projects
/
goodfet
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
debugged my attempt to fake the VIN
[goodfet]
/
client
/
goodfet.ccspi
diff --git
a/client/goodfet.ccspi
b/client/goodfet.ccspi
index
10a1392
..
59eee33
100755
(executable)
--- a/
client/goodfet.ccspi
+++ b/
client/goodfet.ccspi
@@
-5,7
+5,7
@@
# Additions 2011-2012 Ryan Speers ryan@rmspeers.com
#N.B.,
# Additions 2011-2012 Ryan Speers ryan@rmspeers.com
#N.B.,
-#
Might be
CC2420 Specific
+#
Very
CC2420 Specific
import sys;
import binascii;
import sys;
import binascii;
@@
-20,7
+20,10
@@
def srcadr(packet):
return ord(packet[4])+(ord(packet[5])<<8);
def isencrypted(packet):
"""Returns true if the packet is encrypted.""";
return ord(packet[4])+(ord(packet[5])<<8);
def isencrypted(packet):
"""Returns true if the packet is encrypted.""";
- return ord(packet[1])&0x08;
+ try:
+ return ord(packet[1])&0x08;
+ except:
+ return False;
def pktnonceseq(packet):
"""Returns the nonce sequence of a packet."""
nonce=0;
def pktnonceseq(packet):
"""Returns the nonce sequence of a packet."""
nonce=0;
@@
-45,6
+48,7
@@
if(len(sys.argv)==1):
print "\n%s surf" % sys.argv[0];
print "%s sniff [chan]" % sys.argv[0];
print "\n%s surf" % sys.argv[0];
print "%s sniff [chan]" % sys.argv[0];
+ print "%s fastsniff [chan]" % sys.argv[0];
print "%s sniffstrings [chan]" % sys.argv[0];
print "%s bsniff [chan]" % sys.argv[0];
print "%s sniffcrypt 0x$key [chan]" % sys.argv[0];
print "%s sniffstrings [chan]" % sys.argv[0];
print "%s bsniff [chan]" % sys.argv[0];
print "%s sniffcrypt 0x$key [chan]" % sys.argv[0];
@@
-53,6
+57,9
@@
if(len(sys.argv)==1):
print "\n%s txtoscount [-i|-r] TinyOS BlinkToLED" % sys.argv[0];
print "%s reflexjam [channel=11] [delay=0]" % sys.argv[0];
print "\n%s txtoscount [-i|-r] TinyOS BlinkToLED" % sys.argv[0];
print "%s reflexjam [channel=11] [delay=0]" % sys.argv[0];
+
+ print "\n%s txpiptest" % sys.argv[0];
+ print "%s txpipscapy" % sys.argv[0];
sys.exit();
sys.exit();
@@
-232,7
+239,7
@@
if sys.argv[1]=="surf":
chan=chan+1;
if(sys.argv[1]=="sniff" or sys.argv[1]=="sniffdissect" or sys.argv[1]=="sniffstrings" or
chan=chan+1;
if(sys.argv[1]=="sniff" or sys.argv[1]=="sniffdissect" or sys.argv[1]=="sniffstrings" or
- sys.argv[1]=="sniffnonce"):
+ sys.argv[1]=="sniffnonce"
or sys.argv[1]=="fastsniff"
):
#Promiscuous mode.
client.RF_promiscuity(1);
client.RF_autocrc(1);
#Promiscuous mode.
client.RF_promiscuity(1);
client.RF_autocrc(1);
@@
-248,10
+255,13
@@
if(sys.argv[1]=="sniff" or sys.argv[1]=="sniffdissect" or sys.argv[1]=="sniffstr
client.CC_RFST_RX();
print "Listening as %010x on %i MHz" % (client.RF_getsmac(),
client.RF_getfreq()/10**6);
client.CC_RFST_RX();
print "Listening as %010x on %i MHz" % (client.RF_getsmac(),
client.RF_getfreq()/10**6);
+ #If fastsniffing, then send that command.
+ if sys.argv[1]=="fastsniff":
+ client.RF_rxpacketrepeat();
+
#Now we're ready to get packets.
while 1:
#Now we're ready to get packets.
while 1:
- #client.setup(); #Really oughtn't be necessary, but can't hurt.
- client.CC_RFST_RX();
+ #client.CC_RFST_RX(); # Cop-out that confuses reception!
packet=None;
while packet==None:
packet=None;
while packet==None:
@@
-262,7
+272,13
@@
if(sys.argv[1]=="sniff" or sys.argv[1]=="sniffdissect" or sys.argv[1]=="sniffstr
print packet;
elif sys.argv[1]=="sniffnonce":
if isencrypted(packet):
print packet;
elif sys.argv[1]=="sniffnonce":
if isencrypted(packet):
- print "%04x: %08x" % (srcadr(packet),pktnonceseq(packet));
+ try:
+ print "%04x: %08x -- %s" % (srcadr(packet),
+ pktnonceseq(packet),
+ client.packet2str(packet)
+ );
+ except:
+ pass;
else:
client.printpacket(packet);
sys.stdout.flush();
else:
client.printpacket(packet);
sys.stdout.flush();
@@
-393,7
+409,7
@@
if(sys.argv[1]=="txpiptest" or sys.argv[1]=="txpipscapy"):
client.RF_setfreq(freq);
else:
client.RF_setchan(freq);
client.RF_setfreq(freq);
else:
client.RF_setchan(freq);
- print "Transmitting on as %010x on %i MHz" % (
+ print "Transmitting on
PIP injection
as %010x on %i MHz" % (
client.RF_getsmac(),
client.RF_getfreq()/10**6);
client.RF_getsmac(),
client.RF_getfreq()/10**6);