示例#1
0
    def execute(self, arg_components: components, arg_arguments=''):
        log.debug(self.__class__.__name__, "ENTER")

        uicc: uicc = arg_components.modeler.uicc

        change_pin1_state_key = None
        dict_args = convert_arguments_to_dict(arg_arguments)
        for key, value in dict_args.items():
            if key == "pin1":
                change_pin1_state_key = value

        # change pin1 state
        if change_pin1_state_key != None:
            if is_valid_pin_code(change_pin1_state_key) == False:
                print(self.get_res("invalid_pin"))
            else:
                msg = None
                if uicc.pin_enabled:
                    ret_result, ret_retries = uicc.disable_pin(
                        toASCIIBytes(change_pin1_state_key))
                    msg = self.get_res(
                        'disable_ok') if ret_result == ERROR.NONE else self.get_res('disable_fail')
                else:
                    ret_result, ret_retries = uicc.enable_pin(
                        toASCIIBytes(change_pin1_state_key))
                    msg = self.get_res(
                        'enable_ok') if ret_result == ERROR.NONE else self.get_res('enable_fail')
                print(msg)

            print(os.linesep, end='')

        print(self.get_res("pin1").format(self.get_res("enable"),
                                          res.get_string("yes") if uicc.pin_enabled else res.get_string("no")))
        print(self.get_res("pin1").format(self.get_res("verify"),
                                          res.get_string("yes") if uicc.pin_verified else res.get_string("na")))

        ret_result, ret_retries = uicc.verify_pin(PIN_TYPE.PIN1, "")
        print(self.get_res("pin1").format(self.get_res("retries"), ret_retries))

        # space line
        print('')

        print(self.get_res("adm").format(self.get_res("verify"),
                                         res.get_string("yes") if uicc.adm_verified else res.get_string("no")))

        ret_result, ret_retries = uicc.verify_pin(PIN_TYPE.ADM1, "")
        print(self.get_res("adm").format(self.get_res("retries"), ret_retries))

        log.debug(self.__class__.__name__, "EXIT")
示例#2
0
    def execute(self, arg_components: components, arg_arguments):
        log.debug(self.__class__.__name__, "ENTER")

        ret_state = STATE.ADM_CODE
        ret_arg = None

        verify_result, remainings = arg_components.modeler.uicc.verify_pin(
            PIN_TYPE.PIN1, toASCIIBytes(arg_arguments))

        # If enabled 'configuration.pin', store the pin code for auto verify
        if verify_result == ERROR.NONE:
            arg_components.modeler.uicc.pin_verified = True
            if arg_components.config.pin == 1:
                arg_components.config.update_pin_code(
                    arg_components.modeler.uicc.iccid, arg_arguments)
        else:
            if remainings == 0:
                ret_state = STATE.ERROR
                ret_arg = res.get_string("card_blocked")
            else:
                ret_state = STATE.PIN_CODE
                ret_arg = res.get_string("incorrect_pin_code").format(
                    remainings)

        log.debug(self.__class__.__name__, "EXIT")
        return (ret_state, ret_arg)
示例#3
0
def tuliskartu(nis):
    otentikasi = [0xFF, 0x88, 0x00, Mifare1k[0], 0x60, 0x00]

    r = readers()
    print "Available readers:", r

    reader = r[0]
    # print "Using:", reader

    connection = reader.createConnection()
    connection.connect()

    data, sw1, sw2 = connection.transmit(otentikasi)
    print data
    print "Select Applet: %02X %02X" % (sw1, sw2)

