Mirror/Momentum-Firmware
1
0
Fork 0
mirror of https://github.com/Next-Flip/Momentum-Firmware.git synced 2026-05-23 05:24:46 -07:00
Code Issues Packages Projects Releases Wiki Activity

Fuzzer App: Some Improvement

Browse Source
This commit is contained in:
gid9798
2023-06-05 14:10:51 +03:00
parent 3bd08ab31c
commit b95620cdd0
18 changed files with 218 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
applications/external/pacs_fuzzer/lib/worker/fake_worker.c vendored
View File

@@ -1,4 +1,5 @@
#include "fake_worker.h"
#include "protocol_i.h"
#include <timer.h>
@@ -11,14 +12,12 @@
#if defined(RFID_125_PROTOCOL)
#define MAX_PAYLOAD_SIZE 6
#include <lib/lfrfid/lfrfid_dict_file.h>
#include <lib/lfrfid/lfrfid_worker.h>
#include <lfrfid/protocols/lfrfid_protocols.h>
#else
#define MAX_PAYLOAD_SIZE 8
#include <lib/ibutton/ibutton_worker.h>
#include <lib/ibutton/ibutton_key.h>
@@ -175,14 +174,17 @@ static void fuzzer_worker_on_tick_callback(void* context) {
}
}
void fuzzer_worker_get_current_key(FuzzerWorker* worker, uint8_t* key) {
void fuzzer_worker_get_current_key(FuzzerWorker* worker, FuzzerPayload* output_key) {
furi_assert(worker);
furi_assert(output_key);
furi_assert(worker->protocol);
memcpy(key, worker->payload, worker->protocol->data_size);
output_key->data_size = worker->protocol->data_size;
output_key->data = malloc(sizeof(output_key->data_size));
memcpy(output_key->data, worker->payload, worker->protocol->data_size);
}
static void fuzzer_worker_set_protocol(FuzzerWorker* worker, FuzzerProtos protocol_index) {
static void fuzzer_worker_set_protocol(FuzzerWorker* worker, FuzzerProtocolsID protocol_index) {
worker->protocol = &fuzzer_proto_items[protocol_index];
#if defined(RFID_125_PROTOCOL)
@@ -195,7 +197,7 @@ static void fuzzer_worker_set_protocol(FuzzerWorker* worker, FuzzerProtos protoc
#endif
}
bool fuzzer_worker_attack_dict(FuzzerWorker* worker, FuzzerProtos protocol_index) {
bool fuzzer_worker_attack_dict(FuzzerWorker* worker, FuzzerProtocolsID protocol_index) {
furi_assert(worker);
bool res = false;
@@ -215,7 +217,7 @@ bool fuzzer_worker_attack_dict(FuzzerWorker* worker, FuzzerProtos protocol_index
bool fuzzer_worker_attack_file_dict(
FuzzerWorker* worker,
FuzzerProtos protocol_index,
FuzzerProtocolsID protocol_index,
FuriString* file_path) {
furi_assert(worker);
furi_assert(file_path);
@@ -248,7 +250,7 @@ bool fuzzer_worker_attack_file_dict(
bool fuzzer_worker_attack_bf_byte(
FuzzerWorker* worker,
FuzzerProtos protocol_index,
FuzzerProtocolsID protocol_index,
const uint8_t* uid,
uint8_t chusen) {
furi_assert(worker);
@@ -269,7 +271,7 @@ bool fuzzer_worker_attack_bf_byte(
// TODO make it protocol independent
bool fuzzer_worker_load_key_from_file(
FuzzerWorker* worker,
FuzzerProtos protocol_index,
FuzzerProtocolsID protocol_index,
const char* filename) {
furi_assert(worker);

10
applications/external/pacs_fuzzer/lib/worker/fake_worker.h vendored
View File

@@ -25,24 +25,24 @@ bool fuzzer_worker_start(FuzzerWorker* worker, uint8_t timer_dellay);
void fuzzer_worker_stop(FuzzerWorker* worker);
bool fuzzer_worker_attack_dict(FuzzerWorker* worker, FuzzerProtos protocol_index);
bool fuzzer_worker_attack_dict(FuzzerWorker* worker, FuzzerProtocolsID protocol_index);
bool fuzzer_worker_attack_bf_byte(
FuzzerWorker* worker,
FuzzerProtos protocol_index,
FuzzerProtocolsID protocol_index,
const uint8_t* uid,
uint8_t chusen);
bool fuzzer_worker_attack_file_dict(
FuzzerWorker* worker,
FuzzerProtos protocol_index,
FuzzerProtocolsID protocol_index,
FuriString* file_path);
void fuzzer_worker_get_current_key(FuzzerWorker* worker, uint8_t* key);
void fuzzer_worker_get_current_key(FuzzerWorker* worker, FuzzerPayload* output_key);
bool fuzzer_worker_load_key_from_file(
FuzzerWorker* worker,
FuzzerProtos protocol_index,
FuzzerProtocolsID protocol_index,
const char* filename);
void fuzzer_worker_set_uid_chaged_callback(

