From 39ef31d901fe287a99918dfe8979021d4f6c20ac Mon Sep 17 00:00:00 2001 From: 641i130 <46945263+641i130@users.noreply.github.com> Date: Sat, 4 Nov 2023 17:19:29 -0500 Subject: [PATCH] cardn.cgi READ works --- priv.pem | 27 ------------------------ private_key.pem | 28 +++++++++++++++++++++++++ src/main.rs | 55 +++++++++++++++++++++++++++++++++++++++++++++---- utils/README.md | 8 +++---- 4 files changed, 83 insertions(+), 35 deletions(-) delete mode 100644 priv.pem create mode 100644 private_key.pem diff --git a/priv.pem b/priv.pem deleted file mode 100644 index 19409d9..0000000 --- a/priv.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAy63nybDg2d0l5Em5RTsx0QJ4WhuT4DwrzJD/SdPDbOotXE5B -iVycfNxcfXVSa74SvqThyQs4KasZyK/NWJN6Xyi7NQgh2xKYc3eVj8b8MSkhz5Y7 -631dscLQRR9sDiTf2+jR8umd6U9op/ZucaOUzaEcyHalryeeRwD8q7mtlBccL+5d -SVVWuPaJ/Oh4Oivk4qNunYHygQ/iw2vBgN3f6tB1yiKlUe0T51FS1yJcavWilp2J -A6XGEhh0OmFJX6wf5vPu9heTXGqnriClinXnXV1zUPDaa0udD8n2OV9NphozqD7T -T4pE68G65Xz/iLAaEudSg7f1Shu+VFtt/cF4NwIDAQABAoIBABHUjF0r2/s7218p -Pwv6+x5HdOllJE8LJXBtOb6o8vYxZ+gpPPPSmiu/ZLoM5RAOiHiNBEEDzOuvkVHF -Zhi8zF0mj9Y8JdlA6adODtc9KFhWDUzYDjB200FxAvzSG9+pxbkWysOqROB8Svai -jEJBe5DRa6zMNNk+WCJHdAHFKZde6IHO4LR+5/GmYKjHKxBcsJhzPs7ysEXquZXc -CjQK8k5qHbMA1bEBIOXFoq8rVZxr35+3Zpc5djWf4DPNE2uxvUnblo2apz/vwdOQ -uslmFsEVSlcp3JoSuERonsE1uOvH0kRDPgsO+kTQUWNKZ5TEJoNaPpu+89JRBsRR -AkeYjt0CgYEA8QnXtxFfd8vtL6pwo+j1HXgHBREJjjdbgrBs+uqEZ+jqdEVpjr4V -bRmt5u8bC9nOEb6+nSKN1to7WuIu+1yvdsAHt/FsXcIBVOnxrPr2LyU1dRg7NX5Q -83ZTat1xnDVGHiDNk5xP8XtiirSSTqwTMr+qkIVMXVaV+jkW91wByTMCgYEA2FJq -3xgYiW3QcHwMSL2JKq2DTR+tGhuQ9ArNNqhTQDbzAgqIjcaT0vfL7qQEdDFzLpr5 -+HT3Wzwz+DZ1MnQQrJdKyzZDfHcbs0DFaxkHAxf9XFwV0jRSXYtLGwwfz9mcX0yb -11MoPVxXJbzG1f50jbAt8+NqCy5oOv3/l/HE/O0CgYBxaWQqKu50e2saZmOhe9b5 -CqSi6aVJWRqhn0lntjiee6T1GEPWefGy58Y/Rnm/Vbfz+X/Oh5edZAlRdeMNOksE -4M3A6sNGSiY+QeUIsvxqqmNAuSoCvXBxXVdajN8L1LUtL9oKfh3PTXLMOLIueiB+ -XFhwr4eC01614W7A7HWaqQKBgQCbV/xFP1GHh2OzE3Hi3rFdA4OR49h0Mi2TAxrB -UHmQWKWD5rqPTXYkfyxksEY+hrBXXJV79csYKpCLg9f/ple/CVp9ufcWr5Yl0LK0 -qSFe+GBKbhqBfG9Vm80QnFFP+s6PpT0YkTAJeIFgqUMEs5lRkp49USd65hWVn4dn -vwgeNQKBgQDCp3Myat3Kndkc5ujfkNLmYFYzfhihGV/ihmXed+bT52fTah8W2F3K -bv1828pER8Kph/Qm1tAv/iZzh6hk/fqm5n/xXCABx0gNxw1zshjNZR1F1HD3xoTy -dRg9yAajXjVo2NGkgGMUdqUV9wW/uACJTxUjru42EsOfqawF2cZpuw== ------END RSA PRIVATE KEY----- diff --git a/private_key.pem b/private_key.pem new file mode 100644 index 0000000..6b819ec --- /dev/null +++ b/private_key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDLrefJsODZ3SXk +SblFOzHRAnhaG5PgPCvMkP9J08Ns6i1cTkGJXJx83Fx9dVJrvhK+pOHJCzgpqxnI +r81Yk3pfKLs1CCHbEphzd5WPxvwxKSHPljvrfV2xwtBFH2wOJN/b6NHy6Z3pT2in +9m5xo5TNoRzIdqWvJ55HAPyrua2UFxwv7l1JVVa49on86Hg6K+Tio26dgfKBD+LD +a8GA3d/q0HXKIqVR7RPnUVLXIlxq9aKWnYkDpcYSGHQ6YUlfrB/m8+72F5Ncaqeu +IKWKdeddXXNQ8NprS50PyfY5X02mGjOoPtNPikTrwbrlfP+IsBoS51KDt/VKG75U +W239wXg3AgMBAAECggEAEdSMXSvb+zvbXyk/C/r7Hkd06WUkTwslcG05vqjy9jFn +6Ck889KaK79kugzlEA6IeI0EQQPM66+RUcVmGLzMXSaP1jwl2UDpp04O1z0oWFYN +TNgOMHbTQXEC/NIb36nFuRbKw6pE4HxK9qKMQkF7kNFrrMw02T5YIkd0AcUpl17o +gc7gtH7n8aZgqMcrEFywmHM+zvKwReq5ldwKNAryTmodswDVsQEg5cWirytVnGvf +n7dmlzl2NZ/gM80Ta7G9SduWjZqnP+/B05C6yWYWwRVKVyncmhK4RGiewTW468fS +REM+Cw76RNBRY0pnlMQmg1o+m77z0lEGxFECR5iO3QKBgQDxCde3EV93y+0vqnCj +6PUdeAcFEQmON1uCsGz66oRn6Op0RWmOvhVtGa3m7xsL2c4Rvr6dIo3W2jta4i77 +XK92wAe38WxdwgFU6fGs+vYvJTV1GDs1flDzdlNq3XGcNUYeIM2TnE/xe2KKtJJO +rBMyv6qQhUxdVpX6ORb3XAHJMwKBgQDYUmrfGBiJbdBwfAxIvYkqrYNNH60aG5D0 +Cs02qFNANvMCCoiNxpPS98vupAR0MXMumvn4dPdbPDP4NnUydBCsl0rLNkN8dxuz +QMVrGQcDF/1cXBXSNFJdi0sbDB/P2ZxfTJvXUyg9XFclvMbV/nSNsC3z42oLLmg6 +/f+X8cT87QKBgHFpZCoq7nR7axpmY6F71vkKpKLppUlZGqGfSWe2OJ57pPUYQ9Z5 +8bLnxj9Geb9Vt/P5f86Hl51kCVF14w06SwTgzcDqw0ZKJj5B5Qiy/GqqY0C5KgK9 +cHFdV1qM3wvUtS0v2gp+Hc9Ncsw4si56IH5cWHCvh4LTXrXhbsDsdZqpAoGBAJtX +/EU/UYeHY7MTceLesV0Dg5Hj2HQyLZMDGsFQeZBYpYPmuo9NdiR/LGSwRj6GsFdc +lXv1yxgqkIuD1/+mV78JWn259xavliXQsrSpIV74YEpuGoF8b1WbzRCcUU/6zo+l +PRiRMAl4gWCpQwSzmVGSnj1RJ3rmFZWfh2e/CB41AoGBAMKnczJq3cqd2Rzm6N+Q +0uZgVjN+GKEZX+KGZd535tPnZ9NqHxbYXcpu/XzbykRHwqmH9CbW0C/+JnOHqGT9 ++qbmf/FcIAHHSA3HDXOyGM1lHUXUcPfGhPJ1GD3IBqNeNWjY0aSAYxR2pRX3Bb+4 +AIlPFSOu7jYSw5+prAXZxmm7 +-----END PRIVATE KEY----- diff --git a/src/main.rs b/src/main.rs index 60337a4..c519e45 100755 --- a/src/main.rs +++ b/src/main.rs @@ -42,11 +42,11 @@ macro_rules! resp { } -#[post("/basicinfo/")] +#[post("/basicinfo")] async fn basicinfo() -> HttpResponse { // This function is technically decrypting the plaintext into cipher text for the client to // encrypt to read it. It's very backwards, but this is how the game works. I hate it. - let mut key_file = File::open("priv.pem").unwrap(); + let mut key_file = File::open("private_key.pem").unwrap(); let mut key_buffer = Vec::new(); key_file.read_to_end(&mut key_buffer).unwrap(); // Load the private key from the PEM data @@ -55,7 +55,7 @@ async fn basicinfo() -> HttpResponse { let mut ciphertext = vec![0; rsa.size() as usize]; rsa.private_encrypt(plaintext.as_bytes(), &mut ciphertext, Padding::PKCS1).unwrap(); println!("{}",format!("RSA Public Encrypt").bold().red()); - // println!("{:?}", String::from_utf8_lossy(&ciphertext)); + println!("{}",format!