int main()
{
static char * checks [] = {
"482BD64C6C9F098C9EF8B77B8F870517BF33A1B9",
"853DBB72EC6A4E40CAE1D376BAAEF27A6377A51E",
"3925CB09D39EB08063542A0CA8C38D80CDBFAA50",
"26C2CE28D0DF94C010C5255203B885CBA81B9018",
"8BE02D8167CF08EC81D06EC54E9AE55977C864EA"
};
static char hash[20] = "";
static char hexdigest[200] = "";
char flag [20] = "";
printf("Armory v1.0\nAccess code:");
get_code(flag);
if(strlen(flag) != 10){
access_denied();
}
for(int i = 0; i < 10; i += 2)
{
SHA1(hash, (char*)flag+i, 2);
for(int j = 0; j < 20; j++){
sprintf((char*)hexdigest+(j*2), "%02X", hash[j]);
}
if(strncmp(hexdigest, checks[i/2], 40) != 0){
access_denied();
}
}
access_granted(flag);
return 0;
}
bool getFilecacheType_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
LSError lserror;
LSErrorInit(&lserror);
if (access_denied(message)) return true;
char filename[MAXLINLEN];
// Extract the id argument from the message
json_t *object = json_parse_document(LSMessageGetPayload(message));
json_t *type = json_find_first_label(object, "type");
if (!type || (type->child->type != JSON_STRING) || (strspn(type->child->text, ALLOWED_CHARS) != strlen(type->child->text))) {
if (!LSMessageRespond(message,
"{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing type\"}",
&lserror)) goto error;
return true;
}
sprintf(filename, "/etc/palm/filecache_types/%s", type->child->text);
return read_file(message, filename, true);
error:
LSErrorPrint(&lserror, stderr);
LSErrorFree(&lserror);
end:
return false;
}
bool listAppDatabases_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
struct stat statbuf;
char *filename = "/home/root/html5-databases/Databases.db";
if (stat(filename, &statbuf) == -1) {
filename = "/var/palm/data/Databases.db";
}
return access_denied(message) || \
dump_sqlite(message, filename, "Databases");
}
int main(void) {
uint8_t count=0,x=15;
uint8_t readbyte;
unsigned char s[15]="\r\npassword:\0";
uart_init(MYUBRR);
port_init();
eeprom_write_byte ((uint8_t*) USERPW_ADDRESS, DEFPW);
readbyte = eeprom_read_byte((uint8_t*)USERPW_ADDRESS);
while(1){
while( s[count] != '\0' ){
send_to_debug(s[count]);
_delay_ms(25);
count++;
}
count=0;
while(is_rx_done != true);
is_rx_done = false;
if(rx_byte == readbyte){
authorised(x);
}
else
access_denied(x);
// switch(rx_byte){
//
// case readbyte:
// authorised(x);
// break;
//
// default:
// access_denied(x);
// break;
//
// }
}
}
//
// Return the current API version of the service.
// Called directly from webOS, and returns directly to webOS.
//
bool version_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
LSError lserror;
LSErrorInit(&lserror);
if (access_denied(message)) return true;
if (!LSMessageRespond(message, "{\"returnValue\": true, \"version\": \"" VERSION "\", \"apiVersion\": \"" API_VERSION "\"}", &lserror)) goto error;
return true;
error:
LSErrorPrint(&lserror, stderr);
LSErrorFree(&lserror);
end:
return false;
}
//
// A dummy method, useful for unimplemented functions or as a status function.
// Called directly from webOS, and returns directly to webOS.
