Benutzer-Werkzeuge

Webseiten-Werkzeuge


schule:36c3-telnet_challenge

Pad zum 36C3

RFID Scan

** TagInfo scan (version 4.24.5) 2019-12-27 22:41:04 **
Report Type: External

-- IC INFO ------------------------------

# IC manufacturer:
NXP Semiconductors

# IC type:
NTAG215

-- NDEF ------------------------------

# No NDEF Message present:

-- EXTRA ------------------------------

# Memory size:
504 bytes user memory
* 126 pages, with 4 bytes per page

# IC detailed information:
Full product name: NT2H1511G0DUx
Capacitance: 50 pF

# Version information:
Vendor ID: NXP
Type: NTAG
Subtype: 50 pF
Major version: 1
Minor version: V0
Storage size: 504 bytes
Protocol: ISO/IEC 14443-3

# Configuration information:
ASCII mirror disabled
NFC counter: disabled
No limit on wrong password attempts
Strong load modulation enabled

# Originality check:
Signature verified with NXP public key

-- FULL SCAN ------------------------------

# Technologies supported:
ISO/IEC 14443-3 (Type A) compatible
ISO/IEC 14443-2 (Type A) compatible

# Android technology information:
Tag description:
* TAG: Tech [android.nfc.tech.NfcA, android.nfc.tech.MifareUltralight, android.nfc.tech.Ndef]
* Maximum transceive length: 253 bytes
* Default maximum transceive time-out: 618 ms