73
applications/external/pacs_fuzzer/lib/worker/protocol.c vendored
View File

@@ -1,4 +1,5 @@
#include "protocol.h"
#include "protocol_i.h"
#include "furi.h"
// #######################
// ## Ibutton Protocols ##
@@ -156,32 +157,40 @@ const FuzzerProtocol fuzzer_proto_items[] = {
.name = "EM4100",
.data_size = EM4100_DATA_SIZE,
.dict =
{.val = (const uint8_t*)&uid_list_em4100,
.len = sizeof(uid_list_em4100) / EM4100_DATA_SIZE},
{
.val = (const uint8_t*)&uid_list_em4100,
.len = COUNT_OF(uid_list_em4100),
},
},
[HIDProx] =
{
.name = "HIDProx",
.data_size = HIDProx_DATA_SIZE,
.dict =
{.val = (const uint8_t*)&uid_list_hid,
.len = sizeof(uid_list_hid) / HIDProx_DATA_SIZE},
{
.val = (const uint8_t*)&uid_list_hid,
.len = COUNT_OF(uid_list_hid),
},
},
[PAC] =
{
.name = "PAC/Stanley",
.data_size = PAC_DATA_SIZE,
.dict =
{.val = (const uint8_t*)&uid_list_pac,
.len = sizeof(uid_list_pac) / PAC_DATA_SIZE},
{
.val = (const uint8_t*)&uid_list_pac,
.len = COUNT_OF(uid_list_pac),
},
},
[H10301] =
{
.name = "H10301",
.data_size = H10301_DATA_SIZE,
.dict =
{.val = (const uint8_t*)&uid_list_h10301,
.len = sizeof(uid_list_h10301) / H10301_DATA_SIZE},
{
.val = (const uint8_t*)&uid_list_h10301,
.len = COUNT_OF(uid_list_h10301),
},
},
};
#else
@@ -191,24 +200,56 @@ const FuzzerProtocol fuzzer_proto_items[] = {
.name = "DS1990",
.data_size = DS1990_DATA_SIZE,
.dict =
{.val = (const uint8_t*)&uid_list_ds1990,
.len = sizeof(uid_list_ds1990) / DS1990_DATA_SIZE},
{
.val = (const uint8_t*)&uid_list_ds1990,
.len = COUNT_OF(uid_list_ds1990),
},
},
[Metakom] =
{
.name = "Metakom",
.data_size = Metakom_DATA_SIZE,
.dict =
{.val = (const uint8_t*)&uid_list_metakom,
.len = sizeof(uid_list_metakom) / Metakom_DATA_SIZE},
{
.val = (const uint8_t*)&uid_list_metakom,
.len = COUNT_OF(uid_list_metakom),
},
},
[Cyfral] =
{
.name = "Cyfral",
.data_size = Cyfral_DATA_SIZE,
.dict =
{.val = (const uint8_t*)&uid_list_cyfral,
.len = sizeof(uid_list_cyfral) / Cyfral_DATA_SIZE},
{
.val = (const uint8_t*)&uid_list_cyfral,
.len = COUNT_OF(uid_list_cyfral),
},
},
};
#endif
#endif
const char* fuzzer_attack_names[] = {
[FuzzerMainMenuIndexDefaultValues] = "Default Values",
[FuzzerMainMenuIndexLoadFile] = "Load File",
[FuzzerMainMenuIndexLoadFileCustomUids] = "Load UIDs from file",
};
const char* fuzzer_proto_get_name(FuzzerProtocolsID index) {
return fuzzer_proto_items[index].name;
}
uint8_t fuzzer_proto_get_count_of_protocols() {
return COUNT_OF(fuzzer_proto_items);
}
uint8_t fuzzer_proto_get_max_data_size() {
return MAX_PAYLOAD_SIZE;
}
const char* fuzzer_proto_get_menu_label(FuzzerMainMenuIndex index) {
return fuzzer_attack_names[index];
}
uint8_t fuzzer_proto_get_count_of_menu_items() {
return COUNT_OF(fuzzer_attack_names);
}

32
applications/external/pacs_fuzzer/lib/worker/protocol.h vendored
View File

@@ -4,8 +4,9 @@
// #define RFID_125_PROTOCOL
typedef enum {
typedef struct FuzzerPayload FuzzerPayload;
typedef enum {
#if defined(RFID_125_PROTOCOL)
EM4100,
HIDProx,
@@ -16,24 +17,25 @@ typedef enum {
Metakom,
Cyfral,
#endif
} FuzzerProtocolsID;
// Reserved
FuzzerProtoMax,
} FuzzerProtos;
typedef enum {
FuzzerMainMenuIndexDefaultValues = 0,
FuzzerMainMenuIndexLoadFile,
FuzzerMainMenuIndexLoadFileCustomUids,
} FuzzerMainMenuIndex;
struct ProtoDict {
const uint8_t* val;
const uint8_t len;
struct FuzzerPayload {
uint8_t* data;
uint8_t data_size;
};
typedef struct ProtoDict ProtoDict;
uint8_t fuzzer_proto_get_max_data_size();
struct FuzzerProtocol {
const char* name;
const uint8_t data_size;
const ProtoDict dict;
};
const char* fuzzer_proto_get_name(FuzzerProtocolsID index);
typedef struct FuzzerProtocol FuzzerProtocol;
uint8_t fuzzer_proto_get_count_of_protocols();
extern const FuzzerProtocol fuzzer_proto_items[];
const char* fuzzer_proto_get_menu_label(FuzzerMainMenuIndex index);
uint8_t fuzzer_proto_get_count_of_menu_items();

64
applications/external/pacs_fuzzer/lib/worker/protocol_i.h vendored
View File

@@ -3,29 +3,45 @@
#include "protocol.h"
#if defined(RFID_125_PROTOCOL)
#define MAX_PAYLOAD_SIZE 6
#define FUZZ_TIME_DELAY_MIN (5)
#define FUZZ_TIME_DELAY_DEFAULT (10)
#define FUZZ_TIME_DELAY_MAX (70)
#define FUZZER_APP_CUSTOM_DICT_EXTENSION ".txt"
#define FUZZER_APP_CUSTOM_DICT_FOLDER "/ext/rfidfuzzer"
#define FUZZER_APP_KEY_EXTENSION ".rfid"
#define FUZZER_APP_PATH_KEY_FOLDER "/ext/lfrfid"
#define MAX_PAYLOAD_SIZE (6)
#else
#define MAX_PAYLOAD_SIZE 8
#define FUZZ_TIME_DELAY_MIN (4)
#define FUZZ_TIME_DELAY_DEFAULT (8)
#define FUZZ_TIME_DELAY_MAX (80)
#define FUZZER_APP_CUSTOM_DICT_EXTENSION ".txt"
#define FUZZER_APP_CUSTOM_DICT_FOLDER "/ext/ibtnfuzzer"
#define FUZZER_APP_KEY_EXTENSION ".ibtn"
#define FUZZER_APP_PATH_KEY_FOLDER "/ext/ibutton"
#define MAX_PAYLOAD_SIZE (8)
#endif
typedef struct ProtoDict ProtoDict;
typedef struct FuzzerProtocol FuzzerProtocol;
struct ProtoDict {
const uint8_t* val;
const uint8_t len; // TODO
};
struct FuzzerProtocol {
const char* name;
const uint8_t data_size;
const ProtoDict dict;
};
// #define MAX_PAYLOAD_SIZE 6
// #define FUZZ_TIME_DELAY_MIN (5)
// #define FUZZ_TIME_DELAY_DEFAULT (10)
// #define FUZZ_TIME_DELAY_MAX (70)
// #define FUZZER_APP_CUSTOM_DICT_EXTENSION ".txt"
// #define FUZZER_APP_CUSTOM_DICT_FOLDER "/ext/rfidfuzzer"
// #define FUZZER_APP_KEY_EXTENSION ".rfid"
// #define FUZZER_APP_PATH_KEY_FOLDER "/ext/lfrfid"
// #define MAX_PAYLOAD_SIZE 8
// #define FUZZ_TIME_DELAY_MIN (4)
// #define FUZZ_TIME_DELAY_DEFAULT (8)
// #define FUZZ_TIME_DELAY_MAX (80)
// #define FUZZER_APP_CUSTOM_DICT_EXTENSION ".txt"
// #define FUZZER_APP_CUSTOM_DICT_FOLDER "/ext/ibtnfuzzer"
// #define FUZZER_APP_KEY_EXTENSION ".ibtn"
// #define FUZZER_APP_PATH_KEY_FOLDER "/ext/ibutton"
extern const FuzzerProtocol fuzzer_proto_items[];