    # write
    cmd = [0xFF, 0xD6, 0x00, Mifare1k[0], 0x10]

    # nis = "123456789" + "1234567"
    for s in range(16):
        cmd.append(toASCIIBytes(nis[s])[0])

    data, sw1, sw2 = connection.transmit(cmd)
    print toASCIIString(data)
    print "Select Applet: %02X %02X" % (sw1, sw2)
示例#4
0
    def execute(self, arg_connection, arg_parameter=""):
        self.__logging.debug("execute()")

        ret_content = ""
        ret_err = ERROR.ERR_NONE
        ret_retry = 0

        # Converted all parameters to dict type
        dict_args = convert_arguments_to_dict(arg_parameter)

        # figure out the key & value of parameters
        for key, value in dict_args.items():
            action_key = key.lower()
            if action_key == 'pin2':
                ret_err, ret_retry = arg_connection.verify(
                    VERIFY_TYPE.PIN2.value, toASCIIBytes(value))
                if ret_err != ERROR.ERR_NONE:
                    ret_content += "PIN2 verified fail, remaining count: " + \
                        str(ret_retry) + "\n"
                else:
                    ret_content += "PIN2 verified pass.\n"
            elif action_key == 'onoff':
                action_name = ""
                if (arg_connection.get_pin1_enable_status()):
                    ret_err, ret_retry = arg_connection.disable_pin(
                        toASCIIBytes(value))
                    action_name = "disable"
                else:
                    ret_err, ret_retry = arg_connection.enable_pin(
                        toASCIIBytes(value))
                    action_name = "enable"

                if ret_err != ERROR.ERR_NONE:
                    ret_content += "SIM PIN " + action_name + " fail, remaining count: " + \
                        str(ret_retry) + "\n"
                else:
                    if action_name == 'disable':
                        arg_connection.set_pin1_enable_status(False)
                    else:
                        arg_connection.set_pin1_enable_status(True)

                    ret_content += "SIM PIN " + action_name + " success.\n"

        if ret_content == "":
            ret_content = "PIN1 Enabled: %s" % (
                arg_connection.get_pin1_enable_status())
        return ret_content
示例#5
0
 def find_minimum_length(emv):
     # Some cards require a minimum filename length for selecting filenames
     name = '1PAY.SYS.DDF01'
     for i in range(len(name), 0, -1):
         try:
             prefix = name[:i]
             result = emv.select_by_df(toASCIIBytes(prefix))
         except EMVException, e:
             if (e.sw1, e.sw2) == (0x6a, 0x82):  # not found
                 return i + 1
示例#6
0
def encrypt_user_data(user_data):
	#TODO
#	binstring = HexListToBinString( user_data )
	user_data=padd(toASCIIBytes(user_data),16)
	cipher = AES.new(key_as_binstring,AES.MODE_ECB )
	encrypted_as_string = cipher.encrypt(toASCIIString(user_data)).encode('hex')
	decrypted_as_string = cipher.decrypt( encrypted_as_string )

	print("ans",encrypted_as_string,decrypted_as_string)
	return  toBytes(encrypted_as_string)
示例#7
0
def test_write():
    vxco = VXCardObserver()
    vxco.card = Mock()
    vxco.card.connection = Mock()
    vxco.card.connection.transmit = Mock(return_value=(None,None,None))
    vxco._read_bytes = Mock(return_value=toASCIIBytes(TEST_STRING))
    
    rv = vxco.write(TEST_STRING)

    assert rv
    vxco._read_bytes.assert_called()
示例#8
0
    def find_unique_id(self):
        # caller should power cycle and try again to detect randomised IDs
        if self.uid == '21222324':
            name, sfi = self.emv.select_by_df(toASCIIBytes('1PAY.SYS.DDF01'))
            apps = self.emv.parse_apps(self.emv.read_record(1, sfi))
            priority, name, aid = apps[0]
            self.emv.select_by_df(aid)
            card = self.emv.parse_card(self.emv.read_record(1, sfi))
            return card['cardnum']

        else:
            return self.uid
示例#9
0
            def find_files(emv):
                for i in range(256):
                    try:
                        name, sfi = emv.select_by_df(toASCIIBytes(chr(i)))
                        print name, sfi

                    except Exception, e:
                        if isinstance(e, EMVException):
                            print e.sw1, e.sw2
                            if (e.sw1, e.sw2) == (0x6a, 0x82):
                                pass
                        else:
                            raise
示例#10
0
    def execute(self, arg_components: components, arg_arguments):
        log.debug(self.__class__.__name__, "ENTER")

        ret_state = STATE.ADM_VERIFY
        ret_arg = None
        adm_code = None
        out_msg = ''

