print "%s bsniff [chan]" % sys.argv[0];
print "%s sniffdissect" % sys.argv[0];
-
- print;
- print "%s txtoscount [-i|-r] TinyOS BlinkToLED" % sys.argv[0];
-
+ print "\n%s txtoscount [-i|-r] TinyOS BlinkToLED" % sys.argv[0];
+ print "%s reflexjam" % sys.argv[0];
+
sys.exit();
#Initialize FET and set baud rate
client=GoodFETCCSPI();
client.serInit()
-
client.setup();
#Dummy read.
if(sys.argv[1]=="carrier"):
if len(sys.argv)>2:
client.RF_setfreq(eval(sys.argv[2]));
- while 1:
+ while 1:
client.RF_carrier();
while(1):
time.sleep(1);
while(1):
time.sleep(1);
+if(sys.argv[1]=="reflexjam"):
+ #Setup the radio to listen promiscously on a frequency
+ client.RF_promiscuity(1);
+ client.RF_autocrc(0);
+ if len(sys.argv)>2:
+ freq=eval(sys.argv[2]);
+ if freq>100:
+ client.RF_setfreq(freq);
+ else:
+ client.RF_setchan(freq);
+ client.CC_RFST_RX();
+ print "Reflexively jamming on %i MHz" % (client.RF_getfreq()/10**6);
+ #Now we let the firmware take over, watching for packets and jamming them.
+ client.RF_reflexjam();
+
if(sys.argv[1]=="info"):
print "Found %s" % client.identstr();
print "Freq: %05f MHz" % (client.RF_getfreq()/(10**6));
0xba, 0xbe, 0xc0]);
if(sys.argv[1]=="txtoscount"):
'''
- Clone of what TinyOS's BlinkToLED demo code does.
- Specify a channel a TinyOS mote programmed with BlinkToLED is on, and this will act as the second device.
+ Clone of what TinyOS's RadioCountToLeds demo code does. Specify a
+ channel a TinyOS mote programmed with RadioCountToLeds is on, and
+ this will act as the second device.
'''
if (len(sys.argv)<=3):
print "Provide -r to work via replays or -i to work via incrementing itself.";
packet=None;
while packet==None:
packet=client.RF_rxpacket();
- #print "Recd:",
- #client.printpacket(packet);
pkt = packet[:14];
- #print "Sent:",
- #client.printpacket(pkt)
client.RF_txpacket(pkt);
elif (sys.argv[3]=="-i"): #give -i to have it increment and send
#Use this code for it to actually do increments itself:
pkt = countpkt[:];
pkt[3] = i;
pkt[13] = i+1;
- #for j in pkt:
- # print hex(j)[2:],;
- #print;
client.RF_txpacket(pkt);
if i >= 31: i = 0;
else: i += 1;
time.sleep(0.5);
-if(sys.argv[1]=="txpiptest"):# or sys.argv[1]=="txpipscapy"):
+if(sys.argv[1]=="txpiptest" or sys.argv[1]=="txpipscapy"):
if len(sys.argv)>2:
freq=eval(sys.argv[2]);
if freq>100:
client.RF_setsync(0xFFFF);
while 1:
- client.RF_txpacket([
- 0x7f,
- #Real header, must begin with SFD.
- 0x00, 0x00, 0x00,
- 0x00, 0xA7,
-
- #Length
- 0x1f, 0x01, 0x08, 0x82,
- 0xDF, 0xff, 0xff, 0xff,
- 0xde, 0xad, 0xbe, 0xef,
- 0xba, 0xbe, 0xc0,
-
- #Preamble
- 0x00, 0x00, 0x00,
- #SFD
- 0x00, 0xA7, #CC2420 SFD
- #Packet In Packet
- 0x0f, 0x01, 0x08, 0x82,
- 0xff, 0xff, 0xff, 0xff,
- 0xde, 0xad, 0xbe, 0xef,
- 0xba, 0xbe, 0xc0,
-
- 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff,
- ]);
+ if(sys.argv[1]=="txpiptest"):
+ client.RF_txpacket([
+ 0x7f,
+ #Real header, must begin with SFD.
+ 0x00, 0x00, 0x00,
+ 0x00, 0xA7,
+
+ #Length
+ 0x1f, 0x01, 0x08, 0x82,
+ 0xDF, 0xff, 0xff, 0xff,
+ 0xde, 0xad, 0xbe, 0xef,
+ 0xba, 0xbe, 0xc0,
+
+ #Preamble
+ 0x00, 0x00, 0x00,
+ #SFD
+ 0x00, 0xA7, #CC2420 SFD
+ #Packet In Packet
+ 0x0f, 0x01, 0x08, 0x82,
+ 0xff, 0xff, 0xff, 0xff,
+ 0xde, 0xad, 0xbe, 0xef,
+ 0xba, 0xbe, 0xc0,
+
+ 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff,
+ ]);
+ elif(sys.argv[1]=="txpipscapy"):
+ try:
+ from scapy.all import Dot15d4, Dot15d4FCS, Dot15d4Data, Raw
+ import struct
+ except ImportError:
+ print "To use packet building, Scapy must be installed and have the dot15d4 extension present."
+ print "try: hg clone http://hg.secdev.org/scapy-com";
+ print " sudo ./setup.py install";
+ #Overall method is to build from the inner packet outwards in the pkt string
+ # Make inner packet
+ scapyinner = Dot15d4FCS(seqnum=130)/Dot15d4Data()/Raw('\xde\xad\xbe\xef');
+ #pkt = str(scapyinner)[:-2] + '\xba\xbe\xc0';
+ pkt = str(scapyinner); #build inner pkt to bytes, adding FCS automatically
+ #pkt = '\x0f'+pkt
+ pkt = struct.pack('b', len(pkt)) + pkt #prepend with its length
+ pkt = "\x00\x00\x00\x00\xA7" + pkt #add preamble and SFD to inner packet
+ # Make outer (wrapping) packet
+ scapyouter = Dot15d4(seqnum=130)/Dot15d4Data(dest_panid=0xffdf)/Raw('\xde\xad\xbe\xef\xba\xbe\xc0') #TODO why need these last 3 bytes?
+ pkt = str(scapyouter) + pkt
+ pkt = struct.pack('b', len(pkt)) + pkt #prepend with its length
+ pkt = '\x00\x00\x00\x00\xA7' + pkt + ('\xff'*28) #start with preamble/SFD and add 0xff fill at end
+ pkt = struct.pack('b', len(pkt)) + pkt #prepend with its length (originally used \x7f)
+ client.printpacket(pkt)
+ client.RF_autocrc(1);
+ client.RF_txpacket(pkt)
+
if(sys.argv[1]=="peek"):
start=0x0000;
projects / goodfet / blobdiff