# Detailed protocol information:
ID: 04:28:70:62:2F:64:81
ATQA: 0x4400
SAK: 0x00

# Memory content:
[00] *  04:28:70 D4 (UID0-UID2, BCC0)
[01] *  62:2F:64:81 (UID3-UID6)
[02] .  A8 48 00 00 (BCC1, INT, LOCK0-LOCK1)
[03] .  E1:10:3E:00 (OTP0-OTP3)
[04] .  03 00 FE 00 |....|
[05] .  00 00 00 00 |....|
[06] .  00 00 00 00 |....|
[07] .  00 00 00 00 |....|
[08] .  00 00 00 00 |....|
[09] .  00 00 00 00 |....|
[0A] .  00 00 00 00 |....|
[0B] .  00 00 00 00 |....|
[0C] .  00 00 00 00 |....|
[0D] .  00 00 00 00 |....|
[0E] .  00 00 00 00 |....|
[0F] .  00 00 00 00 |....|
[10] .  00 00 00 00 |....|
[11] .  00 00 00 00 |....|
[12] .  00 00 00 00 |....|
[13] .  00 00 00 00 |....|
[14] .  00 00 00 00 |....|
[15] .  00 00 00 00 |....|
[16] .  00 00 00 00 |....|
[17] .  00 00 00 00 |....|
[18] .  00 00 00 00 |....|
[19] .  00 00 00 00 |....|
[1A] .  00 00 00 00 |....|
[1B] .  00 00 00 00 |....|
[1C] .  00 00 00 00 |....|
[1D] .  00 00 00 00 |....|
[1E] .  00 00 00 00 |....|
[1F] .  00 00 00 00 |....|
[20] .  00 00 00 00 |....|
[21] .  00 00 00 00 |....|
[22] .  00 00 00 00 |....|
[23] .  00 00 00 00 |....|
[24] .  00 00 00 00 |....|
[25] .  00 00 00 00 |....|
[26] .  00 00 00 00 |....|
[27] .  00 00 00 00 |....|
[28] .  00 00 00 00 |....|
[29] .  00 00 00 00 |....|
[2A] .  00 00 00 00 |....|
[2B] .  00 00 00 00 |....|
[2C] .  00 00 00 00 |....|
[2D] .  00 00 00 00 |....|
[2E] .  00 00 00 00 |....|
[2F] .  00 00 00 00 |....|
[30] .  00 00 00 00 |....|
[31] .  00 00 00 00 |....|
[32] .  00 00 00 00 |....|
[33] .  00 00 00 00 |....|
[34] .  00 00 00 00 |....|
[35] .  00 00 00 00 |....|
[36] .  00 00 00 00 |....|
[37] .  00 00 00 00 |....|
[38] .  00 00 00 00 |....|
[39] .  00 00 00 00 |....|
[3A] .  00 00 00 00 |....|
[3B] .  00 00 00 00 |....|
[3C] .  00 00 00 00 |....|
[3D] .  00 00 00 00 |....|
[3E] .  00 00 00 00 |....|
[3F] .  00 00 00 00 |....|
[40] .  00 00 00 00 |....|
[41] .  00 00 00 00 |....|
[42] .  00 00 00 00 |....|
[43] .  00 00 00 00 |....|
[44] .  00 00 00 00 |....|
[45] .  00 00 00 00 |....|
[46] .  00 00 00 00 |....|
[47] .  00 00 00 00 |....|
[48] .  00 00 00 00 |....|
[49] .  00 00 00 00 |....|
[4A] .  00 00 00 00 |....|
[4B] .  00 00 00 00 |....|
[4C] .  00 00 00 00 |....|
[4D] .  00 00 00 00 |....|
[4E] .  00 00 00 00 |....|
[4F] .  00 00 00 00 |....|
[50] .  00 00 00 00 |....|
[51] .  00 00 00 00 |....|
[52] .  00 00 00 00 |....|
[53] .  00 00 00 00 |....|
[54] .  00 00 00 00 |....|
[55] .  00 00 00 00 |....|
[56] .  00 00 00 00 |....|
[57] .  00 00 00 00 |....|
[58] .  00 00 00 00 |....|
[59] .  00 00 00 00 |....|
[5A] .  00 00 00 00 |....|
[5B] .  00 00 00 00 |....|
[5C] .  00 00 00 00 |....|
[5D] .  00 00 00 00 |....|
[5E] .  00 00 00 00 |....|
[5F] .  00 00 00 00 |....|
[60] .  00 00 00 00 |....|
[61] .  00 00 00 00 |....|
[62] .  00 00 00 00 |....|
[63] .  00 00 00 00 |....|
[64] .  00 00 00 00 |....|
[65] .  00 00 00 00 |....|
[66] .  00 00 00 00 |....|
[67] .  00 00 00 00 |....|
[68] .  00 00 00 00 |....|
[69] .  00 00 00 00 |....|
[6A] .  00 00 00 00 |....|
[6B] .  00 00 00 00 |....|
[6C] .  00 00 00 00 |....|
[6D] .  00 00 00 00 |....|
[6E] .  00 00 00 00 |....|
[6F] .  00 00 00 00 |....|
[70] .  00 00 00 00 |....|
[71] .  00 00 00 00 |....|
[72] .  00 00 00 00 |....|
[73] .  00 00 00 00 |....|
[74] .  00 00 00 00 |....|
[75] .  00 00 00 00 |....|
[76] .  00 00 00 00 |....|
[77] .  00 00 00 00 |....|
[78] .  00 00 00 00 |....|
[79] .  00 00 00 00 |....|
[7A] .  00 00 00 00 |....|
[7B] .  00 00 00 00 |....|
[7C] .  00 00 00 00 |....|
[7D] .  00 00 00 00 |....|
[7E] .  00 00 00 00 |....|
[7F] .  00 00 00 00 |....|
[80] .  00 00 00 00 |....|
[81] .  00 00 00 00 |....|
[82] .  00 00 00 BD (LOCK2-LOCK4, CHK)
[83] .  04 00 00 FF (CFG, MIRROR, AUTH0)
[84] .  00 05 -- -- (ACCESS)
[85] +P FF FF FF FF (PWD0-PWD3)
[86] +P 00 00 -- -- (PACK0-PACK1)

  *:locked & blocked, x:locked,
  +:blocked, .:un(b)locked, ?:unknown
  r:readable (write-protected),
  p:password protected, -:write-only
  P:password protected write-only

RSA Key

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,AAAE9AC35EBC531FC7443998C8D7D5CE

