Mirror/Momentum-Firmware
1
0
Fork 0
mirror of https://github.com/Next-Flip/Momentum-Firmware.git synced 2026-05-22 05:14:46 -07:00
Code Issues Packages Projects Releases Wiki Activity

Fuzzer App: Zero idle time

Browse Source
This commit is contained in:
gid9798
2023-06-06 22:43:44 +03:00
parent 7c172c7c06
commit 28f4cd3d3c
9 changed files with 237 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
applications/external/pacs_fuzzer/lib/worker/fake_worker.c vendored
View File

@@ -38,8 +38,8 @@ struct FuzzerWorker {
const FuzzerProtocol* protocol; const FuzzerProtocol* protocol;
FuzzerWorkerAttackType attack_type; FuzzerWorkerAttackType attack_type;
uint8_t timer_idle_delay; uint8_t timer_idle_time;
uint8_t timer_emu_delay; uint8_t timer_emu_time;
uint8_t payload[MAX_PAYLOAD_SIZE]; uint8_t payload[MAX_PAYLOAD_SIZE];
Stream* uids_stream; Stream* uids_stream;
@@ -157,7 +157,7 @@ static void fuzzer_worker_on_tick_callback(void* context) {
#endif #endif
} }
instance->in_emu_phase = false; instance->in_emu_phase = false;
furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_idle_delay * 100)); furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_idle_time * 100));
} else { } else {
if(!fuzzer_worker_load_key(instance, true)) { if(!fuzzer_worker_load_key(instance, true)) {
fuzzer_worker_pause(instance); // XXX fuzzer_worker_pause(instance); // XXX
@@ -173,7 +173,7 @@ static void fuzzer_worker_on_tick_callback(void* context) {
#endif #endif
} }
instance->in_emu_phase = true; instance->in_emu_phase = true;
furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_delay * 100)); furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_time * 100));
if(instance->tick_callback) { if(instance->tick_callback) {
instance->tick_callback(instance->tick_context); instance->tick_callback(instance->tick_context);
} }
@@ -349,8 +349,8 @@ FuzzerWorker* fuzzer_worker_alloc() {
memset(instance->payload, 0x00, sizeof(instance->payload)); memset(instance->payload, 0x00, sizeof(instance->payload));
instance->timer_idle_delay = PROTOCOL_MIN_IDLE_DELAY; instance->timer_idle_time = PROTOCOL_DEF_IDLE_TIME;
instance->timer_emu_delay = PROTOCOL_MIN_IDLE_DELAY; instance->timer_emu_time = PROTOCOL_DEF_EMU_TIME;
instance->timer = instance->timer =
furi_timer_alloc(fuzzer_worker_on_tick_callback, FuriTimerTypeOnce, instance); furi_timer_alloc(fuzzer_worker_on_tick_callback, FuriTimerTypeOnce, instance);
@@ -379,19 +379,21 @@ void fuzzer_worker_free(FuzzerWorker* instance) {
free(instance); free(instance);
} }
bool fuzzer_worker_start(FuzzerWorker* instance, uint8_t timer_dellay) { bool fuzzer_worker_start(FuzzerWorker* instance, uint8_t idle_time, uint8_t emu_time) {
furi_assert(instance); furi_assert(instance);
if(instance->attack_type < FuzzerWorkerAttackTypeMax) { if(instance->attack_type < FuzzerWorkerAttackTypeMax) {
uint8_t temp = timer_dellay / 2; // if(emu_time == 0) {
instance->timer_emu_delay = temp; // uint8_t temp = idle_time / 2;
instance->timer_idle_delay = temp + timer_dellay % 2; // instance->timer_emu_time = temp;
// instance->timer_idle_time = temp + idle_time % 2;
// } else {
instance->timer_idle_time = idle_time;
instance->timer_emu_time = emu_time;
// }
FURI_LOG_D( FURI_LOG_D(
TAG, TAG, "Emu_time %u Idle_time %u", instance->timer_emu_time, instance->timer_idle_time);
"Emu_delay %u Idle_delay %u",
instance->timer_emu_delay,
instance->timer_idle_delay);
if(!instance->treead_running) { if(!instance->treead_running) {
#if defined(RFID_125_PROTOCOL) #if defined(RFID_125_PROTOCOL)
@@ -413,7 +415,7 @@ bool fuzzer_worker_start(FuzzerWorker* instance, uint8_t timer_dellay) {
ibutton_worker_emulate_start(instance->proto_worker, instance->key); ibutton_worker_emulate_start(instance->proto_worker, instance->key);
#endif #endif
instance->in_emu_phase = true; instance->in_emu_phase = true;
furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_delay * 100)); furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_time * 100));
return true; return true;
} }
return false; return false;

5
applications/external/pacs_fuzzer/lib/worker/fake_worker.h vendored
View File

@@ -35,10 +35,11 @@ void fuzzer_worker_free(FuzzerWorker* instance);
* Start or continue emulation * Start or continue emulation
* *
* @param instance Pointer to a FuzzerWorker * @param instance Pointer to a FuzzerWorker
* @param timer_dellay Emulation time of one UID in tenths of a second * @param idle_time Delay between emulations in tenths of a second
* @param emu_time Emulation time of one UID in tenths of a second
* @return bool True if emulation has started * @return bool True if emulation has started
*/ */
bool fuzzer_worker_start(FuzzerWorker* instance, uint8_t timer_dellay); bool fuzzer_worker_start(FuzzerWorker* instance, uint8_t idle_time, uint8_t emu_time);
/** /**
* Stop emulation and deinit worker * Stop emulation and deinit worker

8
applications/external/pacs_fuzzer/lib/worker/protocol.c vendored
View File

@@ -254,8 +254,12 @@ uint8_t fuzzer_proto_get_max_data_size() {
return MAX_PAYLOAD_SIZE; return MAX_PAYLOAD_SIZE;
} }
uint8_t fuzzer_proto_get_min_delay() { uint8_t fuzzer_proto_get_def_emu_time() {
return PROTOCOL_TIME_DELAY_MIN; return PROTOCOL_DEF_EMU_TIME;
}
uint8_t fuzzer_proto_get_def_idle_time() {
return PROTOCOL_DEF_IDLE_TIME;
} }
const char* fuzzer_proto_get_menu_label(uint8_t index) { const char* fuzzer_proto_get_menu_label(uint8_t index) {

8
applications/external/pacs_fuzzer/lib/worker/protocol.h vendored
View File

@@ -37,11 +37,9 @@ struct FuzzerPayload {
*/ */
uint8_t fuzzer_proto_get_max_data_size(); uint8_t fuzzer_proto_get_max_data_size();
/** // TODO add description
* Get minimum time delay for protocols uint8_t fuzzer_proto_get_def_emu_time();
* @return Minimum time delay uint8_t fuzzer_proto_get_def_idle_time();
*/
uint8_t fuzzer_proto_get_min_delay();
/** /**
* Get protocol name based on its index * Get protocol name based on its index

10
applications/external/pacs_fuzzer/lib/worker/protocol_i.h vendored
View File

@@ -4,12 +4,14 @@
#if defined(RFID_125_PROTOCOL) #if defined(RFID_125_PROTOCOL)
#define MAX_PAYLOAD_SIZE (6) #define MAX_PAYLOAD_SIZE (6)
#define PROTOCOL_MIN_IDLE_DELAY (5) #define PROTOCOL_DEF_IDLE_TIME (4)
#define PROTOCOL_TIME_DELAY_MIN PROTOCOL_MIN_IDLE_DELAY + 4 #define PROTOCOL_DEF_EMU_TIME (5)
#define PROTOCOL_TIME_DELAY_MIN PROTOCOL_DEF_IDLE_TIME + PROTOCOL_DEF_EMU_TIME
#else #else
#define MAX_PAYLOAD_SIZE (8) #define MAX_PAYLOAD_SIZE (8)
#define PROTOCOL_MIN_IDLE_DELAY (2) #define PROTOCOL_DEF_IDLE_TIME (2)
#define PROTOCOL_TIME_DELAY_MIN PROTOCOL_MIN_IDLE_DELAY + 2 #define PROTOCOL_DEF_EMU_TIME (2)
#define PROTOCOL_TIME_DELAY_MIN PROTOCOL_DEF_IDLE_TIME + PROTOCOL_DEF_EMU_TIME
#endif #endif
typedef struct ProtoDict ProtoDict; typedef struct ProtoDict ProtoDict;

