hardsploit_gui 2.2 → 2.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/hardsploit_gui +2 -2
- data/lib/{Firmware → