diff --git a/Cargo.lock b/Cargo.lock index de1bbff..59c504f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1227,9 +1227,9 @@ dependencies = [ [[package]] name = "tokio" -version = "1.35.1" +version = "1.36.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c89b4efa943be685f629b149f53829423f8f5531ea21249408e8e2f8671ec104" +checksum = "61285f6515fa018fb2d1e46eb21223fff441ee8db5d0f1435e8ab4f5cdb80931" dependencies = [ "backtrace", "bytes", diff --git a/README.md b/README.md index e7fcd25..cff3aec 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,7 @@ _ _ _ _ _ _ _ _ \ | apc '._| \__; ``` +![Tests](https://github.com/EFForg/rayhunter/actions/workflows/rust.yml/badge.svg) Rayhunter is an IMSI Catcher Catcher for the Orbic mobile hotspot. Based on code from [QCSuper](https://github.com/P1sec/QCSuper) @@ -69,4 +70,4 @@ Build for arm using `cargo build` Run tests using `cargo test_pc` -push to the device with `./make.sh` \ No newline at end of file +push to the device with `./make.sh` diff --git a/rootshell/src/main.rs b/rootshell/src/main.rs index b78b168..cecc5a6 100644 --- a/rootshell/src/main.rs +++ b/rootshell/src/main.rs @@ -1,3 +1,6 @@ +//! a simple shell for uploading to the orbic device. +//! +//! It literally just runs bash as UID/GID 0 use std::process::Command; use std::os::unix::process::CommandExt; use std::env; @@ -12,4 +15,4 @@ fn main() { .uid(0) .gid(0) .exec(); -} \ No newline at end of file +} diff --git a/serial/src/main.rs b/serial/src/main.rs index c6f2ee2..fd2a20c 100644 --- a/serial/src/main.rs +++ b/serial/src/main.rs @@ -1,3 +1,24 @@ +//! Serial communication with the orbic device +//! +//! This binary has two main functions, putting the orbic device in update mode which enables ADB +//! and running AT commands on the serial modem interface which can be used to upload a shell and chown it to root +//! +//! # Panics +//! +//! No device found - make sure your device is plugged in and turned on. If it is, it's possible you have a device with a different +//! usb id, file a bug with the output of `lsusb` attached. +//! +//! # Examples +//! ``` +//! match rusb::Context::new() { +//! Ok(mut context) => match open_orbic(&mut context) { +//! Some(mut handle) => { +//! send_command(&mut handle, &args[1]) +//! }, +//! None => panic!("No Orbic device found"), +//! }, +//! Err(e) => panic!("Failed to initialize libusb: {0}", e), +//! ```` use std::str; use std::thread::sleep; use std::time::Duration; @@ -24,7 +45,9 @@ fn main() { Err(e) => panic!("Failed to initialize libusb: {0}", e), } } - +/// Sends an AT command to the usb device over the serial port +/// +/// First establish a USB handle and context by calling `open_orbic() fn send_command( handle: &mut DeviceHandle, command: &str, @@ -55,10 +78,12 @@ fn send_command( } } +/// Send a command to switch the device into generic mode, exposing serial +/// +/// If the device reboots while the command is still executing you may get a pipe error here, not sure what to do about this race condition. fn switch_device( handle: &mut DeviceHandle, ) { - // Send a command to switch the device into generic mode, exposing serial let timeout = Duration::from_secs(1); if let Err(e) = handle.write_control(0x40, 0xa0, 0, 0, &[], timeout) { @@ -71,6 +96,9 @@ fn switch_device( } } +/// Get a handle and contet for the orbic device +/// +/// If the device isn't already in command mode this function will call swtich_device to switch it into command mode fn open_orbic( context: &mut T, ) -> Option> { @@ -99,6 +127,7 @@ fn open_orbic( panic!("No Orbic device detected") } +/// Generic function to open a USB device fn open_device( context: &mut T, vid: u16,