Mirror/rayhunter
1
0
Fork 0
mirror of https://github.com/EFForg/rayhunter.git synced 2026-06-12 07:43:30 -07:00
Code Issues Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
Will Greenberg
2023-12-05 18:11:17 -08:00
parent ccd9dfa2a7
commit be058507f1
4 changed files with 152 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/diag.rs
+19 -25
View File
@@ -125,15 +125,23 @@ pub enum LogConfigResponse {
SetMask,
}
// register logging for each supported log type. it seems that "log_mask_sizes" is an array of
// numbers for each log type, where each number is how many bits are in that log mask
pub fn build_log_mask_request(log_type: u32, log_mask_bitsize: u32) -> Request {
// if log_mask_bitsize = 8n + k, then we need n+1 bytes to store the mask, with the last
// byte having k bits set
let mask_len = (log_mask_bitsize as usize + 7) / 8;
let mut log_mask = vec![0xff; mask_len];
if log_mask_bitsize % 8 != 0 {
log_mask[mask_len - 1] = 0xff >> (8 - (log_mask_bitsize as usize % 8));
pub fn build_log_mask_request(log_type: u32, log_mask_bitsize: u32, accepted_log_codes: &[u32]) -> Request {
let mut current_byte: u8 = 0;
let mut num_bits_written: u8 = 0;
let mut log_mask: Vec<u8> = vec![];
for i in 0..log_mask_bitsize {
let log_code: u32 = (log_type << 12) | i;
if accepted_log_codes.contains(&log_code) {
println!("enabling {:x}", log_code);
current_byte |= 1 << num_bits_written;
}
num_bits_written += 1;
if num_bits_written == 8 || i == log_mask_bitsize - 1 {
current_byte = 0;
num_bits_written = 0;
log_mask.push(current_byte);
}
}
Request::LogConfig(LogConfigRequest::SetMask {
@@ -167,26 +175,12 @@ mod test {
#[test]
fn test_build_log_mask_request() {
assert_eq!(build_log_mask_request(0, 1), Request::LogConfig(LogConfigRequest::SetMask {
let accepted = vec![0x412f];
assert_eq!(build_log_mask_request(0, 1, &accepted), Request::LogConfig(LogConfigRequest::SetMask {
log_type: 0,
log_mask_bitsize: 1,
log_mask: vec![0x01],
}));
assert_eq!(build_log_mask_request(0, 2), Request::LogConfig(LogConfigRequest::SetMask {
log_type: 0,
log_mask_bitsize: 2,
log_mask: vec![0x03],
}));
assert_eq!(build_log_mask_request(0, 8), Request::LogConfig(LogConfigRequest::SetMask {
log_type: 0,
log_mask_bitsize: 8,
log_mask: vec![0xff],
}));
assert_eq!(build_log_mask_request(0, 9), Request::LogConfig(LogConfigRequest::SetMask {
log_type: 0,
log_mask_bitsize: 9,
log_mask: vec![0xff, 0x01],
}));
}
#[test]
src/diag_device.rs
+23 -3
View File
@@ -1,5 +1,6 @@
use crate::hdlc::{hdlc_encapsulate, hdlc_decapsulate, HdlcError};
use crate::diag::{Message, ResponsePayload, Request, LogConfigRequest, LogConfigResponse, build_log_mask_request, RequestContainer, DataType, MessagesContainer};
use crate::log_codes;
use std::fs::File;
use std::io::Read;
@@ -41,6 +42,27 @@ pub const CRC_CCITT_ALG: Algorithm<u16> = Algorithm {
residue: 0x0000,
};
pub const LOG_CODES_FOR_RAW_PACKET_LOGGING: [u32; 11] = [
// Layer 2:
log_codes::LOG_GPRS_MAC_SIGNALLING_MESSAGE_C, // 0x5226
// Layer 3:
log_codes::LOG_GSM_RR_SIGNALING_MESSAGE_C, // 0x512f
log_codes::WCDMA_SIGNALLING_MESSAGE, // 0x412f
log_codes::LOG_LTE_RRC_OTA_MSG_LOG_C, // 0xb0c0
log_codes::LOG_NR_RRC_OTA_MSG_LOG_C, // 0xb821
// NAS:
log_codes::LOG_UMTS_NAS_OTA_MESSAGE_LOG_PACKET_C, // 0x713a
log_codes::LOG_LTE_NAS_ESM_OTA_IN_MSG_LOG_C, // 0xb0e2
log_codes::LOG_LTE_NAS_ESM_OTA_OUT_MSG_LOG_C, // 0xb0e3
log_codes::LOG_LTE_NAS_EMM_OTA_IN_MSG_LOG_C, // 0xb0ec
log_codes::LOG_LTE_NAS_EMM_OTA_OUT_MSG_LOG_C, // 0xb0ed
// User IP traffic:
log_codes::LOG_DATA_PROTOCOL_LOGGING_C // 0x11eb
];
const BUFFER_LEN: usize = 1024 * 1024 * 10;
const MEMORY_DEVICE_MODE: i32 = 2;
const DIAG_IOCTL_REMOTE_DEV: u32 = 32;
@@ -125,7 +147,6 @@ impl DiagDevice {
let msg = format!("write failed with error code {}", ret);
return Err(DiagDeviceError::DeviceReadFailed(msg));
}
println!("wrote {} bytes to device", ret);
}
Ok(())
}
@@ -153,8 +174,7 @@ impl DiagDevice {
}
fn set_log_mask(&mut self, log_type: u32, log_mask_bitsize: u32) -> DiagResult<()> {
// send a logging mask of all 1's equal to its respective mask size
let req = build_log_mask_request(log_type, log_mask_bitsize);
let req = build_log_mask_request(log_type, log_mask_bitsize, &LOG_CODES_FOR_RAW_PACKET_LOGGING);
self.write_request(&req)?;
for msg in self.read_response()? {
src/log_codes.rs
+108
View File
@@ -0,0 +1,108 @@
//! Enumerates some releVant diag log codes. Copied from QCSuper
// These are 2G-related log types.
pub const LOG_GSM_RR_SIGNALING_MESSAGE_C: u32 = 0x512f;
pub const DCCH: u32 = 0x00;
pub const BCCH: u32 = 0x01;
pub const L2_RACH: u32 = 0x02;
pub const CCCH: u32 = 0x03;
pub const SACCH: u32 = 0x04;
pub const SDCCH: u32 = 0x05;
pub const FACCH_F: u32 = 0x06;
pub const FACCH_H: u32 = 0x07;
pub const L2_RACH_WITH_NO_DELAY: u32 = 0x08;
// These are GPRS-related log types.
pub const LOG_GPRS_MAC_SIGNALLING_MESSAGE_C: u32 = 0x5226;
pub const PACCH_RRBP_CHANNEL: u32 = 0x03;
pub const UL_PACCH_CHANNEL: u32 = 0x04;
pub const DL_PACCH_CHANNEL: u32 = 0x83;
pub const PACKET_CHANNEL_REQUEST: u32 = 0x20;
// These are 5G-related log types.
pub const LOG_NR_RRC_OTA_MSG_LOG_C: u32 = 0xb821;
// These are 4G-related log types.
