-
-
Save Monsieur-Chat/af674edcb50177d2450ae0cb629980a8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import RPi.GPIO as GPIO | |
import mfrc522 | |
import subprocess | |
import time | |
import RGB1602 | |
# Secrets! | |
DEFAULT_KEY = [0xFF,0xFF,0xFF,0xFF,0xFF,0xFF] | |
KEY = "REDACTED" | |
ADMIN_GROUP = "REDACTED" | |
# Display function on the screen. | |
lcd=RGB1602.RGB1602(16,2) | |
def disp(line1,line2,r,g,b): | |
lcd.setCursor(0, 0) | |
lcd.printout(line1) | |
lcd.setCursor(0, 1) | |
lcd.printout(line2) | |
lcd.setRGB(r,g,b); | |
# Print flag on the display with a sliding effect. | |
def disp_file(file): | |
with open(file) as f: | |
lines = f.readlines() | |
# Print the first 16 caracters for 2 seconds. | |
disp("Auth. Success ",lines[0][0:16],144,249,15) | |
time.sleep(2) | |
# Slide to next chars of the first line.. | |
for i in range(1,len(lines[0])-16): | |
disp("Auth. Success ",lines[0][i:i+16],144,249,15) | |
time.sleep(0.4) | |
# Keep display for an additional few seconds. | |
time.sleep(5) | |
def format_uid(uid): | |
s = "" | |
for i in range(0, len(uid)): | |
s += "%x" % uid[i] | |
return s.upper() | |
# Initiate NFC reader. | |
RFID = mfrc522.MFRC522() | |
# Get tag size if available. | |
(Status, TagSize) = RFID.MFRC522_Request(RFID.PICC_REQIDL) | |
# Privileges information are in sector 1. | |
Sector = 1 | |
while True: | |
# Display main message. | |
print("Waiting for Tag...\n") | |
disp("Waiting tags... "," ",255,255,255) | |
while True: | |
# Try to get NFC data. | |
(Status, TagSize) = RFID.MFRC522_Request(RFID.PICC_REQIDL) | |
if Status != RFID.MI_OK: | |
continue | |
if TagSize < 1: | |
print("Can't read tag properly!") | |
disp("Error! ","Can't read tag! ",255,0,0) | |
time.sleep(1) | |
break | |
if Sector < 1 or Sector > (TagSize - 1): | |
print("Sector out of range (1 - %s)\n" % (TagSize - 1)) | |
disp("Error! ","Sector range!",255,0,0) | |
time.sleep(1) | |
break | |
# Selecting blocks. | |
BaseBlockLength = 4 | |
if Sector < 32: | |
BlockLength = BaseBlockLength | |
StartAddr = Sector * BlockLength | |
else: | |
BlockLength = 16 | |
StartAddr = 32 * BaseBlockLength + (Sector - 32) * BlockLength | |
BlockAddrs = [] | |
for i in range(0, (BlockLength - 1)): | |
BlockAddrs.append((StartAddr + i)) | |
TrailerBlockAddr = (StartAddr + (BlockLength - 1)) | |
# Initializing tag. | |
(Status, UID) = RFID.MFRC522_Anticoll() | |
if Status != RFID.MI_OK: | |
break | |
# Reading sector and parsing retrieved data. | |
RFID.MFRC522_SelectTag(UID) | |
Status = RFID.MFRC522_Auth(RFID.PICC_AUTHENT1A, TrailerBlockAddr, KEY, UID) | |
data = [] | |
text_read = "" | |
if Status == RFID.MI_OK: | |
for block_num in BlockAddrs: | |
block = RFID.MFRC522_Read(block_num) | |
if block: | |
data += block | |
if data: | |
text_read = "".join(chr(i) for i in data) | |
print("UID: ", format_uid(UID)) | |
print("Data: ", text_read,"\n") | |
# Extract username | |
if text_read.count("user=") > 0: | |
user=text_read.split("=",1)[1] | |
print(user) | |
# Retrieve associated group. | |
output,retcode = subprocess.Popen("groups {}".format(user), shell=True, stdout=subprocess.PIPE).communicate() | |
groups=output.decode('utf-8') | |
# Check user privileges. | |
if groups.count(ADMIN_GROUP) > 0: | |
print("[+] Success!") | |
disp_file('flag.txt') | |
else: | |
print("[-] Error, user do not have the proper group ...") | |
disp("Wrong group... ",groups[0:15],255,0,0) | |
time.sleep(5) | |
else: | |
print("[-] Error, no user entry !") | |
disp("Error! ","No user entry...",255,0,0) | |
time.sleep(1) | |
else: | |
print("[-] Can't access sector", Sector, "!\n") | |
disp("Error! ","Sector access...",255,0,0) | |
time.sleep(1) | |
RFID.MFRC522_StopCrypto1() | |
break | |
RFID.AntennaOff() | |
GPIO.cleanup() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment