diff --git a/applications/external/pacs_fuzzer/fuzzer.c b/applications/external/pacs_fuzzer/fuzzer.c index c80c18130..113291d0c 100644 --- a/applications/external/pacs_fuzzer/fuzzer.c +++ b/applications/external/pacs_fuzzer/fuzzer.c @@ -26,6 +26,7 @@ PacsFuzzerApp* fuzzer_app_alloc() { app->fuzzer_state.proto_index = 0; app->worker = fuzzer_worker_alloc(); + app->payload = fuzzer_payload_alloc(); app->file_path = furi_string_alloc(); @@ -114,6 +115,7 @@ void fuzzer_app_free(PacsFuzzerApp* app) { furi_string_free(app->file_path); + fuzzer_payload_free(app->payload); fuzzer_worker_free(app->worker); free(app); diff --git a/applications/external/pacs_fuzzer/fuzzer_i.h b/applications/external/pacs_fuzzer/fuzzer_i.h index 63bf85d24..5b58e59d8 100644 --- a/applications/external/pacs_fuzzer/fuzzer_i.h +++ b/applications/external/pacs_fuzzer/fuzzer_i.h @@ -51,4 +51,5 @@ typedef struct { FuzzerConsts* fuzzer_const; FuzzerWorker* worker; + FuzzerPayload* payload; } PacsFuzzerApp; \ No newline at end of file diff --git a/applications/external/pacs_fuzzer/lib/worker/fake_worker.c b/applications/external/pacs_fuzzer/lib/worker/fake_worker.c index e48b1dd32..07b0479b4 100644 --- a/applications/external/pacs_fuzzer/lib/worker/fake_worker.c +++ b/applications/external/pacs_fuzzer/lib/worker/fake_worker.c @@ -38,8 +38,8 @@ struct FuzzerWorker { const FuzzerProtocol* protocol; FuzzerWorkerAttackType attack_type; - uint8_t timer_idle_time; - uint8_t timer_emu_time; + uint16_t timer_idle_time_ms; + uint16_t timer_emu_time_ms; uint8_t payload[MAX_PAYLOAD_SIZE]; Stream* uids_stream; @@ -157,7 +157,7 @@ static void fuzzer_worker_on_tick_callback(void* context) { #endif } instance->in_emu_phase = false; - furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_idle_time * 100)); + furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_idle_time_ms)); } else { if(!fuzzer_worker_load_key(instance, true)) { fuzzer_worker_pause(instance); // XXX @@ -173,7 +173,7 @@ static void fuzzer_worker_on_tick_callback(void* context) { #endif } instance->in_emu_phase = true; - furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_time * 100)); + furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_time_ms)); if(instance->tick_callback) { instance->tick_callback(instance->tick_context); } @@ -187,7 +187,6 @@ void fuzzer_worker_get_current_key(FuzzerWorker* instance, FuzzerPayload* output furi_assert(instance->protocol); output_key->data_size = instance->protocol->data_size; - output_key->data = malloc(sizeof(output_key->data_size)); memcpy(output_key->data, instance->payload, instance->protocol->data_size); } @@ -258,7 +257,7 @@ bool fuzzer_worker_init_attack_file_dict( bool fuzzer_worker_init_attack_bf_byte( FuzzerWorker* instance, FuzzerProtocolsID protocol_index, - const uint8_t* uid, + const FuzzerPayload* new_uid, uint8_t chusen) { furi_assert(instance); @@ -268,7 +267,7 @@ bool fuzzer_worker_init_attack_bf_byte( instance->attack_type = FuzzerWorkerAttackTypeLoadFile; instance->index = chusen; - memcpy(instance->payload, uid, instance->protocol->data_size); + memcpy(instance->payload, new_uid->data, instance->protocol->data_size); res = true; @@ -349,8 +348,8 @@ FuzzerWorker* fuzzer_worker_alloc() { memset(instance->payload, 0x00, sizeof(instance->payload)); - instance->timer_idle_time = PROTOCOL_DEF_IDLE_TIME; - instance->timer_emu_time = PROTOCOL_DEF_EMU_TIME; + instance->timer_idle_time_ms = PROTOCOL_DEF_IDLE_TIME * 100; + instance->timer_emu_time_ms = PROTOCOL_DEF_EMU_TIME * 100; instance->timer = furi_timer_alloc(fuzzer_worker_on_tick_callback, FuriTimerTypeOnce, instance); @@ -383,17 +382,22 @@ bool fuzzer_worker_start(FuzzerWorker* instance, uint8_t idle_time, uint8_t emu_ furi_assert(instance); if(instance->attack_type < FuzzerWorkerAttackTypeMax) { - // if(emu_time == 0) { - // uint8_t temp = idle_time / 2; - // instance->timer_emu_time = temp; - // instance->timer_idle_time = temp + idle_time % 2; - // } else { - instance->timer_idle_time = idle_time; - instance->timer_emu_time = emu_time; - // } + if(idle_time == 0) { + instance->timer_idle_time_ms = 10; + } else { + instance->timer_idle_time_ms = idle_time * 100; + } + if(emu_time == 0) { + instance->timer_emu_time_ms = 10; + } else { + instance->timer_emu_time_ms = emu_time * 100; + } FURI_LOG_D( - TAG, "Emu_time %u Idle_time %u", instance->timer_emu_time, instance->timer_idle_time); + TAG, + "Emu_time %u ms Idle_time %u ms", + instance->timer_emu_time_ms, + instance->timer_idle_time_ms); if(!instance->treead_running) { #if defined(RFID_125_PROTOCOL) @@ -415,7 +419,7 @@ bool fuzzer_worker_start(FuzzerWorker* instance, uint8_t idle_time, uint8_t emu_ ibutton_worker_emulate_start(instance->proto_worker, instance->key); #endif instance->in_emu_phase = true; - furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_time * 100)); + furi_timer_start(instance->timer, furi_ms_to_ticks(instance->timer_emu_time_ms)); return true; } return false; diff --git a/applications/external/pacs_fuzzer/lib/worker/fake_worker.h b/applications/external/pacs_fuzzer/lib/worker/fake_worker.h index 6396525be..8b934f300 100644 --- a/applications/external/pacs_fuzzer/lib/worker/fake_worker.h +++ b/applications/external/pacs_fuzzer/lib/worker/fake_worker.h @@ -82,21 +82,21 @@ bool fuzzer_worker_init_attack_file_dict( * * @param instance Pointer to a FuzzerWorker * @param protocol_index index of the selected protocol - * @param uid UID for brute force + * @param new_uid Pointer to a FuzzerPayload with UID for brute force * @param chosen index of chusen byte * @return bool True if initialization is successful */ bool fuzzer_worker_init_attack_bf_byte( FuzzerWorker* instance, FuzzerProtocolsID protocol_index, - const uint8_t* uid, + const FuzzerPayload* new_uid, uint8_t chusen); /** * Get current UID * * @param instance Pointer to a FuzzerWorker - * @param output_key Pointer to a FuzzerWorker, memory for data will be allocated + * @param output_key Pointer to a FuzzerPayload */ void fuzzer_worker_get_current_key(FuzzerWorker* instance, FuzzerPayload* output_key); diff --git a/applications/external/pacs_fuzzer/lib/worker/protocol.c b/applications/external/pacs_fuzzer/lib/worker/protocol.c index f520037ac..a64fe8767 100644 --- a/applications/external/pacs_fuzzer/lib/worker/protocol.c +++ b/applications/external/pacs_fuzzer/lib/worker/protocol.c @@ -242,6 +242,22 @@ const FuzzerMenuItems fuzzer_menu_items[] = { {"Load UIDs from file", FuzzerAttackIdLoadFileCustomUids}, }; +FuzzerPayload* fuzzer_payload_alloc() { + FuzzerPayload* payload = malloc(sizeof(FuzzerPayload)); + payload->data = malloc(sizeof(payload->data[0]) * MAX_PAYLOAD_SIZE); + + return payload; +} + +void fuzzer_payload_free(FuzzerPayload* payload) { + furi_assert(payload); + + if(payload->data) { + free(payload->data); + } + free(payload); +} + const char* fuzzer_proto_get_name(FuzzerProtocolsID index) { return fuzzer_proto_items[index].name; } diff --git a/applications/external/pacs_fuzzer/lib/worker/protocol.h b/applications/external/pacs_fuzzer/lib/worker/protocol.h index 68632b029..9c5315d00 100644 --- a/applications/external/pacs_fuzzer/lib/worker/protocol.h +++ b/applications/external/pacs_fuzzer/lib/worker/protocol.h @@ -31,6 +31,20 @@ struct FuzzerPayload { uint8_t data_size; }; +/** + * Allocate FuzzerPayload + * + * @return FuzzerPayload* pointer to FuzzerPayload + */ +FuzzerPayload* fuzzer_payload_alloc(); + +/** + * Free FuzzerPayload + * + * @param instance Pointer to a FuzzerPayload + */ +void fuzzer_payload_free(FuzzerPayload*); + /** * Get maximum length of UID among all supported protocols * @return Maximum length of UID diff --git a/applications/external/pacs_fuzzer/lib/worker/protocol_i.h b/applications/external/pacs_fuzzer/lib/worker/protocol_i.h index 074c50d9d..2f1c65fd7 100644 --- a/applications/external/pacs_fuzzer/lib/worker/protocol_i.h +++ b/applications/external/pacs_fuzzer/lib/worker/protocol_i.h @@ -19,7 +19,7 @@ typedef struct FuzzerProtocol FuzzerProtocol; struct ProtoDict { const uint8_t* val; - const uint8_t len; // TODO + const uint8_t len; }; struct FuzzerProtocol { @@ -34,20 +34,10 @@ struct FuzzerProtocol { // #define FUZZ_TIME_DELAY_DEFAULT (10) // #define FUZZ_TIME_DELAY_MAX (70) -// #define FUZZER_APP_CUSTOM_DICT_EXTENSION ".txt" -// #define FUZZER_APP_CUSTOM_DICT_FOLDER "/ext/rfidfuzzer" -// #define FUZZER_APP_KEY_EXTENSION ".rfid" -// #define FUZZER_APP_PATH_KEY_FOLDER "/ext/lfrfid" - // #define MAX_PAYLOAD_SIZE 8 // #define FUZZ_TIME_DELAY_MIN (4) // #define FUZZ_TIME_DELAY_DEFAULT (8) // #define FUZZ_TIME_DELAY_MAX (80) -// #define FUZZER_APP_CUSTOM_DICT_EXTENSION ".txt" -// #define FUZZER_APP_CUSTOM_DICT_FOLDER "/ext/ibtnfuzzer" -// #define FUZZER_APP_KEY_EXTENSION ".ibtn" -// #define FUZZER_APP_PATH_KEY_FOLDER "/ext/ibutton" - extern const FuzzerProtocol fuzzer_proto_items[]; \ No newline at end of file diff --git a/applications/external/pacs_fuzzer/scenes/fuzzer_scene_attack.c b/applications/external/pacs_fuzzer/scenes/fuzzer_scene_attack.c index 836bbdef5..6424e62b5 100644 --- a/applications/external/pacs_fuzzer/scenes/fuzzer_scene_attack.c +++ b/applications/external/pacs_fuzzer/scenes/fuzzer_scene_attack.c @@ -1,8 +1,6 @@ #include "../fuzzer_i.h" #include "../helpers/fuzzer_custom_event.h" -// TODO simlify callbacks and attack state - const NotificationSequence sequence_one_green_50_on_blink_blue = { &message_red_255, &message_delay_50, @@ -18,12 +16,9 @@ static void fuzzer_scene_attack_update_uid(PacsFuzzerApp* app) { furi_assert(app->worker); furi_assert(app->attack_view); - FuzzerPayload uid; - fuzzer_worker_get_current_key(app->worker, &uid); + fuzzer_worker_get_current_key(app->worker, app->payload); - fuzzer_view_attack_set_uid(app->attack_view, uid); - - free(uid.data); + fuzzer_view_attack_set_uid(app->attack_view, app->payload); } static void fuzzer_scene_attack_set_state(PacsFuzzerApp* app, FuzzerAttackState state) { @@ -127,7 +122,6 @@ bool fuzzer_scene_attack_on_event(void* context, SceneManagerEvent event) { if(scene_manager_get_scene_state(app->scene_manager, FuzzerSceneAttack) == FuzzerAttackStateIdle) { // Start or Continue Attack - // TODO emu_time if(fuzzer_worker_start( app->worker, fuzzer_view_attack_get_time_delay(app->attack_view), @@ -160,7 +154,8 @@ void fuzzer_scene_attack_on_exit(void* context) { furi_assert(context); PacsFuzzerApp* app = context; - // fuzzer_worker_stop(); // XXX + // XXX the scene has no descendants, and the return will be processed in on_event + // fuzzer_worker_stop(); fuzzer_worker_set_uid_chaged_callback(app->worker, NULL, NULL); fuzzer_worker_set_end_callback(app->worker, NULL, NULL); diff --git a/applications/external/pacs_fuzzer/scenes/fuzzer_scene_field_editor.c b/applications/external/pacs_fuzzer/scenes/fuzzer_scene_field_editor.c index 637eff2d7..4c45bd154 100644 --- a/applications/external/pacs_fuzzer/scenes/fuzzer_scene_field_editor.c +++ b/applications/external/pacs_fuzzer/scenes/fuzzer_scene_field_editor.c @@ -14,12 +14,9 @@ void fuzzer_scene_field_editor_on_enter(void* context) { fuzzer_view_field_editor_set_callback( app->field_editor_view, fuzzer_scene_field_editor_callback, app); - FuzzerPayload uid; - fuzzer_worker_get_current_key(app->worker, &uid); + fuzzer_worker_get_current_key(app->worker, app->payload); - fuzzer_view_field_editor_reset_data(app->field_editor_view, uid); - - free(uid.data); + fuzzer_view_field_editor_reset_data(app->field_editor_view, app->payload); view_dispatcher_switch_to_view(app->view_dispatcher, FuzzerViewIDFieldEditor); } @@ -37,11 +34,11 @@ bool fuzzer_scene_field_editor_on_event(void* context, SceneManagerEvent event) } consumed = true; } else if(event.event == FuzzerCustomEventViewFieldEditorOk) { - // TODO + fuzzer_view_field_editor_get_uid(app->field_editor_view, app->payload); if(fuzzer_worker_init_attack_bf_byte( app->worker, app->fuzzer_state.proto_index, - fuzzer_view_field_editor_get_uid(app->field_editor_view), + app->payload, fuzzer_view_field_editor_get_index(app->field_editor_view))) { scene_manager_next_scene(app->scene_manager, FuzzerSceneAttack); } diff --git a/applications/external/pacs_fuzzer/scenes/fuzzer_scene_main.c b/applications/external/pacs_fuzzer/scenes/fuzzer_scene_main.c index cfa43ad87..8ed7e09d4 100644 --- a/applications/external/pacs_fuzzer/scenes/fuzzer_scene_main.c +++ b/applications/external/pacs_fuzzer/scenes/fuzzer_scene_main.c @@ -103,8 +103,6 @@ bool fuzzer_scene_main_on_event(void* context, SceneManagerEvent event) { // TODO error logic bool loading_ok = false; - uint8_t d_size = fuzzer_proto_get_max_data_size(); - uint8_t* uid; switch(fuzzer_proto_get_attack_id_by_index(app->fuzzer_state.menu_index)) { case FuzzerAttackIdDefaultValues: @@ -119,13 +117,12 @@ bool fuzzer_scene_main_on_event(void* context, SceneManagerEvent event) { break; case FuzzerAttackIdBFCustomerID: // TODO - uid = malloc(d_size); - memset(uid, 0x00, d_size); + app->payload->data_size = fuzzer_proto_get_max_data_size(); + memset(app->payload->data, 0x00, app->payload->data_size); loading_ok = fuzzer_worker_init_attack_bf_byte( - app->worker, app->fuzzer_state.proto_index, uid, 0); + app->worker, app->fuzzer_state.proto_index, app->payload, 0); - free(uid); if(!loading_ok) { // error } diff --git a/applications/external/pacs_fuzzer/todo.md b/applications/external/pacs_fuzzer/todo.md index d0bab30d6..1cbd53c46 100644 --- a/applications/external/pacs_fuzzer/todo.md +++ b/applications/external/pacs_fuzzer/todo.md @@ -31,9 +31,13 @@ - [ ] Decide on the display - [x] UID - [x] Simplify the storage and exchange of `uids.data` `uid.data_size` in `views` + - [x] Using `FuzzerPayload` to store the uid - [x] `UID_MAX_SIZE` - [x] Add pause - [x] Fix `Custom dict` attack when ended +- [ ] Pause V2 + - [ ] Save logic + - [ ] Switching UIDs if possible - [ ] Worker - [ ] Use `prtocol_id` instead of protocol name - [x] this can be simplified `fuzzer_proto_items` \ No newline at end of file diff --git a/applications/external/pacs_fuzzer/views/attack.c b/applications/external/pacs_fuzzer/views/attack.c index a29e2d966..9787278a6 100644 --- a/applications/external/pacs_fuzzer/views/attack.c +++ b/applications/external/pacs_fuzzer/views/attack.c @@ -48,17 +48,17 @@ void