        # if 'arg_arguments' exist, means may the auto verify fail
        # so we can't read the adm code from .xml file
        if arg_arguments == None:
            # Auto ADM operation (read from usim_modifier.xml)
            adm_code = arg_components.config.query_adm_code(
                arg_components.modeler.uicc.iccid)
        if adm_code == None:
            if arg_arguments == None:
                if arg_components.config.admhex == 1:
                    out_msg = res.get_string("input_adm_code_hex")
                else:
                    out_msg = res.get_string("input_adm_code")
            else:
                out_msg = arg_arguments
            print(layout_adm_code.layout(arg_msg=out_msg), end='')
            adm_code = input().strip().upper()

            # convert the 8 digits format to 16 hex digit
            if arg_components.config.admhex == 0:
                adm_code_byte = toASCIIBytes(adm_code)
                adm_code = toHexString(adm_code_byte, format=PACK)

            if len(adm_code) == 0:
                ret_state = STATE.PLUGIN
                print(
                    layout_adm_code.layout(
                        arg_msg=res.get_string("terminated_adm_code")))
            elif not is_valid_adm_code(adm_code):
                ret_state = STATE.ADM_CODE
                if arg_components.config.admhex == 1:
                    ret_arg = res.get_string("invalid_adm_code_hex")
                else:
                    ret_arg = res.get_string("invalid_adm_code")

        if ret_state == STATE.ADM_VERIFY:
            ret_arg = adm_code

        log.debug(self.__class__.__name__, "EXIT")
        return (ret_state, ret_arg)
示例#11
0
def test_card_insert_and_remove():
    vxco = VXCardObserver()
    card_mock = Mock()
    connection_mock = Mock()
    connection_mock.connect = Mock()
    connection_mock.transmit = Mock(return_value=(toASCIIBytes(TEST_STRING), 0x90, 0x00))
    card_mock.createConnection = Mock(return_value=connection_mock)

    # this is the callback that's invoked on an inserted card
    vxco.update(None, [[card_mock], []])

    assert card_mock.createConnection.called
    assert connection_mock.transmit.called

    # remove the card
    vxco.update(None, [[], [card_mock]])
    assert vxco.card is None
示例#12
0
    def get_pin_code(self, arg_prefix_pin):
        while (True):
            try:
                pin1_code = input("  " + arg_prefix_pin + " ").strip()
                if len(pin1_code) == 0:
                    break
                if len(pin1_code) >= 4 and len(pin1_code) <= 8:
                    is_valid = True
                    for i in range(len(pin1_code)):
                        if pin1_code[i] not in "0123456789":
                            is_valid = False
                            break
                    if is_valid:
                        break
            except:
                continue

        return toASCIIBytes(pin1_code)
示例#13
0
        def try_predefined_apps(emv):
            apps = [
                toASCIIBytes('1PAY.SYS.DDF01'),  # EMV
                [0xa0, 0x00, 0x00, 0x00, 0x03, 0x10, 0x10],  # Visa
                [0xa0, 0x00, 0x00, 0x00, 0x03, 0x20, 0x10],  # Visa Electron
                [0xa0, 0x00, 0x00, 0x00, 0x03, 0x80, 0x02],  # Visa CAP
                [0xa0, 0x00, 0x00, 0x00, 0x04, 0x30, 0x60],  # Maestro
                [0xa0, 0x00, 0x00, 0x00, 0x04, 0x10, 0x10],  # MasterCard
                [0xa0, 0x00, 0x00, 0x00, 0x04, 0x80, 0x02],  # MasterCard CAP
            ]

            for app in apps:
                try:
                    name, sfi = emv.select_by_df(app)
                except EMVException as e:
                    print e.sw1, e.sw2
                    if (e.sw1, e.sw2) != (0x6a, 0x82):
                        raise
                else:
                    print '%s: %s (%s)' % (app, name, sfi)
示例#14
0
    def __verify(self, arg_connection):
        self.__logging.debug("__verify")

        try:
            xml = etree.parse(DEF_SECURITY_CACHE_FOLDER + os.sep +
                              self.__iccid + ".xml")
            security_root = xml.getroot()