pub const LOG_LTE_RRC_OTA_MSG_LOG_C: u32 = 0xb0c0;
pub const LOG_LTE_NAS_ESM_OTA_IN_MSG_LOG_C: u32 = 0xb0e2;
pub const LOG_LTE_NAS_ESM_OTA_OUT_MSG_LOG_C: u32 = 0xb0e3;
pub const LOG_LTE_NAS_EMM_OTA_IN_MSG_LOG_C: u32 = 0xb0ec;
pub const LOG_LTE_NAS_EMM_OTA_OUT_MSG_LOG_C: u32 = 0xb0ed;
pub const LTE_BCCH_BCH_V0: u32 = 1;
pub const LTE_BCCH_DL_SCH_V0: u32 = 2;
pub const LTE_MCCH_V0: u32 = 3;
pub const LTE_PCCH_V0: u32 = 4;
pub const LTE_DL_CCCH_V0: u32 = 5;
pub const LTE_DL_DCCH_V0: u32 = 6;
pub const LTE_UL_CCCH_V0: u32 = 7;
pub const LTE_UL_DCCH_V0: u32 = 8;
pub const LTE_BCCH_BCH_V14: u32 = 1;
pub const LTE_BCCH_DL_SCH_V14: u32 = 2;
pub const LTE_MCCH_V14: u32 = 4;
pub const LTE_PCCH_V14: u32 = 5;
pub const LTE_DL_CCCH_V14: u32 = 6;
pub const LTE_DL_DCCH_V14: u32 = 7;
pub const LTE_UL_CCCH_V14: u32 = 8;
pub const LTE_UL_DCCH_V14: u32 = 9;
pub const LTE_BCCH_BCH_V9: u32 = 8;
pub const LTE_BCCH_DL_SCH_V9: u32 = 9;
pub const LTE_MCCH_V9: u32 = 10;
pub const LTE_PCCH_V9: u32 = 11;
pub const LTE_DL_CCCH_V9: u32 = 12;
pub const LTE_DL_DCCH_V9: u32 = 13;
pub const LTE_UL_CCCH_V9: u32 = 14;
pub const LTE_UL_DCCH_V9: u32 = 15;
pub const LTE_BCCH_BCH_V19: u32 = 1;
pub const LTE_BCCH_DL_SCH_V19: u32 = 3;
pub const LTE_MCCH_V19: u32 = 6;
pub const LTE_PCCH_V19: u32 = 7;
pub const LTE_DL_CCCH_V19: u32 = 8;
pub const LTE_DL_DCCH_V19: u32 = 9;
pub const LTE_UL_CCCH_V19: u32 = 10;
pub const LTE_UL_DCCH_V19: u32 = 11;
pub const LTE_BCCH_BCH_NB: u32 = 45;
pub const LTE_BCCH_DL_SCH_NB: u32 = 46;
pub const LTE_PCCH_NB: u32 = 47;
pub const LTE_DL_CCCH_NB: u32 = 48;
pub const LTE_DL_DCCH_NB: u32 = 49;
pub const LTE_UL_CCCH_NB: u32 = 50;
pub const LTE_UL_DCCH_NB: u32 = 52;
// These are 3G-related log types.
pub const RRCLOG_SIG_UL_CCCH: u32 = 0;
pub const RRCLOG_SIG_UL_DCCH: u32 = 1;
pub const RRCLOG_SIG_DL_CCCH: u32 = 2;
pub const RRCLOG_SIG_DL_DCCH: u32 = 3;
pub const RRCLOG_SIG_DL_BCCH_BCH: u32 = 4;
pub const RRCLOG_SIG_DL_BCCH_FACH: u32 = 5;
pub const RRCLOG_SIG_DL_PCCH: u32 = 6;
pub const RRCLOG_SIG_DL_MCCH: u32 = 7;
pub const RRCLOG_SIG_DL_MSCH: u32 = 8;
pub const RRCLOG_EXTENSION_SIB: u32 = 9;
pub const RRCLOG_SIB_CONTAINER: u32 = 10;
// 3G layer 3 packets:
pub const WCDMA_SIGNALLING_MESSAGE: u32 = 0x412f;
// Upper layers
pub const LOG_DATA_PROTOCOL_LOGGING_C: u32 = 0x11eb;
pub const LOG_UMTS_NAS_OTA_MESSAGE_LOG_PACKET_C: u32 = 0x713a;
src/main.rs
+2
View File
@@ -1,6 +1,7 @@
mod hdlc;
mod diag;
mod diag_device;
mod log_codes;
use crate::diag_device::DiagDevice;
@@ -9,6 +10,7 @@ fn main() -> std::io::Result<()> {
dev.config_logs().unwrap();
loop {
println!("waiting for message...");
for msg in dev.read_response().unwrap() {
println!("msg: {:?}", msg);
}