fuzzer_view_attack_reset_data( true); } -void fuzzer_view_attack_set_uid(FuzzerViewAttack* view, const FuzzerPayload uid) { +void fuzzer_view_attack_set_uid(FuzzerViewAttack* view, const FuzzerPayload* uid) { furi_assert(view); - furi_assert(uid.data); + furi_assert(uid->data); with_view_model( view->view, FuzzerViewAttackModel * model, { - furi_string_printf(model->uid_str, "%02X", uid.data[0]); - for(uint8_t i = 1; i < uid.data_size; i++) { - furi_string_cat_printf(model->uid_str, ":%02X", uid.data[i]); + furi_string_printf(model->uid_str, "%02X", uid->data[0]); + for(uint8_t i = 1; i < uid->data_size; i++) { + furi_string_cat_printf(model->uid_str, ":%02X", uid->data[i]); } }, true); diff --git a/applications/external/pacs_fuzzer/views/attack.h b/applications/external/pacs_fuzzer/views/attack.h index 9341ae7e2..66e96d7d6 100644 --- a/applications/external/pacs_fuzzer/views/attack.h +++ b/applications/external/pacs_fuzzer/views/attack.h @@ -27,7 +27,7 @@ void fuzzer_view_attack_reset_data( const char* attack_name, const char* protocol_name); -void fuzzer_view_attack_set_uid(FuzzerViewAttack* view, const FuzzerPayload uid); +void fuzzer_view_attack_set_uid(FuzzerViewAttack* view, const FuzzerPayload* uid); void fuzzer_view_attack_start(FuzzerViewAttack* view); diff --git a/applications/external/pacs_fuzzer/views/field_editor.c b/applications/external/pacs_fuzzer/views/field_editor.c index 07a19ae0e..45b5f70a1 100644 --- a/applications/external/pacs_fuzzer/views/field_editor.c +++ b/applications/external/pacs_fuzzer/views/field_editor.c @@ -49,27 +49,33 @@ void fuzzer_view_field_editor_set_callback( void fuzzer_view_field_editor_reset_data( FuzzerViewFieldEditor* view_edit, - const FuzzerPayload new_uid) { + const FuzzerPayload* new_uid) { furi_assert(view_edit); + furi_assert(new_uid->data); with_view_model( view_edit->view, FuzzerViewFieldEditorModel * model, { - memcpy(model->uid, new_uid.data, new_uid.data_size); + memcpy(model->uid, new_uid->data, new_uid->data_size); model->index = 0; model->lo = false; - model->uid_size = new_uid.data_size; + model->uid_size = new_uid->data_size; }, true); } -const uint8_t* fuzzer_view_field_editor_get_uid(FuzzerViewFieldEditor* view_edit) { +void fuzzer_view_field_editor_get_uid(FuzzerViewFieldEditor* view_edit, FuzzerPayload* output_uid) { furi_assert(view_edit); - uint8_t* uid; + furi_assert(output_uid); with_view_model( - view_edit->view, FuzzerViewFieldEditorModel * model, { uid = model->uid; }, true); - return uid; + view_edit->view, + FuzzerViewFieldEditorModel * model, + { + output_uid->data_size = model->uid_size; + memcpy(output_uid->data, model->uid, model->uid_size); + }, + true); } uint8_t fuzzer_view_field_editor_get_index(FuzzerViewFieldEditor* view_edit) { diff --git a/applications/external/pacs_fuzzer/views/field_editor.h b/applications/external/pacs_fuzzer/views/field_editor.h index f76b5d336..72c5de5e5 100644 --- a/applications/external/pacs_fuzzer/views/field_editor.h +++ b/applications/external/pacs_fuzzer/views/field_editor.h @@ -21,9 +21,8 @@ View* fuzzer_view_field_editor_get_view(FuzzerViewFieldEditor* view_attack); void fuzzer_view_field_editor_reset_data( FuzzerViewFieldEditor* view_edit, - const FuzzerPayload new_uid); + const FuzzerPayload* new_uid); -// TODO -const uint8_t* fuzzer_view_field_editor_get_uid(FuzzerViewFieldEditor* view_edit); +void fuzzer_view_field_editor_get_uid(FuzzerViewFieldEditor* view_edit, FuzzerPayload* output_uid); uint8_t fuzzer_view_field_editor_get_index(FuzzerViewFieldEditor* view_edit); \ No newline at end of file