            pin1_node = security_root.xpath("pin1")
            self.__pin1 = pin1_node[0].text
            if self.__pin1_enabled:
                ret_err, self.__pin1_retry = arg_connection.verify(
                    VERIFY_TYPE.PIN1.value, toASCIIBytes(self.__pin1))
                if ret_err == ERROR.ERR_NONE:
                    self.__pin1_verified = True

            adm_node = security_root.xpath("adm")
            self.__adm = adm_node[0].text
            ret_err, self.__adm_retry = arg_connection.verify(
                VERIFY_TYPE.ADM1.value, toBytes(self.__adm))
            if ret_err == ERROR.ERR_NONE:
                self.__adm_verified = True
        except:
            pass
示例#15
0
def brute_pdol(tag):
    name, sfi, pdol_req = tag.emv.select_by_df(toASCIIBytes('1PAY.SYS.DDF01'))
    apps = tag.emv.read_record_parsed(1, sfi).getlistparsed('APP')
    for priority, name, aid in apps:
        ccy_ttq_dict = defaultdict(list)
        option_dict = defaultdict(list)
        not_allowed = []
        invalid = []

        try:
            name, sfi, pdol_req = tag.emv.select_by_df(aid)
            print 'ATC at start: %s' % tag.emv.get_data_parsed('ATC')

            # 12 bits
            for ttq in range(0x2000):
                if (ttq % 0x100) == 0:
                    print 'TTQ = 0x%lx' % ttq

                for ccy, ccy_name in ccys:
                    dol = DOL(ttq=[ttq & 0xff, ttq & 0x700 >> 3, ttq & 0x1800 >> 5, 0], ccy=ccy)
                    try:
                        # ATC is incremented if this works
                        options = tag.emv.get_options(pdol_req, dol)
                    except EMVException, e:
                        if (e.sw1, e.sw2) == (0x69, 0x85):
                            # Not allowed (conditions)
                            not_allowed.append((ttq, ccy_name))
                        elif (e.sw1, e.sw2) == (0x69, 0x84):
                            # Not allowed (invalid)
                            invalid.append((ttq, ccy_name))
                            # Reset
                            name, sfi, pdol_req = tag.emv.select_by_df(aid)
                        else:
                            raise
                    else:
                        ac_lens = tuple([len(a.data) for a in options.getlist('AC')])
                        sdad_lens = tuple([len(s.data) for s in options.getlist('SDAD')])

                        # replace AC, SDAD and ATC with length functions
                        options.tags = Tags(*options.tags._tagdata[:])
                        def datalen(ber):
                            return len(ber.data)

                        options.tags.parsers[options.tags.tags['AC']] = datalen
                        options.tags.parsers[options.tags.tags['SDAD']] = datalen
                        options.tags.parsers[options.tags.tags['ATC']] = datalen
                        options.read_ber()
                        opts = options.dump_ber()

                        #opts = [(k, vs) for k, vs in options.lists() if options.tags.tagname(k) not in ['AC', 'SDAD', 'ATC']]
                        # Need to be able to create a ber, or __delitem__
                        # FIXME: make dump return a string or an iterator
                        #opts = ' '.join(['0x%x %s' % (k, ', '.join([repr(v) for v in vs])) for k, vs in opts])
                        # opts = tuple([(k, tuple([tuple(v.data) for v in vs])) for k, vs in opts])
                        key = (opts, ac_lens, sdad_lens)
                        ccy_ttq_dict[key].append((ttq, ccy_name))
                        # only keep the last
                        option_dict[key] = options

