1452 // print redirect here
1453 lua_register(L, "print", l_printandlogex);
1454
1455 // add to the LUA_PATH (package.path in lua)
1456 // so we can load scripts from various places:
1457 const char *exec_path = get_my_executable_directory();
1458 if (exec_path != NULL) {
1459 // from the ./luascripts/ directory
1460 char scripts_path[strlen(exec_path) + strlen(LUA_SCRIPTS_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1461 strcpy(scripts_path, exec_path);
1462 strcat(scripts_path, LUA_SCRIPTS_SUBDIR);
1463 strcat(scripts_path, LUA_LIBRARIES_WILDCARD);
1464 setLuaPath(L, scripts_path);
1465 // from the ./lualib/ directory
1466 char libraries_path[strlen(exec_path) + strlen(LUA_LIBRARIES_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1467 strcpy(libraries_path, exec_path);
1468 strcat(libraries_path, LUA_LIBRARIES_SUBDIR);
1469 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
1470 setLuaPath(L, libraries_path);
1471 }
1472 const char *user_path = get_my_user_directory();
1473 if (user_path != NULL) {
1474 // from the $HOME/.proxmark3/luascripts/ directory
1475 char scripts_path[strlen(user_path) + strlen(PM3_USER_DIRECTORY) + strlen(LUA_SCRIPTS_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1476 strcpy(scripts_path, user_path);
1477 strcat(scripts_path, PM3_USER_DIRECTORY);
1478 strcat(scripts_path, LUA_SCRIPTS_SUBDIR);
1479 strcat(scripts_path, LUA_LIBRARIES_WILDCARD);
1480 setLuaPath(L, scripts_path);
1481
1482 // from the $HOME/.proxmark3/lualib/ directory
1483 char libraries_path[strlen(user_path) + strlen(PM3_USER_DIRECTORY) + strlen(LUA_LIBRARIES_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1484 strcpy(libraries_path, user_path);
1485 strcat(libraries_path, PM3_USER_DIRECTORY);
1486 strcat(libraries_path, LUA_LIBRARIES_SUBDIR);
1487 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
1488 setLuaPath(L, libraries_path);
1489 }
1490
1491 if (exec_path != NULL) {
1492 // from the $PREFIX/share/proxmark3/luascripts/ directory
1493 char scripts_path[strlen(exec_path) + strlen(PM3_SHARE_RELPATH) + strlen(LUA_SCRIPTS_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1494 strcpy(scripts_path, exec_path);
1495 strcat(scripts_path, PM3_SHARE_RELPATH);
1496 strcat(scripts_path, LUA_SCRIPTS_SUBDIR);
1497 strcat(scripts_path, LUA_LIBRARIES_WILDCARD);
1498 setLuaPath(L, scripts_path);
1499 // from the $PREFIX/share/proxmark3/lualib/ directory
1500 char libraries_path[strlen(exec_path) + strlen(PM3_SHARE_RELPATH) + strlen(LUA_LIBRARIES_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1501 strcpy(libraries_path, exec_path);
1502 strcat(libraries_path, PM3_SHARE_RELPATH);
1503 strcat(libraries_path, LUA_LIBRARIES_SUBDIR);
1504 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
1505 setLuaPath(L, libraries_path);
1506 }
1507 return 1;
1508 }
Proxmark3 - the RFID research Swiss army knife. Iceman firmware