DvnS5cXqbCnZAnzzuFiCxXKAHmz0fQ04jU7Luwxz990dZywM3sEzR0OdN3cd83oo
0XcRF7QLXU0F6zM+DkZ73G3PLSyXs62FhRgXchtAD2wyelU+M++TeY/iuvqshdyx
n0SPiApplRC35n70bDIJhw4X4cOSV6k7EnXfl6GLlztlQPqW1AUizAEmzGhIscVT
f2JNoS+7FLPY394I3hpq5rDX5hWdKhkbvLXeHy4dT690Qs2By2tVGPh3qeyBre6o
2bOduLP+9eXP60qVZQKhc76zHYORNq/pP8jZH3focV/WspazUIa4Zp0bb9M+uu3G
g8wq6WRxuAmUzYGfjg/3esW84+AJjh2zHHvqB+EsrDT/oaM2vSNsyu+efxEeixYZ
OE+LjfjIot0MeW2YIuLjzQygKh5rYhqTDJI35MV7aeSEh7KR7xBdHG/CrJ+Bj0Zn
0nYalWcLKyVnF+moHY5THPnBIWHFO8rPov5sw0PCqkh6a++uHyFJ91Z3qoc5WJ07
bHDEDouUNGoU27ONgfMLjMbSPj4oLZudgqI50u3RcZlbyHqwCtLt5SsO5XRnINTm
BmpnP4aUNlMlW78eB/hdylBI4k/4/yYC+6zUST/CIeXl60lqZvfdUQs9DjohULPl
ptL2u0o2W+f3950kygJ0pl+IS6x4UXKot0X0D74QRpvU2uilSZ/Pv5ANs+Dpv+yI
fVNrYTCKoOXfNLpmgqayv3Xv172ks7lbsiBXyVk5TDojgIYJOwALP3mwauz/9m1m
d5HZobdLraijPuIXNjVlesu9u1MbDpYmWfLrR8o2QZdreY3/mhPXweseXgH4f10g
c6j1Pg/KW7KLIXh7bT5k7vsZbADjv9QE40DY9MB4TmG3LziFyDN70J6q30Vc1f9R
oX3gi9HvZn98p0+m3FgliWf7q5tkC8ajxxmSlAeQJJPquESvxwZTY3QilvJ/FGfU
q8CQ1eGxiD75Dmr+MKVlRpOsJNCXrCtk5Xjc1X89syUpTM2lUMfFou9g2YY4oVc0
qfCbVChrR0ncc9wZHvQqTs7gQQxu0ags7aM+h7KRhy65VM0y6l6l4dvo9Vwkh1Mk
HipCDP14DH/mwiUKD+TBYqyzfNNY/qRk7nQzR46vvDzjOvwhcNA+aEYUnSE+EjtF
YseULXswpPlCqkH5d+3NwNlVGiSq2feGUvDQfwKDlWVNk+y+S03UN6tNqlZyyuwh
YUOGKDChq/zXL38pzdiY8rT1ASSXrUooWGzeSL2wBGUIAtSv+nDRSLgZnfG7BI58
Wa62m5qkrhGZFMxekLg2t9Cdt3CJ7bb3Qo6fyPO+LgWyA+Tr9l/pq+m7uca75S2i
jvtMHs+kziemj8BYWeli2SO2bqw16n3YLAumYSOBHIBbiNrAnjzPDR5e53vTL8jX
OUKRFebkx1a0YhI4fOfHrUili0RUxqVyI4XdczCPNexJr+zHyYNXvHExG9YSRsT3
pYnmG1rXnwGfZxuMOCUEqBFk9kvVAHNIuj8fmxnthbDyRC39jVyKD3Wd3oL4SIbV
nMk5EodPBi8ASDJbolddJfLwW+nShCvLMMgSPIbHXWz43bGXfo0rXNzmA0za96IN
Otumhq4EpFS5mBcgYqT5b6OYuD8gWMlIGCi2ZutA2uLJeZyrLrRt8ScBp+ivgG9E
YH3ch14ejyT8cnvKew89sOOH5vYmrrBp9b3FoBoevGLTm/7LKuP7BdYfss1wIdxB
qZqahYjxfvwRNIoUcFIATu62V2J9Wy1Gp1H7NgdO02CjV6StKYZpU48th66cPUTG
OVNdxo7qln8XE04cr1bBsDOdf0hX6Y4bTYN+nSIsXKVaE8nfxyqFI3hDg/Ne6V+v
QwBTNOYcINFJF6zK584/MmZEsFEZt8Lx22i2+M+lzaIsfxU6wdHq2h+ePkGWGKoA
