Didier Stevens

Saturday 7 March 2020

Contextual Grepping: Proxmark3 Key Scan Example

Filed under: My Software — Didier Stevens @ 0:00

Recently I had to extract hexadecimal numbers from a Proxmark3 hf 14a command to use with mfkey. The Proxmark3 forum has a discussion on how to do this.

Here is an example of what I need:

I started doing this manually, and later I wrote a script based on my Python text template.

This is a very specialized script, and I prefer to have more generic scripts. My “algorithm” is the following: search for lines with string AUTH-A, and then look at 2 lines before that line, and the 3 lines following that line. This can almost be done with a grep command using option context, but then the line itself and the line before that would also be selected, and I don’t need them.

My Python text template (process-text-file.py) is not only a template to start developing new scripts that reads text files, but it is also a stand-alone program, that can do grepping, for example. After some time, I realized how I could make a more generic script: add a context option to my Python text template to specify the lines to select as offsets from the grepped line.

Option –grep AUTH-A selects each line from text file forum-example.txt that contains the string AUTH-A. If I only use this option, then only lines with string AUTH-A would be the output of my command.

But because I use option –context, I can specify which lines to select relative to the “grepped” line (e.g. containing string AUTH-A).

Option “–context -2,1-3” means that I want to output the line 2 lines before the grepped line (-2) and the 3 lines following the grepped line (1-3). The grepped line itself is no part of the output. If I want that too, I would reference (0) it like this: “–context -2,0,1-3”.



Blog at WordPress.com.