cardn.cgi READ works

This commit is contained in:
641i130 2023-11-04 17:19:29 -05:00
parent b622de2d0a
commit 39ef31d901
4 changed files with 83 additions and 35 deletions

View File

@ -1,27 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAy63nybDg2d0l5Em5RTsx0QJ4WhuT4DwrzJD/SdPDbOotXE5B
iVycfNxcfXVSa74SvqThyQs4KasZyK/NWJN6Xyi7NQgh2xKYc3eVj8b8MSkhz5Y7
631dscLQRR9sDiTf2+jR8umd6U9op/ZucaOUzaEcyHalryeeRwD8q7mtlBccL+5d
SVVWuPaJ/Oh4Oivk4qNunYHygQ/iw2vBgN3f6tB1yiKlUe0T51FS1yJcavWilp2J
A6XGEhh0OmFJX6wf5vPu9heTXGqnriClinXnXV1zUPDaa0udD8n2OV9NphozqD7T
T4pE68G65Xz/iLAaEudSg7f1Shu+VFtt/cF4NwIDAQABAoIBABHUjF0r2/s7218p
Pwv6+x5HdOllJE8LJXBtOb6o8vYxZ+gpPPPSmiu/ZLoM5RAOiHiNBEEDzOuvkVHF
Zhi8zF0mj9Y8JdlA6adODtc9KFhWDUzYDjB200FxAvzSG9+pxbkWysOqROB8Svai
jEJBe5DRa6zMNNk+WCJHdAHFKZde6IHO4LR+5/GmYKjHKxBcsJhzPs7ysEXquZXc
CjQK8k5qHbMA1bEBIOXFoq8rVZxr35+3Zpc5djWf4DPNE2uxvUnblo2apz/vwdOQ
uslmFsEVSlcp3JoSuERonsE1uOvH0kRDPgsO+kTQUWNKZ5TEJoNaPpu+89JRBsRR
AkeYjt0CgYEA8QnXtxFfd8vtL6pwo+j1HXgHBREJjjdbgrBs+uqEZ+jqdEVpjr4V
bRmt5u8bC9nOEb6+nSKN1to7WuIu+1yvdsAHt/FsXcIBVOnxrPr2LyU1dRg7NX5Q
83ZTat1xnDVGHiDNk5xP8XtiirSSTqwTMr+qkIVMXVaV+jkW91wByTMCgYEA2FJq
3xgYiW3QcHwMSL2JKq2DTR+tGhuQ9ArNNqhTQDbzAgqIjcaT0vfL7qQEdDFzLpr5
+HT3Wzwz+DZ1MnQQrJdKyzZDfHcbs0DFaxkHAxf9XFwV0jRSXYtLGwwfz9mcX0yb
11MoPVxXJbzG1f50jbAt8+NqCy5oOv3/l/HE/O0CgYBxaWQqKu50e2saZmOhe9b5
CqSi6aVJWRqhn0lntjiee6T1GEPWefGy58Y/Rnm/Vbfz+X/Oh5edZAlRdeMNOksE
4M3A6sNGSiY+QeUIsvxqqmNAuSoCvXBxXVdajN8L1LUtL9oKfh3PTXLMOLIueiB+
XFhwr4eC01614W7A7HWaqQKBgQCbV/xFP1GHh2OzE3Hi3rFdA4OR49h0Mi2TAxrB
UHmQWKWD5rqPTXYkfyxksEY+hrBXXJV79csYKpCLg9f/ple/CVp9ufcWr5Yl0LK0
qSFe+GBKbhqBfG9Vm80QnFFP+s6PpT0YkTAJeIFgqUMEs5lRkp49USd65hWVn4dn
vwgeNQKBgQDCp3Myat3Kndkc5ujfkNLmYFYzfhihGV/ihmXed+bT52fTah8W2F3K
bv1828pER8Kph/Qm1tAv/iZzh6hk/fqm5n/xXCABx0gNxw1zshjNZR1F1HD3xoTy
dRg9yAajXjVo2NGkgGMUdqUV9wW/uACJTxUjru42EsOfqawF2cZpuw==
-----END RSA PRIVATE KEY-----