5
applications/external/pacs_fuzzer/scenes/fuzzer_scene_attack.c vendored
View File

@@ -127,8 +127,11 @@ bool fuzzer_scene_attack_on_event(void* context, SceneManagerEvent event) {
if(scene_manager_get_scene_state(app->scene_manager, FuzzerSceneAttack) == if(scene_manager_get_scene_state(app->scene_manager, FuzzerSceneAttack) ==
FuzzerAttackStateIdle) { FuzzerAttackStateIdle) {
// Start or Continue Attack // Start or Continue Attack
// TODO emu_time
if(fuzzer_worker_start( if(fuzzer_worker_start(
app->worker, fuzzer_view_attack_get_time_delay(app->attack_view))) { app->worker,
fuzzer_view_attack_get_time_delay(app->attack_view),
fuzzer_view_attack_get_emu_time(app->attack_view))) {
fuzzer_scene_attack_set_state(app, FuzzerAttackStateRunning); fuzzer_scene_attack_set_state(app, FuzzerAttackStateRunning);
} else { } else {
// Error? // Error?

3
applications/external/pacs_fuzzer/todo.md vendored
View File

@@ -27,7 +27,8 @@
- [x] Description and buttons in `field_editor` view - [x] Description and buttons in `field_editor` view
- [ ] Protocol carousel in `main_menu` - [ ] Protocol carousel in `main_menu`
- [x] prototype - [x] prototype
- [ ] Add the ability to edit emulation time and downtime separately - [x] Add the ability to edit emulation time and downtime separately
- [ ] Decide on the display
- [x] UID - [x] UID
- [x] Simplify the storage and exchange of `uids.data` `uid.data_size` in `views` - [x] Simplify the storage and exchange of `uids.data` `uid.data_size` in `views`
- [x] `UID_MAX_SIZE` - [x] `UID_MAX_SIZE`

