Shellcode is now only loaded when

[goodfet] / client / goodfet.cc

diff --git a/client/goodfet.cc b/client/goodfet.cc
index 26648bc..20b0405 100755 (executable)
--- a/client/goodfet.cc
+++ b/client/goodfet.cc
@@ -48,11 +48,16 @@ def handlesimplicitipacket(packet):
     port=packet[9];
     info=packet[10];
     seq=packet[11];
-    #payload begins at byte 12.
+    #payload begins at byte 10.
     
     
-    
-    if port==0x03:
+    if port==0x20:
+        #data packet
+        x=packet[11];
+        y=packet[13];
+        z=packet[15];
+        print "%02x: %i %i %i" % (seq,x,y,z);
+    elif port==0x03:
         #print "Join request.";
         if packet[12]!=1:
             print "Not a join request.  WTF?";
@@ -122,8 +127,6 @@ if(sys.argv[1]=="carrier"):
     if len(sys.argv)>2:
         client.RF_setfreq(eval(sys.argv[2]));
     client.RF_carrier();
-    #printconfig();
-    #print "\nHolding a carrier wave.";
     while(1):
         time.sleep(1);
 
@@ -132,35 +135,30 @@ if(sys.argv[1]=="reflex"):
     client.RF_idle();
     
     client.config_simpliciti();
-    client.pokebysym("MDMCFG4",   0x0c);  #ultrawide
-    client.pokebysym("FSCTRL1",   0x12);  #IF of 457.031
-    client.pokebysym("FSCTRL0",   0x00); 
-    client.pokebysym("FSCAL2" ,   0x2A);  #above mid
-    client.pokebysym("MCSM0"  ,   0x00);  # Main Radio Control State Machine
-    
-    client.pokebysym("FSCAL3"   , 0xEA)   # Frequency synthesizer calibration.
-    client.pokebysym("FSCAL2"   , 0x2A)   # Frequency synthesizer calibration.
-    client.pokebysym("FSCAL1"   , 0x00)   # Frequency synthesizer calibration.
-    client.pokebysym("FSCAL0"   , 0x1F)   # Frequency synthesizer calibration.
-        
-    client.pokebysym("TEST2"    , 0x88)   # Various test settings.
-    client.pokebysym("TEST1"    , 0x35)   # Various test settings.
-    client.pokebysym("TEST0"    , 0x09)   # Various test settings.
     
-    threshold=200;
+    threshold=100;
     if len(sys.argv)>2:
         client.RF_setfreq(eval(sys.argv[2]));
     print "Listening on %f MHz." % (client.RF_getfreq()/10**6);
     print "Jamming if RSSI>=%i" % threshold;
     
-    #FIXME, ugly
+    client.pokebyte(0xFE00,threshold,"xdata"); #Write threshold to shellcode.
+    client.shellcodefile("reflex.ihx");
+    rssi=0;
+    while 1:
+        while(0==client.ishalted()):
+            rssi=0;
+        rssi=client.peek8(0xFE00,"xdata");
+        print "Activated jamming with RSSI of %i, going again for another packet." % rssi;
+        #client.CCdebuginstr([0x02, 0xf0, 0x00]); #ljmp 0xF000
+        client.resume();
+    
     RFST=0xDFE1
     client.CC_RFST_CAL(); #SCAL
     time.sleep(1);
     
     maxrssi=0;
     while 1:
-        
         client.CC_RFST_RX(); #SRX
         rssi=client.RF_getrssi();
         client.CC_RFST_IDLE(); #idle
@@ -182,10 +180,9 @@ if(sys.argv[1]=="rssi"):
     
     client.config_simpliciti();
     
-    threshold=200;
     if len(sys.argv)>2:
         client.RF_setfreq(eval(sys.argv[2]));
-    print "Listening on %3.6f MHz." % (client.RF_getfreq()/10.0**6);
+    print "Listening on %f MHz." % (client.RF_getfreq()/10.0**6);
         
     #FIXME, ugly
     RFST=0xDFE1