28
private_key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDLrefJsODZ3SXk
SblFOzHRAnhaG5PgPCvMkP9J08Ns6i1cTkGJXJx83Fx9dVJrvhK+pOHJCzgpqxnI
r81Yk3pfKLs1CCHbEphzd5WPxvwxKSHPljvrfV2xwtBFH2wOJN/b6NHy6Z3pT2in
9m5xo5TNoRzIdqWvJ55HAPyrua2UFxwv7l1JVVa49on86Hg6K+Tio26dgfKBD+LD
a8GA3d/q0HXKIqVR7RPnUVLXIlxq9aKWnYkDpcYSGHQ6YUlfrB/m8+72F5Ncaqeu
IKWKdeddXXNQ8NprS50PyfY5X02mGjOoPtNPikTrwbrlfP+IsBoS51KDt/VKG75U
W239wXg3AgMBAAECggEAEdSMXSvb+zvbXyk/C/r7Hkd06WUkTwslcG05vqjy9jFn
6Ck889KaK79kugzlEA6IeI0EQQPM66+RUcVmGLzMXSaP1jwl2UDpp04O1z0oWFYN
TNgOMHbTQXEC/NIb36nFuRbKw6pE4HxK9qKMQkF7kNFrrMw02T5YIkd0AcUpl17o
gc7gtH7n8aZgqMcrEFywmHM+zvKwReq5ldwKNAryTmodswDVsQEg5cWirytVnGvf
n7dmlzl2NZ/gM80Ta7G9SduWjZqnP+/B05C6yWYWwRVKVyncmhK4RGiewTW468fS
REM+Cw76RNBRY0pnlMQmg1o+m77z0lEGxFECR5iO3QKBgQDxCde3EV93y+0vqnCj
6PUdeAcFEQmON1uCsGz66oRn6Op0RWmOvhVtGa3m7xsL2c4Rvr6dIo3W2jta4i77
XK92wAe38WxdwgFU6fGs+vYvJTV1GDs1flDzdlNq3XGcNUYeIM2TnE/xe2KKtJJO
rBMyv6qQhUxdVpX6ORb3XAHJMwKBgQDYUmrfGBiJbdBwfAxIvYkqrYNNH60aG5D0
Cs02qFNANvMCCoiNxpPS98vupAR0MXMumvn4dPdbPDP4NnUydBCsl0rLNkN8dxuz
QMVrGQcDF/1cXBXSNFJdi0sbDB/P2ZxfTJvXUyg9XFclvMbV/nSNsC3z42oLLmg6
/f+X8cT87QKBgHFpZCoq7nR7axpmY6F71vkKpKLppUlZGqGfSWe2OJ57pPUYQ9Z5
8bLnxj9Geb9Vt/P5f86Hl51kCVF14w06SwTgzcDqw0ZKJj5B5Qiy/GqqY0C5KgK9
cHFdV1qM3wvUtS0v2gp+Hc9Ncsw4si56IH5cWHCvh4LTXrXhbsDsdZqpAoGBAJtX
/EU/UYeHY7MTceLesV0Dg5Hj2HQyLZMDGsFQeZBYpYPmuo9NdiR/LGSwRj6GsFdc
lXv1yxgqkIuD1/+mV78JWn259xavliXQsrSpIV74YEpuGoF8b1WbzRCcUU/6zo+l
PRiRMAl4gWCpQwSzmVGSnj1RJ3rmFZWfh2e/CB41AoGBAMKnczJq3cqd2Rzm6N+Q
0uZgVjN+GKEZX+KGZd535tPnZ9NqHxbYXcpu/XzbykRHwqmH9CbW0C/+JnOHqGT9
+qbmf/FcIAHHSA3HDXOyGM1lHUXUcPfGhPJ1GD3IBqNeNWjY0aSAYxR2pRX3Bb+4
AIlPFSOu7jYSw5+prAXZxmm7
-----END PRIVATE KEY-----

