int main() { static char * checks [] = { "482BD64C6C9F098C9EF8B77B8F870517BF33A1B9", "853DBB72EC6A4E40CAE1D376BAAEF27A6377A51E", "3925CB09D39EB08063542A0CA8C38D80CDBFAA50", "26C2CE28D0DF94C010C5255203B885CBA81B9018", "8BE02D8167CF08EC81D06EC54E9AE55977C864EA" }; static char hash[20] = ""; static char hexdigest[200] = ""; char flag [20] = ""; printf("Armory v1.0\nAccess code:"); get_code(flag); if(strlen(flag) != 10){ access_denied(); } for(int i = 0; i < 10; i += 2) { SHA1(hash, (char*)flag+i, 2); for(int j = 0; j < 20; j++){ sprintf((char*)hexdigest+(j*2), "%02X", hash[j]); } if(strncmp(hexdigest, checks[i/2], 40) != 0){ access_denied(); } } access_granted(flag); return 0; }
bool getFilecacheType_method(LSHandle* lshandle, LSMessage *message, void *ctx) { LSError lserror; LSErrorInit(&lserror); if (access_denied(message)) return true; char filename[MAXLINLEN]; // Extract the id argument from the message json_t *object = json_parse_document(LSMessageGetPayload(message)); json_t *type = json_find_first_label(object, "type"); if (!type || (type->child->type != JSON_STRING) || (strspn(type->child->text, ALLOWED_CHARS) != strlen(type->child->text))) { if (!LSMessageRespond(message, "{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing type\"}", &lserror)) goto error; return true; } sprintf(filename, "/etc/palm/filecache_types/%s", type->child->text); return read_file(message, filename, true); error: LSErrorPrint(&lserror, stderr); LSErrorFree(&lserror); end: return false; }
bool listAppDatabases_method(LSHandle* lshandle, LSMessage *message, void *ctx) { struct stat statbuf; char *filename = "/home/root/html5-databases/Databases.db"; if (stat(filename, &statbuf) == -1) { filename = "/var/palm/data/Databases.db"; } return access_denied(message) || \ dump_sqlite(message, filename, "Databases"); }
int main(void) { uint8_t count=0,x=15; uint8_t readbyte; unsigned char s[15]="\r\npassword:\0"; uart_init(MYUBRR); port_init(); eeprom_write_byte ((uint8_t*) USERPW_ADDRESS, DEFPW); readbyte = eeprom_read_byte((uint8_t*)USERPW_ADDRESS); while(1){ while( s[count] != '\0' ){ send_to_debug(s[count]); _delay_ms(25); count++; } count=0; while(is_rx_done != true); is_rx_done = false; if(rx_byte == readbyte){ authorised(x); } else access_denied(x); // switch(rx_byte){ // // case readbyte: // authorised(x); // break; // // default: // access_denied(x); // break; // // } } }
// // Return the current API version of the service. // Called directly from webOS, and returns directly to webOS. // bool version_method(LSHandle* lshandle, LSMessage *message, void *ctx) { LSError lserror; LSErrorInit(&lserror); if (access_denied(message)) return true; if (!LSMessageRespond(message, "{\"returnValue\": true, \"version\": \"" VERSION "\", \"apiVersion\": \"" API_VERSION "\"}", &lserror)) goto error; return true; error: LSErrorPrint(&lserror, stderr); LSErrorFree(&lserror); end: return false; }
// // A dummy method, useful for unimplemented functions or as a status function. // Called directly from webOS, and returns directly to webOS. // bool dummy_method(LSHandle* lshandle, LSMessage *message, void *ctx) { LSError lserror; LSErrorInit(&lserror); if (access_denied(message)) return true; if (!LSMessageRespond(message, "{\"returnValue\": true}", &lserror)) goto error; return true; error: LSErrorPrint(&lserror, stderr); LSErrorFree(&lserror); end: return false; }
bool listConnections_method(LSHandle* lshandle, LSMessage *message, void *ctx) { LSError lserror; LSErrorInit(&lserror); if (access_denied(message)) return true; // Local buffer to store the command char command[MAXLINLEN]; sprintf(command, "cat /proc/net/nf_conntrack 2>&1"); return simple_command(message, command); error: LSErrorPrint(&lserror, stderr); LSErrorFree(&lserror); end: return false; }
