From: travisutk <travisutk@12e2690d-a6be-4b82-a7b7-67c4a43b65c8>
Date: Wed, 30 Jun 2010 09:06:59 +0000 (+0000)
Subject: Support for sniffing Turning Point Clicker packets.
X-Git-Url: http://git.rot13.org/?p=goodfet;a=commitdiff_plain;h=a84301b1952e524c5ebc4731cddc6b0ec406a9a8

Support for sniffing Turning Point Clicker packets.

git-svn-id: https://svn.code.sf.net/p/goodfet/code/trunk@649 12e2690d-a6be-4b82-a7b7-67c4a43b65c8
---

diff --git a/client/GoodFETSPI.py b/client/GoodFETSPI.py
index 0020ec2..cab2a37 100644
--- a/client/GoodFETSPI.py
+++ b/client/GoodFETSPI.py
@@ -25,6 +25,21 @@ class GoodFETSPI(GoodFET):
         self.writecmd(0x01,0x00,len(data),data);
         return self.data;
 
+class GoodFETSPI25C(GoodFETSPI):
+    #opcodes
+    WREN=0x06;
+    WRDI=0x04;
+    RDSR=0x05;
+    WRSR=0x01;
+    READ=0x03;
+    WRITE=0x02;
+    
+    def peek8(self,adr):
+        """Read a byte from the given address."""
+        data=self.SPItrans([self.READ,(adr>>8)&0xFF,adr&0xFF,0x00]);
+        return ord(data[3]);
+
+
 class GoodFETSPIFlash(GoodFETSPI):
     JEDECmanufacturers={0xFF: "MISSING",
                         0xEF: "Winbond",
diff --git a/client/goodfet.nrf b/client/goodfet.nrf
index b7f7927..14f3e9b 100755
--- a/client/goodfet.nrf
+++ b/client/goodfet.nrf
@@ -48,6 +48,7 @@ if(len(sys.argv)==1):
     print "%s pyregs" % sys.argv[0];
     print "%s sniff\n\tSniffs packets by current config." % sys.argv[0];
     print "%s sniffob\n\tSniffs OpenBeacon traffic." % sys.argv[0];
+    print "%s snifftp\n\tSniffs Tunrning Point Clicker traffic." % sys.argv[0];
     print "%s carrier [freq]\n\tHolds a carrier on [freq] Hz." % sys.argv[0];
     sys.exit();
 
@@ -150,6 +151,40 @@ if(sys.argv[1]=="sniffob"):
     #Power radio, prime for RX, one-byte checksum.
     client.poke(0x00,0x70|0x03|0x08); #0x08 for one byte, 0x04 for two.
     
+    print "Listening as %010x on %i MHz" % (client.RF_getsmac(),
+                                           client.RF_getfreq()/10**6);
+    #Now we're ready to get packets.
+    while 1:
+        packet=None;
+        while packet==None:
+            #time.sleep(0.1);
+            packet=client.RF_rxpacket();
+        printpacket(packet);
+        sys.stdout.flush();
+if(sys.argv[1]=="snifftp"):
+    #Reversal of transmitter code from nRF_CMD.c of OpenBeacon
+    #TODO remove all poke() calls.
+    
+    client.poke(0x00,0x00); #Stop nRF
+    client.poke(0x01,0x00); #Disable Shockburst
+    client.poke(0x02,0x01); #Set RX Pipe 0
+    
+    client.RF_setfreq((2400+0x29) * 10**6);
+    client.poke(0x06,0x00); #1Mbps
+    client.poke(0x07,0x78); #Reset status register
+    
+    #OpenBeacon defines these in little endian as follows.
+    client.RF_setmaclen(3); # SETUP_AW for 3-byte addresses.
+    client.RF_setsmac(0x123456);
+    #'O', 'C', 'A', 'E', 'B'
+    client.RF_settmac(0x424541434F);
+    
+    #Set packet length of 16.
+    client.RF_setpacketlen(6);
+    
+    #Power radio, prime for RX, one-byte checksum.
+    client.poke(0x00,0x70|0x03); #| with 0x08 for one byte, 0x04 for two.
+    
     print "Listening as %010x on %i MHz" % (client.RF_getsmac(),
                                            client.RF_getfreq()/10**6);
     #Now we're ready to get packets.