View File

@ -42,11 +42,11 @@ macro_rules! resp {
}
#[post("/basicinfo/")]
#[post("/basicinfo")]
async fn basicinfo() -> HttpResponse {
// This function is technically decrypting the plaintext into cipher text for the client to
// encrypt to read it. It's very backwards, but this is how the game works. I hate it.
let mut key_file = File::open("priv.pem").unwrap();
let mut key_file = File::open("private_key.pem").unwrap();
let mut key_buffer = Vec::new();
key_file.read_to_end(&mut key_buffer).unwrap();
// Load the private key from the PEM data
@ -55,7 +55,7 @@ async fn basicinfo() -> HttpResponse {
let mut ciphertext = vec![0; rsa.size() as usize];
rsa.private_encrypt(plaintext.as_bytes(), &mut ciphertext, Padding::PKCS1).unwrap();
println!("{}",format!("RSA Public Encrypt").bold().red());
// println!("{:?}", String::from_utf8_lossy(&ciphertext));
println!("{}",format!("{}", plaintext).bold().yellow());
HttpResponse::Ok().append_header(ContentType::octet_stream()).body(ciphertext)
}
@ -103,6 +103,52 @@ async fn game_info() -> HttpResponse {
HttpResponse::Ok().append_header(ContentType::octet_stream()).body(ciphertext)
}
// Card Command Codes
#[derive(Debug, Deserialize)]
pub enum CardCmd {
READ = 256,
REGISTER = 512,
REISSUE = 1536,
}
impl CardCmd {
fn from_u16(cmd_str: u16) -> Option<Self> {
match cmd_str {
256 => Some(CardCmd::READ),
512 => Some(CardCmd::REGISTER),
1536 => Some(CardCmd::REISSUE),
_ => None, // Handle unknown values
}
}
}
#[derive(Debug, Deserialize)]
pub struct CardVals {
cmd_str: u16, // Commands for card functions
card_no: u64, // Example: 7020392002385103
}
#[post("/service/card/cardn.cgi")]
async fn cardn(web::Form(form): web::Form<CardVals>) -> HttpResponse {
dbg!(&form);
match CardCmd::from_u16(form.cmd_str) {
Some(CardCmd::READ) => {
println!("READ");
resp!(format!("1\n1,1\n{}",form.card_no))
},
Some(CardCmd::REGISTER) => {
println!("REGISTER");
resp!("")
},
Some(CardCmd::REISSUE) => {
println!("REISSUE");
resp!("")
},
_ => HttpResponse::NotFound().into()
}
}
#[derive(Serialize, Deserialize, Debug)]
pub struct Certify {
pub gid: u32,
@ -166,7 +212,7 @@ async fn handle_post_request(body: web::Bytes,req: HttpRequest) -> HttpResponse
async fn main() -> std::io::Result<()> {
env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
//let config = load_rustls_config();
info!("Certificates loaded.");
//info!("Certificates loaded.");
println!("Started!");
HttpServer::new(|| {
App::new()
@ -182,6 +228,7 @@ async fn main() -> std::io::Result<()> {
.service(certify)
.service(server_data)
.service(basicinfo)
.service(cardn)
//.service(web::resource("/*").route(web::post().to(handle_post_request)))
.route("{path:.*}",web::post().to(handle_post_request))
.route("/{test.png}",web::get().to(test))

View File

@ -6,7 +6,7 @@ todo (add the missing encrypted endpoints)
# Encryption testing with curl and openssl
### `/basicinfo` request
`curl -X POST http://data.nesys.jp/basicinfo -o encrypted_data.bin`
`curl -X POST http://localhost/basicinfo -o encrypted_data.bin`
Decrypt:
@ -15,10 +15,10 @@ Decrypt:
Oneliner:
`curl -X POST http://10.3.0.141/basicinfo | openssl rsautl -inkey public_key.pem -pubin`
`curl -X POST http://localhost/basicinfo | openssl rsautl -inkey public_key.pem -pubin`
### `/game/*` request
`curl -X POST http://10.3.0.141/game -o aes.bin`
`curl -X POST http://localhost/game -o aes.bin`
Decrypt:
@ -27,5 +27,5 @@ Decrypt:
`openssl enc -d -aes-128-cfb -in aes.bin -out lol.txt -K '3031323334353637383930313233343536373839303132333435363738393031' -iv '30313233343536373839303132333435'`
Oneliner:
`curl -X POST http://10.3.0.141/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '3031323334353637383930313
`curl -X POST http://localhost/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '3031323334353637383930313
2333435'`