                        # Reset to Entry Point Start C, according to Figure 5-1: Initiate Application Processing (Reader)
                        #  FIXME: check what Entry Point Start C is
                        name, sfi, pdol_req = tag.emv.select_by_df(aid)

        finally:
            def dump_ccy_ttqs(ccy_ttqs):
                last_ccy_name = None
                line = []
                for ttq, ccy_name in ccy_ttqs:
                    if last_ccy_name is not None and ccy_order.index(ccy_name) < ccy_order.index(last_ccy_name):
                        print '    %s' % ', '.join(line)
                        line = []
                    line.append('0x%x %s' % (ttq, ccy_name))
                    last_ccy_name = ccy_name

                if line:
                    print '    %s' % ', '.join(line)

            print 'ATC at end: %s' % tag.emv.get_data_parsed('ATC')

            ccy_order = [v for k, v in ccys]
            for key, ccy_ttqs in ccy_ttq_dict.items():
                print 'For:'
                dump_ccy_ttqs(ccy_ttqs)

                print
                option_dict[key].dump()

            print
            print 'Invalid:'
            dump_ccy_ttqs(invalid)

        break
示例#16
0
文件: emv.py 项目: ekapujiw2002/RFUID 
            #name, sfi, pdol_req = tag.emv.select_by_df(toASCIIBytes('1PAY.SYS.DDF01'))
            #name, sfi, pdol_req = tag.emv.select_by_df([0xa0, 0, 0, 0, 3, 0x10, 0x10])
            #print pdol_req
            # Use PPSE to list apps
            #name, sfi, pdol_req = tag.emv.select_by_df(toASCIIBytes('2PAY.SYS.DDF01'))
            #name, sfi, pdol_req = tag.emv.select_by_df([0xa0, 0, 0, 0, 3, 0x10, 0x10])
            #print pdol_req
            #options = tag.emv.get_options(pdol_req)
            #options.dump()
            #pprint(options.get_struct())
            #break

            if False:
                # Use PSE to list apps
                name, sfi, pdol_req = tag.emv.select_by_df(
                    toASCIIBytes('1PAY.SYS.DDF01'))
                print 'Applet data: %s' % tag.emv.get_data_parsed(
                    'APPLET_DATA')

                data = tag.emv.read_record_parsed(0x1, sfi)
                data.dump()
                apps = data.getlistparsed('APP')

            else:
                apps = [
                    (0, 'BARCLAYS', [0xa0, 0x00, 0x00, 0x00, 0x03, 0x80, 0x02])
                ]  # Visa CAP

            for priority, name, aid in apps:
                print
                print 'Selecting %s (%s): %s' % (priority, name,
示例#17
0
from smartcard.System import readers
from smartcard.util import toASCIIString, toASCIIBytes
from Mifare1kMap import Mifare1k

otentikasi = [0xFF, 0x88, 0x00, Mifare1k[0], 0x60, 0x00]
bacadata = [0xFF, 0xB0, 0x00, Mifare1k[0], 0x10]

# write
cmd = [0xFF, 0xD6, 0x00, Mifare1k[0], 0x10]
op = []

nis = "123456789" + "1234567"
for s in range(16):
    cmd.append(toASCIIBytes(nis[s])[0])

r = readers()
print "Available readers:", r

reader = r[0]
# print "Using:", reader

connection = reader.createConnection()
connection.connect()

data, sw1, sw2 = connection.transmit(otentikasi)
print data
print "Select Applet: %02X %02X" % (sw1, sw2)

# data, sw1, sw2 = connection.transmit(cmd)
# print toASCIIString(data)
# print "Select Applet: %02X %02X" % (sw1, sw2)
示例#18
0
 def _write_value(self, s):
     self._unlock()
     self._write_bytes(0, 1, [len(s)])
     self._write_bytes(1, len(s), toASCIIBytes(s))
示例#19
0
                for i in range(256):
                    try:
                        name, sfi = emv.select_by_df(toASCIIBytes(chr(i)))
                        print name, sfi

                    except Exception, e:
                        if isinstance(e, EMVException):
                            print e.sw1, e.sw2
                            if (e.sw1, e.sw2) == (0x6a, 0x82):
                                pass
                        else:
                            raise