//
bool dummy_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
LSError lserror;
LSErrorInit(&lserror);
if (access_denied(message)) return true;
if (!LSMessageRespond(message, "{\"returnValue\": true}", &lserror)) goto error;
return true;
error:
LSErrorPrint(&lserror, stderr);
LSErrorFree(&lserror);
end:
return false;
}
bool listConnections_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
LSError lserror;
LSErrorInit(&lserror);
if (access_denied(message)) return true;
// Local buffer to store the command
char command[MAXLINLEN];
sprintf(command, "cat /proc/net/nf_conntrack 2>&1");
return simple_command(message, command);
error:
LSErrorPrint(&lserror, stderr);
LSErrorFree(&lserror);
end:
return false;
}
bool listFilecacheTypes_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
LSError lserror;
LSErrorInit(&lserror);
if (access_denied(message)) return true;
// Local buffer to store the command
char command[MAXLINLEN];
sprintf(command, "/bin/ls -1 /etc/palm/filecache_types/ 2>&1");
return simple_command(message, command);
error:
LSErrorPrint(&lserror, stderr);
LSErrorFree(&lserror);
end:
return false;
}
bool listKeys_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
LSError lserror;
LSErrorInit(&lserror);
if (access_denied(message)) return true;
// Local buffer to store the command
char command[MAXLINLEN];
sprintf(command, "sqlite3 /var/palm/data/keys.db 'SELECT id,ownerId,keyId FROM keytable ;' 2>&1");
return simple_command(message, command);
error:
LSErrorPrint(&lserror, stderr);
LSErrorFree(&lserror);
end:
return false;
}
int main(void) {
char col_user[15];
char dec[5];
unsigned char s[15]="\r\npassword:\0";
//init
uart_init(MYUBRR);
port_init();
//eeprom init
eeprom_write_block((const void *)USRPW, (void *)USERPW_ADDRESS, 10);
eeprom_read_block((void*)readblock, (const void*)USERPW_ADDRESS, 10);
readblock[9] = '\0';
while(1){
//memset(col_user,'\0',15);
vStringSend((char *)s);
vRcvString(col_user);
vStringSend("\r\n");
//compare
if(strcmp(col_user,readblock) ==0){
vStringSend ("access granted\r\n");
authorised();
vStringSend ("change password?\r\n");
vRcvString(dec);
vStringSend("\r\n");
if(strcmp(dec,"yes") ==0){
over_write_eeprom ();
}
else
authorised();
}
else{
vStringSend ("accesss denied\r\n");
access_denied();
}
}
}
//
// Impersonate a call to the requested service and return the output to webOS.
//
bool impersonate_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
bool retVal;
LSError lserror;
LSErrorInit(&lserror);
LSMessageRef(message);
if (access_denied(message)) return true;
// Extract the method argument from the message
json_t *object = json_parse_document(LSMessageGetPayload(message));
json_t *id = json_find_first_label(object, "id");
if (!id || (id->child->type != JSON_STRING)) {
if (!LSMessageRespond(message,
"{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing id\"}",
&lserror)) goto error;
return true;
}
// Extract the service argument from the message
object = json_parse_document(LSMessageGetPayload(message));
json_t *service = json_find_first_label(object, "service");
if (!service || (service->child->type != JSON_STRING)) {
if (!LSMessageRespond(message,
"{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing service\"}",
&lserror)) goto error;
return true;
}
// Extract the method argument from the message
object = json_parse_document(LSMessageGetPayload(message));
json_t *method = json_find_first_label(object, "method");
if (!method || (method->child->type != JSON_STRING)) {
if (!LSMessageRespond(message,
"{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing method\"}",
&lserror)) goto error;
return true;
}
// Extract the params argument from the message
object = json_parse_document(LSMessageGetPayload(message));
json_t *params = json_find_first_label(object, "params");
if (!params || (params->child->type != JSON_OBJECT)) {
if (!LSMessageRespond(message,
"{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing params\"}",
&lserror)) goto error;
return true;
}
char uri[MAXLINLEN];
sprintf(uri, "palm://%s/%s", service->child->text, method->child->text);
char *paramstring = NULL;
json_tree_to_string (params->child, ¶mstring);
if (!LSCallFromApplication(priv_serviceHandle, uri, paramstring, id->child->text,
impersonate_handler, message, NULL, &lserror)) goto error;
return true;
error:
LSErrorPrint(&lserror, stderr);
LSErrorFree(&lserror);
end:
return false;
}
bool listSystemPrefs_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
return access_denied(message) || \
dump_sqlite(message, "/var/luna/preferences/systemprefs.db", "Preferences");
}
bool listWebCookies_method(LSHandle* lshandle, LSMessage *message, void *ctx) {
return access_denied(message) || \
dump_sqlite(message, "/var/palm/data/browser-cookies.db", "Cookies");
}
