From 8f3ecaa2ecd27948480534d866f9c686fa14a019 Mon Sep 17 00:00:00 2001
From: travisutk <travisutk@12e2690d-a6be-4b82-a7b7-67c4a43b65c8>
Date: Thu, 23 Dec 2010 21:26:50 +0000
Subject: [PATCH] Lots of new shellcodes.  Need to document them later.

git-svn-id: https://svn.code.sf.net/p/goodfet/code/trunk@794 12e2690d-a6be-4b82-a7b7-67c4a43b65c8
---
 shellcode/chipcon/cc1110/Makefile      |  2 +-
 shellcode/chipcon/cc1110/reflexframe.c | 65 ++++++++++++++++++++++++++
 shellcode/chipcon/cc1110/rxpacketp25.c | 44 +++++++++++++++++
 3 files changed, 110 insertions(+), 1 deletion(-)
 create mode 100644 shellcode/chipcon/cc1110/reflexframe.c
 create mode 100644 shellcode/chipcon/cc1110/rxpacketp25.c

diff --git a/shellcode/chipcon/cc1110/Makefile b/shellcode/chipcon/cc1110/Makefile
index 1b17200..7790b04 100644
--- a/shellcode/chipcon/cc1110/Makefile
+++ b/shellcode/chipcon/cc1110/Makefile
@@ -8,7 +8,7 @@
 # Use lower RAM if needed.
 
 CC=sdcc --code-loc 0xF000 
-objs=crystal.ihx txpacket.ihx rxpacket.ihx txrxpacket.ihx reflex.ihx
+objs=crystal.ihx txpacket.ihx rxpacket.ihx txrxpacket.ihx reflex.ihx rxpacketp25.ihx reflexframe.ihx
 
 all: $(objs)
 
diff --git a/shellcode/chipcon/cc1110/reflexframe.c b/shellcode/chipcon/cc1110/reflexframe.c
new file mode 100644
index 0000000..0ca561d
--- /dev/null
+++ b/shellcode/chipcon/cc1110/reflexframe.c
@@ -0,0 +1,65 @@
+#include <cc1110.h>
+#include "cc1110-ext.h"
+
+char __xdata at 0xfe00 packet[256] ;
+
+void sleepMillis(int ms) {
+	int j;
+	while (--ms > 0) { 
+		for (j=0; j<1200;j++); // about 1 millisecond
+	};
+}
+
+//! Wait for a packet to come, then immediately return.
+void rxwait(){
+  //Disable interrupts.
+  RFTXRXIE=0;
+  
+  //idle a bit.
+  RFST=RFST_SIDLE;
+  while(MARCSTATE!=MARC_STATE_IDLE);
+  
+  //Begin to receive.
+  RFST=RFST_SRX;
+  while(MARCSTATE!=MARC_STATE_RX);
+  
+  //Incoming!  Return to let the jammer handle things.
+  
+}
+
+//! Reflexively jam on the present channel by responding to a signal with a carrier wave.
+void main(){
+  unsigned char threshold=packet[0], i=0, rssi=0;;
+  
+  
+  //Disable interrupts.
+  RFTXRXIE=0;
+  
+  //idle a bit.
+  //RFST=RFST_SIDLE;
+  //while(MARCSTATE!=MARC_STATE_IDLE);
+
+  while(1){
+    
+    rxwait();
+    
+    //idle a bit.
+    RFST=RFST_SIDLE;
+    while(MARCSTATE!=MARC_STATE_IDLE);
+    
+    SYNC1=0xAA;
+    SYNC0=0xAA;
+    
+    //Transmit carrier for 10ms
+    RFST=RFST_STX;
+    while(MARCSTATE!=MARC_STATE_TX);
+    sleepMillis(20);
+    
+    //Carrier will clear when the loop continue,
+    //but we can HALT to give the host a chance to take over.
+    HALT;
+  }  
+  RFST = RFST_SIDLE; //End transmit.
+  
+  HALT;
+}
diff --git a/shellcode/chipcon/cc1110/rxpacketp25.c b/shellcode/chipcon/cc1110/rxpacketp25.c
new file mode 100644
index 0000000..cdea825
--- /dev/null
+++ b/shellcode/chipcon/cc1110/rxpacketp25.c
@@ -0,0 +1,44 @@
+#include <cc1110.h>
+#include "cc1110-ext.h"
+
+#define MAXLEN 0xFF
+char __xdata at 0xfe00 packet[MAXLEN] ;
+
+//! Receives a packet out of the radio from 0xFE00.
+void main(){
+  unsigned char len=16, i=0;
+  
+  do{
+    //1-out the buffer.
+    for(i=0;i<64;i++)
+      packet[i]=0xFF;
+    i=0;
+    
+    //Disable interrupts.
+    RFTXRXIE=0;
+    
+    //idle a bit.
+    RFST=RFST_SIDLE;
+    while(MARCSTATE!=MARC_STATE_IDLE);
+    
+    //Begin to receive.
+    RFST=RFST_SRX;
+    while(MARCSTATE!=MARC_STATE_RX);
+    
+    //Fixed length
+    packet[i++]=PKTLEN;
+    while(i<PKTLEN){
+      while(!RFTXRXIF); //Wait for byte to be ready.
+      RFTXRXIF=0;      //Clear the flag.
+      
+      packet[i++]=RFD; //Grab the next byte.
+    }
+    
+    RFST = RFST_SIDLE; //End receive.
+    
+    //This while loop can be used for filtering.  Unused for now.
+  }while(packet[1]!=(char) 0xdd || packet[2]!=(char) 0x55);
+  
+  HALT;
+}
+
-- 
2.20.1