            #find_files(emv)

            name, sfi = emv.select_by_df(toASCIIBytes('1PAY.SYS.DDF01'))
            # print map(hex, tag.find_14443_instrs())
            # 70, a4, b2

            apps = emv.parse_apps(emv.read_record(1, sfi))

            pprint(apps)
            for priority, name, aid in apps:
                if name.startswith('VISA'):
                    emv.select_by_df(aid)
                    # print map(hex, tag.find_14443_instrs())
                    # 20, 70, 82, 84, 88, a4, b2

                    print emv.parse_card(emv.read_record(1, sfi))
示例#20
0
def brute_pdol(tag):
    name, sfi, pdol_req = tag.emv.select_by_df(toASCIIBytes('1PAY.SYS.DDF01'))
    apps = tag.emv.read_record_parsed(1, sfi).getlistparsed('APP')
    for priority, name, aid in apps:
        ccy_ttq_dict = defaultdict(list)
        option_dict = defaultdict(list)
        not_allowed = []
        invalid = []

        try:
            name, sfi, pdol_req = tag.emv.select_by_df(aid)
            print 'ATC at start: %s' % tag.emv.get_data_parsed('ATC')

            # 12 bits
            for ttq in range(0x2000):
                if (ttq % 0x100) == 0:
                    print 'TTQ = 0x%lx' % ttq

                for ccy, ccy_name in ccys:
                    dol = DOL(ttq=[
                        ttq & 0xff, ttq & 0x700 >> 3, ttq & 0x1800 >> 5, 0
                    ],
                              ccy=ccy)
                    try:
                        # ATC is incremented if this works
                        options = tag.emv.get_options(pdol_req, dol)
                    except EMVException, e:
                        if (e.sw1, e.sw2) == (0x69, 0x85):
                            # Not allowed (conditions)
                            not_allowed.append((ttq, ccy_name))
                        elif (e.sw1, e.sw2) == (0x69, 0x84):
                            # Not allowed (invalid)
                            invalid.append((ttq, ccy_name))
                            # Reset
                            name, sfi, pdol_req = tag.emv.select_by_df(aid)
                        else:
                            raise
                    else:
                        ac_lens = tuple(
                            [len(a.data) for a in options.getlist('AC')])
                        sdad_lens = tuple(
                            [len(s.data) for s in options.getlist('SDAD')])

                        # replace AC, SDAD and ATC with length functions
                        options.tags = Tags(*options.tags._tagdata[:])

                        def datalen(ber):
                            return len(ber.data)

                        options.tags.parsers[options.tags.tags['AC']] = datalen
                        options.tags.parsers[
                            options.tags.tags['SDAD']] = datalen
                        options.tags.parsers[
                            options.tags.tags['ATC']] = datalen
                        options.read_ber()
                        opts = options.dump_ber()

                        #opts = [(k, vs) for k, vs in options.lists() if options.tags.tagname(k) not in ['AC', 'SDAD', 'ATC']]
                        # Need to be able to create a ber, or __delitem__
                        # FIXME: make dump return a string or an iterator
                        #opts = ' '.join(['0x%x %s' % (k, ', '.join([repr(v) for v in vs])) for k, vs in opts])
                        # opts = tuple([(k, tuple([tuple(v.data) for v in vs])) for k, vs in opts])
                        key = (opts, ac_lens, sdad_lens)
                        ccy_ttq_dict[key].append((ttq, ccy_name))
                        # only keep the last
                        option_dict[key] = options

                        # Reset to Entry Point Start C, according to Figure 5-1: Initiate Application Processing (Reader)
                        #  FIXME: check what Entry Point Start C is
                        name, sfi, pdol_req = tag.emv.select_by_df(aid)

        finally:

            def dump_ccy_ttqs(ccy_ttqs):
                last_ccy_name = None
                line = []
                for ttq, ccy_name in ccy_ttqs:
                    if last_ccy_name is not None and ccy_order.index(
                            ccy_name) < ccy_order.index(last_ccy_name):
                        print '    %s' % ', '.join(line)
                        line = []
                    line.append('0x%x %s' % (ttq, ccy_name))
                    last_ccy_name = ccy_name

                if line:
                    print '    %s' % ', '.join(line)

            print 'ATC at end: %s' % tag.emv.get_data_parsed('ATC')

            ccy_order = [v for k, v in ccys]
            for key, ccy_ttqs in ccy_ttq_dict.items():
                print 'For:'
                dump_ccy_ttqs(ccy_ttqs)

                print
                option_dict[key].dump()

            print
            print 'Invalid:'
            dump_ccy_ttqs(invalid)

        break
示例#21
0
    print 'Accepted keys: %s' % ', '.join(map(hex, vals))