bool listFilecacheTypes_method(LSHandle* lshandle, LSMessage *message, void *ctx) { LSError lserror; LSErrorInit(&lserror); if (access_denied(message)) return true; // Local buffer to store the command char command[MAXLINLEN]; sprintf(command, "/bin/ls -1 /etc/palm/filecache_types/ 2>&1"); return simple_command(message, command); error: LSErrorPrint(&lserror, stderr); LSErrorFree(&lserror); end: return false; }
bool listKeys_method(LSHandle* lshandle, LSMessage *message, void *ctx) { LSError lserror; LSErrorInit(&lserror); if (access_denied(message)) return true; // Local buffer to store the command char command[MAXLINLEN]; sprintf(command, "sqlite3 /var/palm/data/keys.db 'SELECT id,ownerId,keyId FROM keytable ;' 2>&1"); return simple_command(message, command); error: LSErrorPrint(&lserror, stderr); LSErrorFree(&lserror); end: return false; }
int main(void) { char col_user[15]; char dec[5]; unsigned char s[15]="\r\npassword:\0"; //init uart_init(MYUBRR); port_init(); //eeprom init eeprom_write_block((const void *)USRPW, (void *)USERPW_ADDRESS, 10); eeprom_read_block((void*)readblock, (const void*)USERPW_ADDRESS, 10); readblock[9] = '\0'; while(1){ //memset(col_user,'\0',15); vStringSend((char *)s); vRcvString(col_user); vStringSend("\r\n"); //compare if(strcmp(col_user,readblock) ==0){ vStringSend ("access granted\r\n"); authorised(); vStringSend ("change password?\r\n"); vRcvString(dec); vStringSend("\r\n"); if(strcmp(dec,"yes") ==0){ over_write_eeprom (); } else authorised(); } else{ vStringSend ("accesss denied\r\n"); access_denied(); } } }
// // Impersonate a call to the requested service and return the output to webOS. // bool impersonate_method(LSHandle* lshandle, LSMessage *message, void *ctx) { bool retVal; LSError lserror; LSErrorInit(&lserror); LSMessageRef(message); if (access_denied(message)) return true; // Extract the method argument from the message json_t *object = json_parse_document(LSMessageGetPayload(message)); json_t *id = json_find_first_label(object, "id"); if (!id || (id->child->type != JSON_STRING)) { if (!LSMessageRespond(message, "{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing id\"}", &lserror)) goto error; return true; } // Extract the service argument from the message object = json_parse_document(LSMessageGetPayload(message)); json_t *service = json_find_first_label(object, "service"); if (!service || (service->child->type != JSON_STRING)) { if (!LSMessageRespond(message, "{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing service\"}", &lserror)) goto error; return true; } // Extract the method argument from the message object = json_parse_document(LSMessageGetPayload(message)); json_t *method = json_find_first_label(object, "method"); if (!method || (method->child->type != JSON_STRING)) { if (!LSMessageRespond(message, "{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing method\"}", &lserror)) goto error; return true; } // Extract the params argument from the message object = json_parse_document(LSMessageGetPayload(message)); json_t *params = json_find_first_label(object, "params"); if (!params || (params->child->type != JSON_OBJECT)) { if (!LSMessageRespond(message, "{\"returnValue\": false, \"errorCode\": -1, \"errorText\": \"Invalid or missing params\"}", &lserror)) goto error; return true; } char uri[MAXLINLEN]; sprintf(uri, "palm://%s/%s", service->child->text, method->child->text); char *paramstring = NULL; json_tree_to_string (params->child, ¶mstring); if (!LSCallFromApplication(priv_serviceHandle, uri, paramstring, id->child->text, impersonate_handler, message, NULL, &lserror)) goto error; return true; error: LSErrorPrint(&lserror, stderr); LSErrorFree(&lserror); end: return false; }
bool listSystemPrefs_method(LSHandle* lshandle, LSMessage *message, void *ctx) { return access_denied(message) || \ dump_sqlite(message, "/var/luna/preferences/systemprefs.db", "Preferences"); }
bool listWebCookies_method(LSHandle* lshandle, LSMessage *message, void *ctx) { return access_denied(message) || \ dump_sqlite(message, "/var/palm/data/browser-cookies.db", "Cookies"); }