("{}", plaintext).bold().yellow()); HttpResponse::Ok().append_header(ContentType::octet_stream()).body(ciphertext) } @@ -103,6 +103,52 @@ async fn game_info() -> HttpResponse { HttpResponse::Ok().append_header(ContentType::octet_stream()).body(ciphertext) } +// Card Command Codes +#[derive(Debug, Deserialize)] +pub enum CardCmd { + READ = 256, + REGISTER = 512, + REISSUE = 1536, +} + +impl CardCmd { + fn from_u16(cmd_str: u16) -> Option { + match cmd_str { + 256 => Some(CardCmd::READ), + 512 => Some(CardCmd::REGISTER), + 1536 => Some(CardCmd::REISSUE), + _ => None, // Handle unknown values + } + } +} + +#[derive(Debug, Deserialize)] +pub struct CardVals { + cmd_str: u16, // Commands for card functions + card_no: u64, // Example: 7020392002385103 +} + +#[post("/service/card/cardn.cgi")] +async fn cardn(web::Form(form): web::Form) -> HttpResponse { + dbg!(&form); + match CardCmd::from_u16(form.cmd_str) { + Some(CardCmd::READ) => { + println!("READ"); + resp!(format!("1\n1,1\n{}",form.card_no)) + }, + Some(CardCmd::REGISTER) => { + println!("REGISTER"); + resp!("") + }, + Some(CardCmd::REISSUE) => { + println!("REISSUE"); + resp!("") + }, + _ => HttpResponse::NotFound().into() + } +} + + #[derive(Serialize, Deserialize, Debug)] pub struct Certify { pub gid: u32, @@ -166,7 +212,7 @@ async fn handle_post_request(body: web::Bytes,req: HttpRequest) -> HttpResponse async fn main() -> std::io::Result<()> { env_logger::init_from_env(env_logger::Env::new().default_filter_or("info")); //let config = load_rustls_config(); - info!("Certificates loaded."); + //info!("Certificates loaded."); println!("Started!"); HttpServer::new(|| { App::new() @@ -182,6 +228,7 @@ async fn main() -> std::io::Result<()> { .service(certify) .service(server_data) .service(basicinfo) + .service(cardn) //.service(web::resource("/*").route(web::post().to(handle_post_request))) .route("{path:.*}",web::post().to(handle_post_request)) .route("/{test.png}",web::get().to(test)) diff --git a/utils/README.md b/utils/README.md index 866c1b7..dcf465c 100644 --- a/utils/README.md +++ b/utils/README.md @@ -6,7 +6,7 @@ todo (add the missing encrypted endpoints) # Encryption testing with curl and openssl ### `/basicinfo` request -`curl -X POST http://data.nesys.jp/basicinfo -o encrypted_data.bin` +`curl -X POST http://localhost/basicinfo -o encrypted_data.bin` Decrypt: @@ -15,10 +15,10 @@ Decrypt: Oneliner: -`curl -X POST http://10.3.0.141/basicinfo | openssl rsautl -inkey public_key.pem -pubin` +`curl -X POST http://localhost/basicinfo | openssl rsautl -inkey public_key.pem -pubin` ### `/game/*` request -`curl -X POST http://10.3.0.141/game -o aes.bin` +`curl -X POST http://localhost/game -o aes.bin` Decrypt: @@ -27,5 +27,5 @@ Decrypt: `openssl enc -d -aes-128-cfb -in aes.bin -out lol.txt -K '3031323334353637383930313233343536373839303132333435363738393031' -iv '30313233343536373839303132333435'` Oneliner: -`curl -X POST http://10.3.0.141/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '3031323334353637383930313 +`curl -X POST http://localhost/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '3031323334353637383930313 2333435'`