    # Nothing selected: 0x42, 0x45, 0x66, 0xc1, 0xc5, 0xc6, 0xc7, 0xcb, 0xcf, 0xe0, 0x9f7f, 0xdf7c, 0xdf7e
    # 1PAY.SYS.DDF01: 0x9f7d
    # LINK/VISADEBIT: 
    #   0x9f13, 0x9f17, 0x9f36, 0x9f51,
    #   0x9f52, 0x9f53, 0x9f54, 0x9f56,
    #   0x9f57, 0x9f58, 0x9f59, 0x9f5c,
    #   0x9f5e, 0x9f67, 0x9f68, 0x9f6c,
    #   0x9f6d, 0x9f72, 0x9f73, 0x9f77,
    #   0x9f78, 0x9f79, 0x9f7d, 0xbf55,
    #   0xbf56, 0xbf57, 0xbf58, 0xbf5b

with Pcsc.reader() as reader:
    for tag in reader.tags:
        brute_data(tag)

        print 'Selecting 1PAY'
        name, sfi = tag.emv.select_by_df(toASCIIBytes('1PAY.SYS.DDF01'))
        brute_data(tag)

        apps = tag.emv.parse_apps(tag.emv.read_record(0x1, sfi))

        for priority, name, aid in apps:
            print 'Selecting %s' % name
            tag.emv.select_by_df(aid)
            brute_data(tag)
示例#22
0
            if resp != [0x6d, 0]:
                instrs.append([i, j])

    print 'Valid instructions: %s' % ', '.join(map(toHexString, instrs))
    # For my Visa Debit Paywave
    # Nothing selected: 00 70, 00 A4, 00 CA, 80 24, 80 50, 80 82, 80 CA, 80 D8, 80 E2, 80 E4, 80 E6, 80 E8, 80 F0, 80 F2
    # 1PAY.SYS.DDF01: 00 70, 00 A4, 00 B2
    # 2PAY.SYS.DDF01: 00 70, 00 A4, 00 B2
    # LINK/VISADEBIT: 00 20, 00 70, 00 82, 00 84, 00 88, 00 A4, 00 B2, 80 A8, 80 AE, 80 CA

with Pcsc.reader() as reader:
    for tag in reader.tags:
        brute_instrs(tag)

        print 'Selecting 2PAY'
        name, sfi, pdol = tag.emv.select_by_df(toASCIIBytes('2PAY.SYS.DDF01'))
        brute_instrs(tag)

        print 'Selecting 1PAY'
        name, sfi, pdol = tag.emv.select_by_df(toASCIIBytes('1PAY.SYS.DDF01'))
        brute_instrs(tag)

        data = tag.emv.read_record_parsed(0x1, sfi)
        apps = data.getlistparsed('APP')

        for priority, name, aid in apps:
            print 'Selecting %s' % name
            name, sfi, pdol_req = tag.emv.select_by_df(aid)
            brute_instrs(tag)

            if pdol_req:
示例#23
0
                    if (e.sw1, e.sw2) == (0x6a, 0x82):  # not found
                        return i + 1

            return 0

        def select_all_by_df_no_next(emv, name):
            # You can't get the "next" filename when selecting by AID
            try:
                dfs = [emv.select_by_df(name)]
            except EMVException, e:
                if not (e.sw1, e.sw2) == (0x6a, 0x82):  # not found
                    raise
                return []

            last_name, last_sfi = dfs[-1]
            curr = toASCIIBytes(last_name)
            while True:
                # curr will be a filled-out AID. Work our way back
                # to name until we've tried all this might have masked
                for i in reversed(range(len(name), len(curr))):
                    curr[i] = (curr[i] + 1) % 256
                    if curr[i] != 0:
                        break
                    del curr[i]
                else:
                    return dfs

                try:
                    dfs.append(emv.select_by_df(curr))
                except EMVException, e:
                    pass  # FIXME