217
applications/external/pacs_fuzzer/views/attack.c vendored
View File

@@ -4,8 +4,13 @@
#include <input/input.h> #include <input/input.h>
#include <gui/elements.h> #include <gui/elements.h>
#define ATACK_VIEW_V2
// #define ATACK_VIEW_V2_1
#define ATACK_VIEW_V2_2
#define ATTACK_SCENE_MAX_UID_LENGTH 25 #define ATTACK_SCENE_MAX_UID_LENGTH 25
#define UID_MAX_DISPLAYED_LEN (8U) #define UID_MAX_DISPLAYED_LEN (8U)
#define LIFT_RIGHT_OFFSET (3)
struct FuzzerViewAttack { struct FuzzerViewAttack {
View* view; View* view;
@@ -14,8 +19,11 @@ struct FuzzerViewAttack {
}; };
typedef struct { typedef struct {
uint8_t time_delay; uint8_t time_delay; // 1 = 100ms
uint8_t time_delay_min; uint8_t time_delay_min; // 1 = 100ms
uint8_t emu_time; // 1 = 100ms
uint8_t emu_time_min; // 1 = 100ms
bool td_emt_cursor; // false - time_delay, true - emu_time
const char* attack_name; const char* attack_name;
const char* protocol_name; const char* protocol_name;
FuzzerAttackState attack_state; FuzzerAttackState attack_state;
@@ -107,8 +115,7 @@ void fuzzer_view_attack_set_callback(
} }
void fuzzer_view_attack_draw(Canvas* canvas, FuzzerViewAttackModel* model) { void fuzzer_view_attack_draw(Canvas* canvas, FuzzerViewAttackModel* model) {
char time_delay[16]; char temp_str[50];
snprintf(time_delay, sizeof(time_delay), "Time delay: %d", model->time_delay);
canvas_clear(canvas); canvas_clear(canvas);
canvas_set_color(canvas, ColorBlack); canvas_set_color(canvas, ColorBlack);
@@ -116,8 +123,101 @@ void fuzzer_view_attack_draw(Canvas* canvas, FuzzerViewAttackModel* model) {
canvas_set_font(canvas, FontPrimary); canvas_set_font(canvas, FontPrimary);
canvas_draw_str_aligned(canvas, 64, 2, AlignCenter, AlignTop, model->attack_name); canvas_draw_str_aligned(canvas, 64, 2, AlignCenter, AlignTop, model->attack_name);
#ifndef ATACK_VIEW_V2
canvas_set_font(canvas, FontSecondary);
snprintf(
temp_str,
sizeof(temp_str),
"Time delay: %d.%d",
model->time_delay / 10,
model->time_delay % 10);
canvas_draw_str_aligned(canvas, 64, 14, AlignCenter, AlignTop, temp_str);
#elif defined(ATACK_VIEW_V2_1)
canvas_set_font(canvas, FontSecondary);
if(!model->td_emt_cursor) {
snprintf(
temp_str,
sizeof(temp_str),
"Time delay: %d.%d EmT: %d.%d",
model->time_delay / 10,
model->time_delay % 10,
model->emu_time / 10,
model->emu_time % 10);
} else {
snprintf(
temp_str,
sizeof(temp_str),
"TD: %d.%d Emulation time: %d.%d",
model->time_delay / 10,
model->time_delay % 10,
model->emu_time / 10,
model->emu_time % 10);
}
canvas_draw_str_aligned(canvas, 64, 21, AlignCenter, AlignBottom, temp_str);
#elif defined(ATACK_VIEW_V2_2)
uint16_t crt;
canvas_set_font(canvas, FontPrimary);
if(!model->td_emt_cursor) {
canvas_set_font(canvas, FontSecondary);
snprintf(temp_str, sizeof(temp_str), "Time delay:");
canvas_draw_str_aligned(canvas, LIFT_RIGHT_OFFSET, 21, AlignLeft, AlignBottom, temp_str);
crt = canvas_string_width(canvas, temp_str);
canvas_set_font(canvas, FontPrimary);
snprintf(
temp_str, sizeof(temp_str), "%d.%d", model->time_delay / 10, model->time_delay % 10);
canvas_draw_str_aligned(
canvas, crt + LIFT_RIGHT_OFFSET + 3, 21, AlignLeft, AlignBottom, temp_str);
canvas_set_font(canvas, FontSecondary);
snprintf(
temp_str, sizeof(temp_str), "EmT: %d.%d", model->emu_time / 10, model->emu_time % 10);
canvas_draw_str_aligned(
canvas, 128 - LIFT_RIGHT_OFFSET, 21, AlignRight, AlignBottom, temp_str);
} else {
canvas_set_font(canvas, FontSecondary);
snprintf(
temp_str,
sizeof(temp_str),
"TD: %d.%d",
model->time_delay / 10,
model->time_delay % 10);
canvas_draw_str_aligned(canvas, LIFT_RIGHT_OFFSET, 21, AlignLeft, AlignBottom, temp_str);
canvas_set_font(canvas, FontPrimary);