J9XSjJq9U3lwbpa95g3qglf4obIBGqSmz/pkETrY7F1HJHuuR3rE2pKmRF/QD9MM
IPtxbjDPRHQu004WR1XRDmtHfpdL/Hvn/Bhhz3/xONZgs3YL0kh2nEI4ijJga0C5
6EylnnhHwHt/PqLZvupNGtJO8YL+7D1bBPlaLRL/tR17+ZJ2EwzZxBruEksZxbtj
x5LxKBnsPOo2eMDrKFYrQuvJgRPTOntPQuonNPsUGVvasFLCUvkm/Ja6LbT8nesG
/0/Vn9/kjlmO+JR/Dr2FyTikC5aU3c/2t5u0vlUK4l+NKnGQshKjr1ARbllO9NmN
8En/PldnNU+q063rv9ni7IQkgSg2rVPB1cknyUxWU8Q30XfPf76kiysxcQ+eHx6p
3wT0Ng80wJkVaF0H+DoZGh9ODxa4XYrhaBW2SvlOOFMfHgEh2aTs9kjFW8qGlMFR
09YMXR6eaokGN+8L9d076ASi5WawSpAFraHYOA+5HiFvmNeLrc4eKV7wo4dkmIK+
gKcn+0WhFCwJqjNvV35pVYtuSwPIp5Zo3PQdm3PCzEfk/1v88Fjsi+1X1YKC7S7I
22SmKly8QCF1PdBCyeLHkZiZnd3YU8SqS9mJGdd26ELDD54TVCmNgxThg1thAhT6
uo8NYrlclSkG9vbQYIGAqqylypvoSjrxlvikIJAMK1UBSXzz0ggK83kdzu/84YzW
aTmeA4ClbkwnXfhNNbsNyMmvfVujAGGurTBZC8w4gMG3VWbePZ7r9a+bUiCoW7ve
YHnlcC0viqOG5Yybws1Td9aW7irLVswLO09HRzKdZPkAUfeWMiu6XvegiY0Ztcp8
YQ18VZ8Mrr6Kx/xwDnZfOrZBRdvGhkAzrdsLOE9GEouQhXHhiEsHSXPOG2R03iyN
UwanVSpcjzOtFYWgcXjjhcdp0cXIbDX2CwXdZ04p5d/kTLYVIdHEsE20X2Rifl4Y
LgudFU837w7nWdzWqLVQXj+1Nchbex93ddOR8R/EKRfxXcBoLdUKYKywQOLUT9FY
95JODSeAD09TECY9ZLCaIyZByb6SUVJwv9fDi3cmfJa6HJu/HFEBIPxmrp7DDNkS
bOhUIKUdCA3Wae1ihQWf6mQl/W1xM/FZUAQvxalNirQ4aJ8BspL8tql3ViW3FHs2
FAH5l4QhIeB1G+O+e4D7Mm1gLFw//2r+9g7btmaFGEriEUX9rYXF9Xs/bkwcILOQ
-----END RSA PRIVATE KEY-----

Python Skript

import random
import subprocess
 
pool = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
tail = '-36C3'
size = len(tail) + 9
keyfile = '/home/pintman/Schreibtisch/id_rsa.priv'
 
def get_pass():
    passw = tail
    while len(passw) < size:
        passw = random.choice(pool) + passw
 
    return passw
 
retcode = -1
while retcode != 0:
    pw = get_pass()
    retcode = subprocess.run(['ssh-keygen', '-f', keyfile, '-p', '-P', pw]).returncode
    #retcode = subprocess.run(['ls']).returncode
    if retcode == 0:
        print(pw)
        exit
schule/36c3-telnet_challenge.txt · Zuletzt geändert: 01.01.2020 01:02 von Marco Bakera