X-Git-Url: http://git.rot13.org/?p=goodfet;a=blobdiff_plain;f=client%2Fgoodfet.cc;h=48729fc7fc6d247a35cfdc9b77e7ac3a6b757087;hp=d463b1c61f1a68e44d863c68220dc488e54d2e20;hb=ea807e987b960e8c237b1867cad899de5abbe5e7;hpb=3fe9208501908b0522deaf3f7e938f4640f2b624 diff --git a/client/goodfet.cc b/client/goodfet.cc index d463b1c..48729fc 100755 --- a/client/goodfet.cc +++ b/client/goodfet.cc @@ -12,6 +12,16 @@ from GoodFETCC import GoodFETCC; from GoodFETConsole import GoodFETConsole; from intelhex import IntelHex; + +def printpacket(packet): + s=""; + i=0; + for foo in packet: + i=i+1; + #if i>client.packetlen: break; + s="%s %02x" % (s,ord(foo)); + print "%s" %s; + if(len(sys.argv)==1): print "Usage: %s verb [objects]\n" % sys.argv[0]; print "%s erase" % sys.argv[0]; @@ -19,6 +29,7 @@ if(len(sys.argv)==1): print "%s test" % sys.argv[0]; print "%s term" % sys.argv[0]; print "%s info" % sys.argv[0]; + print "%s halt" % sys.argv[0]; print "%s regs" % sys.argv[0]; print "%s dumpcode $foo.hex [0x$start 0x$stop]" % sys.argv[0]; print "%s dumpdata $foo.hex [0x$start 0x$stop]" % sys.argv[0]; @@ -29,8 +40,11 @@ if(len(sys.argv)==1): print "%s peek 0x$iram" % sys.argv[0]; print "%s poke 0x$iram 0x$val" % sys.argv[0]; print "%s peekcode 0x$start [0x$stop]" % sys.argv[0]; - + print "\n" + print "%s rssi [freq]\n\tGraphs signal strength on [freq] Hz." % sys.argv[0]; print "%s carrier [freq]\n\tHolds a carrier on [freq] Hz." % sys.argv[0]; + print "%s reflex [freq]\n\tJams on [freq] Hz." % sys.argv[0]; + print "%s sniffsimpliciti [us|eu|lf]\n\tSniffs SimpliciTI packets." % sys.argv[0]; sys.exit(); @@ -44,15 +58,125 @@ client.setup(); client.start(); + if(sys.argv[1]=="carrier"): if len(sys.argv)>2: client.RF_setfreq(eval(sys.argv[2])); client.RF_carrier(); #printconfig(); - print "\nHolding a carrier wave."; + #print "\nHolding a carrier wave."; while(1): time.sleep(1); +if(sys.argv[1]=="reflex"): + client.CC1110_crystal(); + client.RF_idle(); + + client.config_simpliciti(); + client.pokebysym("MDMCFG4", 0x0c); #ultrawide + client.pokebysym("FSCTRL1", 0x12); #IF of 457.031 + client.pokebysym("FSCTRL0", 0x00); + client.pokebysym("FSCAL2" , 0x2A); #above mid + client.pokebysym("MCSM0" , 0x00); # Main Radio Control State Machine + + client.pokebysym("FSCAL3" , 0xEA) # Frequency synthesizer calibration. + client.pokebysym("FSCAL2" , 0x2A) # Frequency synthesizer calibration. + client.pokebysym("FSCAL1" , 0x00) # Frequency synthesizer calibration. + client.pokebysym("FSCAL0" , 0x1F) # Frequency synthesizer calibration. + + client.pokebysym("TEST2" , 0x88) # Various test settings. + client.pokebysym("TEST1" , 0x35) # Various test settings. + client.pokebysym("TEST0" , 0x09) # Various test settings. + + threshold=200; + if len(sys.argv)>2: + client.RF_setfreq(eval(sys.argv[2])); + print "Listening on %f MHz." % (client.RF_getfreq()/10**6); + print "Jamming if RSSI>=%i" % threshold; + + #FIXME, ugly + RFST=0xDFE1 + client.CC_RFST_CAL(); #SCAL + time.sleep(1); + + maxrssi=0; + while 1: + + client.CC_RFST_RX(); #SRX + rssi=client.RF_getrssi(); + client.CC_RFST_IDLE(); #idle + time.sleep(0.01); + string=""; + for foo in range(0,rssi>>2): + string=("%s."%string); + print "%02x %04i %04i %s" % (rssi,rssi, maxrssi, string); + if rssi>maxrssi: + maxrssi=(rssi); + if rssi>threshold: + #print "Triggered jamming for 1s."; + client.RF_carrier(); + time.sleep(1); + print "JAMMING JAMMING JAMMING JAMMING"; +if(sys.argv[1]=="rssi"): + client.CC1110_crystal(); + client.RF_idle(); + + client.config_simpliciti(); + + threshold=200; + if len(sys.argv)>2: + client.RF_setfreq(eval(sys.argv[2])); + print "Listening on %f MHz." % (client.RF_getfreq()/10**6); + + #FIXME, ugly + RFST=0xDFE1 + client.CC_RFST_CAL(); + time.sleep(1); + + while 1: + client.CC_RFST_RX(); + rssi=client.RF_getrssi(); + client.CC_RFST_IDLE(); #idle + time.sleep(0.01); + string=""; + for foo in range(0,rssi>>2): + string=("%s."%string); + print "%02x %04i %s" % (rssi,rssi, string); + +if(sys.argv[1]=="sniffsimpliciti"): + #TODO remove all poke() calls. + + client.CC1110_crystal(); + client.RF_idle(); + + + client.config_simpliciti("lf"); + #client.RF_setfreq(2481 * 10**6); + + #OpenBeacon defines these in little endian as follows. + #client.RF_setmaclen(5); # SETUP_AW for 5-byte addresses. + #0x01, 0x02, 0x03, 0x02, 0x01 + #client.RF_setsmac(0x0102030201); + #'O', 'C', 'A', 'E', 'B' + #client.RF_settmac(0x424541434F); + + #Set packet length of 16. + #client.RF_setpacketlen(16); + + + print "Listening as %010x on %i MHz" % (client.RF_getsmac(), + client.RF_getfreq()/10**6); + #Now we're ready to get packets. + while 1: + packet=None; + while packet==None: + #time.sleep(0.1); + packet=client.RF_rxpacket(); + printpacket(packet); + sys.stdout.flush(); + + + if(sys.argv[1]=="explore"): print "Exploring undefined commands." print "Status: %s" %client.status(); @@ -108,6 +232,9 @@ if(sys.argv[1]=="dumpdata"): h.write_hex_file(f); if(sys.argv[1]=="status"): print "Status: %s" %client.status(); +if(sys.argv[1]=="halt"): + print "Halting CPU." + client.halt(); if(sys.argv[1]=="info"): print "Ident %s" % client.CCidentstr();