X-Git-Url: http://git.rot13.org/?p=goodfet;a=blobdiff_plain;f=client%2Fgoodfet.ccspi;h=037252145c580132453c010dd683f41f40b3aaad;hp=b40d123c5e1c14304930b0483740c975d4190850;hb=d08406f7da762727be41c0e13c427703f08b50c1;hpb=3ce193dd33e5e9e4c16989d85b8fb15715b139de

diff --git a/client/goodfet.ccspi b/client/goodfet.ccspi
index b40d123..0372521 100755
--- a/client/goodfet.ccspi
+++ b/client/goodfet.ccspi
@@ -28,7 +28,9 @@ if(len(sys.argv)==1):
     
     print "\n%s surf" % sys.argv[0];
     print "%s sniff [chan]" % sys.argv[0];
+    print "%s sniffstrings [chan]" % sys.argv[0];
     print "%s bsniff [chan]" % sys.argv[0];
+    print "%s sniffcrypt 0x$key [chan]" % sys.argv[0];
     print "%s sniffdissect" % sys.argv[0];
     
     print "\n%s txtoscount [-i|-r]   TinyOS BlinkToLED" % sys.argv[0];
@@ -185,7 +187,7 @@ if sys.argv[1]=="surf":
         sys.stdout.flush();
         chan=chan+1;
 
-if(sys.argv[1]=="sniff" or sys.argv[1]=="sniffdissect"):
+if(sys.argv[1]=="sniff" or sys.argv[1]=="sniffdissect" or sys.argv[1]=="sniffstrings"):
     #Promiscuous mode.
     client.RF_promiscuity(1);
     client.RF_autocrc(1);
@@ -211,6 +213,8 @@ if(sys.argv[1]=="sniff" or sys.argv[1]=="sniffdissect"):
             packet=client.RF_rxpacket();
         if sys.argv[1]=="sniffdissect":
             client.printdissect(packet);
+        elif sys.argv[1]=="sniffstrings":
+            print packet
         else:
             client.printpacket(packet);
         sys.stdout.flush();
@@ -238,6 +242,39 @@ if(sys.argv[1]=="bsniff"):
         client.printpacket(packet);
         sys.stdout.flush();
 
+if(sys.argv[1]=="sniffcrypt"):
+    print "Zigbee crypto is pretty damned complicated, and this doesn't work yet.";
+    #Just broadcast.
+    client.RF_promiscuity(1);
+    client.RF_setsmac(0xFFFFFFFF);
+    client.RF_autocrc(1);
+    #client.poke(0x19, 0x03C7); #SECCTRL0, enabling CCM crypto w/ KEY0
+    client.poke(0x19, 0x03C6); #SECCTRL0, enabling CTRL crypto w/ KEY0
+    
+    #What follows is the nonce.
+    client.poke(0x20, 0x000a); #SECCTRL1, skipping 10 bytes of header
+    
+    if len(sys.argv)>2:
+        key=int(sys.argv[2],16);
+        print "Setting KEY0 to %x" % key;
+        client.RF_setkey(key);
+    if len(sys.argv)>3:
+        freq=eval(sys.argv[3]);
+        if freq>100:
+            client.RF_setfreq(freq);
+        else:
+            client.RF_setchan(freq);
+    client.CC_RFST_RX();
+    print "Listening as %010x on %i MHz" % (client.RF_getsmac(),
+                                            client.RF_getfreq()/10**6);
+    #Now we're ready to get packets.
+    while 1:
+        packet=None;
+        while packet==None:
+            packet=client.RF_rxpacketdec();
+        client.printpacket(packet);
+        sys.stdout.flush();
+
 if(sys.argv[1]=="txtest"):
     if len(sys.argv)>2:
         freq=eval(sys.argv[2]);