X-Git-Url: http://git.rot13.org/?p=goodfet;a=blobdiff_plain;f=client%2FGoodFETCCSPI.py;h=c056cf304a517d8382ca16bf4e04182c97e21e82;hp=df53dac5b72f617655a17a4c7cbf7d0e7ef59d94;hb=37e18da03e554d588a08b3f654ac611cb7debada;hpb=e4676c25fa65a28f2f6e6e403fa6c618cd235521 diff --git a/client/GoodFETCCSPI.py b/client/GoodFETCCSPI.py index df53dac..c056cf3 100644 --- a/client/GoodFETCCSPI.py +++ b/client/GoodFETCCSPI.py @@ -5,7 +5,7 @@ # # This code is being rewritten and refactored. You've been warned! -import sys, time, string, cStringIO, struct, glob, serial, os; +import sys, time, string, cStringIO, struct, glob, os; from GoodFET import GoodFET; @@ -24,6 +24,7 @@ class GoodFETCCSPI(GoodFET): self.poke(0x12, 0x0500); #MDMCTRL1 self.poke(0x1C, 0x007F); #IOCFG0 self.poke(0x19, 0x01C4); #SECCTRL0, disabling crypto + self.RF_setsync(); def ident(self): return self.peek(0x1E); #MANFIDL @@ -83,7 +84,7 @@ class GoodFETCCSPI(GoodFET): """Write a CCSPI Register.""" data=[reg,(val>>8)&0xFF,val&0xFF]; self.writecmd(self.CCSPIAPP,0x03,len(data),data); - if self.peek(reg,bytes)!=val: + if self.peek(reg,bytes)!=val and reg!=0x18: print "Warning, failed to set r%02x=0x%04x, got %02x." %( reg, val, @@ -120,10 +121,18 @@ class GoodFETCCSPI(GoodFET): return 0; def RF_setrate(self,rate=0): return 0; + def RF_getsync(self): + return self.peek(0x14); + def RF_setsync(self,sync=0xa70F): + """Set the SYNC preamble. + Use 0xA70F for 0xA7.""" + self.poke(0x14,sync); + return; + def RF_setfreq(self,frequency): """Set the frequency in Hz.""" mhz=frequency/1000000; - fsctrl=self.peek(0x18)&~0x3FF; + fsctrl=0x8000; #self.peek(0x18)&(~0x3FF); fsctrl=fsctrl+int(mhz-2048) self.poke(0x18,fsctrl); self.strobe(0x02); @@ -132,6 +141,11 @@ class GoodFETCCSPI(GoodFET): fsctrl=self.peek(0x18); mhz=2048+(fsctrl&0x3ff) return mhz*1000000; + def RF_setchan(self,channel): + if channel < 11 or channel > 26: + print "Only 802.15.4 channels 11 to 26 are currently supported."; + else: + self.RF_setfreq( ( (channel-11)*5 + 2405 ) * 1000000 ); def RF_getsmac(self): """Return the source MAC address.""" return 0xdeadbeef; @@ -172,6 +186,19 @@ class GoodFETCCSPI(GoodFET): #self.strobe(0x09); return; + def RF_reflexjam(self): + """Place the device into reflexive jamming mode.""" + data = ""; + self.writecmd(self.CCSPIAPP,0xA0,len(data),data); + return; + + def RF_reflexjam_autoack(self): + """Place the device into reflexive jamming mode + and that also sends a forged ACK if needed.""" + data = ""; + self.writecmd(self.CCSPIAPP,0xA1,len(data),data); + time.sleep(30); + return; def RF_modulated_spectrum(self): """Hold a carrier wave on the present frequency.""" @@ -236,12 +263,28 @@ class GoodFETCCSPI(GoodFET): def RF_promiscuity(self,promiscuous=1): mdmctrl0=self.peek(0x11); - #print "mdmctrl0 was %04x" % mdmctrl0; - mdmctrl0=mdmctrl0&(~0x800); - #print "mdmctrl0 is now %04x" % mdmctrl0; + if promiscuous>0: + mdmctrl0=mdmctrl0&(~0x800); + else: + mdmctrl0=mdmctrl0|0x800; + self.poke(0x11,mdmctrl0); + return; + def RF_autocrc(self,autocrc=1): + mdmctrl0=self.peek(0x11); + if autocrc==0: + mdmctrl0=mdmctrl0&(~0x0020); + else: + mdmctrl0=mdmctrl0|0x0020; + self.poke(0x11,mdmctrl0); + return; + def RF_autoack(self,autoack=1): + mdmctrl0=self.peek(0x11); + if autoack==0: + mdmctrl0=mdmctrl0&(~0x0010); + else: + mdmctrl0=mdmctrl0|0x0010; self.poke(0x11,mdmctrl0); return; - packetlen=16; def RF_setpacketlen(self,len=16): """Set the number of bytes in the expected payload.""" @@ -272,14 +315,17 @@ class GoodFETCCSPI(GoodFET): for foo in packet: s="%s %02x" % (s,ord(foo)); print "#%s" % s; + def printdissect(self,packet): try: from scapy.all import Dot15d4 except ImportError: print "To use packet disection, Scapy must be installed and have the Dot15d4 extension present." - self.printpacket(packet) + print "try: hg clone http://hg.secdev.org/scapy-com"; + print " sudo ./setup.py install"; + self.printpacket(packet); try: - scapyd = Dot15d4(packet) - print scapyd.show() + scapyd = Dot15d4(packet[1:]); + scapyd.show(); except: pass;