snprintf(temp_str, sizeof(temp_str), "%d.%d", model->emu_time / 10, model->emu_time % 10);
canvas_draw_str_aligned(
canvas, 128 - LIFT_RIGHT_OFFSET, 21, AlignRight, AlignBottom, temp_str);
crt = canvas_string_width(canvas, temp_str);
canvas_set_font(canvas, FontSecondary);
snprintf(temp_str, sizeof(temp_str), "Emulation time:");
canvas_draw_str_aligned(
canvas, 128 - LIFT_RIGHT_OFFSET - crt - 3, 21, AlignRight, AlignBottom, temp_str);
}
#else
canvas_set_font(canvas, FontSecondary);
snprintf(
temp_str,
sizeof(temp_str),
"Time delay: %d.%d Emu time: %d.%d",
model->time_delay / 10,
model->time_delay % 10,
model->emu_time / 10,
model->emu_time % 10);
canvas_draw_str_aligned(canvas, 64, 14, AlignCenter, AlignTop, temp_str);
#endif
canvas_set_font(canvas, FontSecondary); canvas_set_font(canvas, FontSecondary);
canvas_draw_str_aligned(canvas, 64, 14, AlignCenter, AlignTop, time_delay);
canvas_draw_str_aligned(canvas, 64, 26, AlignCenter, AlignTop, model->protocol_name); canvas_draw_str_aligned(canvas, 64, 26, AlignCenter, AlignTop, model->protocol_name);
canvas_set_font(canvas, FontPrimary); canvas_set_font(canvas, FontPrimary);
@@ -131,9 +231,21 @@ void fuzzer_view_attack_draw(Canvas* canvas, FuzzerViewAttackModel* model) {
if(model->attack_state == FuzzerAttackStateRunning) { if(model->attack_state == FuzzerAttackStateRunning) {
elements_button_center(canvas, "Stop"); elements_button_center(canvas, "Stop");
} else if(model->attack_state == FuzzerAttackStateIdle) { } else if(model->attack_state == FuzzerAttackStateIdle) {
#ifndef ATACK_VIEW_V2
elements_button_center(canvas, "Start"); elements_button_center(canvas, "Start");
elements_button_left(canvas, "TD -"); elements_button_left(canvas, "TD -");
elements_button_right(canvas, "+ TD"); elements_button_right(canvas, "+ TD");
#else
if(model->td_emt_cursor) {
elements_button_center(canvas, "Start");
elements_button_left(canvas, "EmT -");
elements_button_right(canvas, "+ EmT");
} else {
elements_button_center(canvas, "Start");
elements_button_left(canvas, "TD -");
elements_button_right(canvas, "+ TD");
}
#endif
} else if(model->attack_state == FuzzerAttackStateEnd) { } else if(model->attack_state == FuzzerAttackStateEnd) {
// elements_button_center(canvas, "Restart"); // Reset // elements_button_center(canvas, "Restart"); // Reset
elements_button_left(canvas, "Exit"); elements_button_left(canvas, "Exit");
@@ -156,16 +268,31 @@ bool fuzzer_view_attack_input(InputEvent* event, void* context) {
FuzzerViewAttackModel * model, FuzzerViewAttackModel * model,
{ {
if(model->attack_state == FuzzerAttackStateIdle) { if(model->attack_state == FuzzerAttackStateIdle) {
// TimeDelay if(!model->td_emt_cursor) {
if(event->type == InputTypeShort) { // TimeDelay --
if(model->time_delay > model->time_delay_min) { if(event->type == InputTypeShort) {
model->time_delay--; if(model->time_delay > model->time_delay_min) {
model->time_delay--;
}
} else if(event->type == InputTypeLong) {
if((model->time_delay - 10) >= model->time_delay_min) {
model->time_delay -= 10;
} else {
model->time_delay = model->time_delay_min;
}
} }
} else if(event->type == InputTypeLong) { } else {
if((model->time_delay - 10) >= model->time_delay_min) { // EmuTime --
model->time_delay -= 10; if(event->type == InputTypeShort) {
} else { if(model->emu_time > model->emu_time_min) {
model->time_delay = model->time_delay_min; model->emu_time--;
}
} else if(event->type == InputTypeLong) {
if((model->emu_time - 10) >= model->emu_time_min) {
model->emu_time -= 10;
} else {
model->emu_time = model->emu_time_min;
}
} }
} }
} else if( } else if(
@@ -183,15 +310,29 @@ bool fuzzer_view_attack_input(InputEvent* event, void* context) {
FuzzerViewAttackModel * model, FuzzerViewAttackModel * model,
{ {
if(model->attack_state == FuzzerAttackStateIdle) { if(model->attack_state == FuzzerAttackStateIdle) {
// TimeDelay if(!model->td_emt_cursor) {
if(event->type == InputTypeShort) { // TimeDelay ++
if(model->time_delay < FUZZ_TIME_DELAY_MAX) { if(event->type == InputTypeShort) {
model->time_delay++; if(model->time_delay < FUZZ_TIME_DELAY_MAX) {
model->time_delay++;
}
} else if(event->type == InputTypeLong) {
model->time_delay += 10;
if(model->time_delay > FUZZ_TIME_DELAY_MAX) {
model->time_delay = FUZZ_TIME_DELAY_MAX;
}
} }
} else if(event->type == InputTypeLong) { } else {
model->time_delay += 10; // EmuTime ++
if(model->time_delay > FUZZ_TIME_DELAY_MAX) { if(event->type == InputTypeShort) {
model->time_delay = FUZZ_TIME_DELAY_MAX; if(model->emu_time < FUZZ_TIME_DELAY_MAX) {
model->emu_time++;
}
} else if(event->type == InputTypeLong) {
model->emu_time += 10;
if(model->emu_time > FUZZ_TIME_DELAY_MAX) {
model->emu_time = FUZZ_TIME_DELAY_MAX;
}
} }
} }
} else { } else {
@@ -200,6 +341,15 @@ bool fuzzer_view_attack_input(InputEvent* event, void* context) {
}, },
true); true);
return true; return true;
} else if(
(event->key == InputKeyUp || event->key == InputKeyDown) &&
event->type == InputTypeShort) {
with_view_model(
view_attack->view,
FuzzerViewAttackModel * model,
{ model->td_emt_cursor = !model->td_emt_cursor; },
true);
return true;
} }
return true; return true;
@@ -211,6 +361,9 @@ void fuzzer_view_attack_enter(void* context) {
void fuzzer_view_attack_exit(void* context) { void fuzzer_view_attack_exit(void* context) {
furi_assert(context); furi_assert(context);
FuzzerViewAttack* view_attack = context;
with_view_model(
view_attack->view, FuzzerViewAttackModel * model, { model->td_emt_cursor = false; }, true);
} }
FuzzerViewAttack* fuzzer_view_attack_alloc() { FuzzerViewAttack* fuzzer_view_attack_alloc() {
@@ -233,11 +386,17 @@ FuzzerViewAttack* fuzzer_view_attack_alloc() {
view_attack->view, view_attack->view,
FuzzerViewAttackModel * model, FuzzerViewAttackModel * model,
{ {
model->time_delay_min = fuzzer_proto_get_min_delay(); model->time_delay = fuzzer_proto_get_def_idle_time();
model->time_delay = model->time_delay_min; model->time_delay_min = 0; // model->time_delay;
model->emu_time = fuzzer_proto_get_def_emu_time();
model->emu_time_min = 2; // model->emu_time;
model->uid_str = furi_string_alloc_set_str("Not_set"); model->uid_str = furi_string_alloc_set_str("Not_set");
// malloc(ATTACK_SCENE_MAX_UID_LENGTH + 1); // malloc(ATTACK_SCENE_MAX_UID_LENGTH + 1);
model->attack_state = FuzzerAttackStateOff; model->attack_state = FuzzerAttackStateOff;
model->td_emt_cursor = false;
// strcpy(model->uid_str, "Not_set"); // strcpy(model->uid_str, "Not_set");
model->attack_name = "Not_set"; model->attack_name = "Not_set";
@@ -273,3 +432,13 @@ uint8_t fuzzer_view_attack_get_time_delay(FuzzerViewAttack* view) {
return time_delay; return time_delay;
} }
uint8_t fuzzer_view_attack_get_emu_time(FuzzerViewAttack* view) {
furi_assert(view);
uint8_t emu_time;
with_view_model(
view->view, FuzzerViewAttackModel * model, { emu_time = model->emu_time; }, false);
return emu_time;
}

2
applications/external/pacs_fuzzer/views/attack.h vendored
View File

@@ -38,3 +38,5 @@ void fuzzer_view_attack_pause(FuzzerViewAttack* view);
void fuzzer_view_attack_end(FuzzerViewAttack* view); void fuzzer_view_attack_end(FuzzerViewAttack* view);
uint8_t fuzzer_view_attack_get_time_delay(FuzzerViewAttack* view); uint8_t fuzzer_view_attack_get_time_delay(FuzzerViewAttack* view);
uint8_t fuzzer_view_attack_get_emu_time(FuzzerViewAttack* view);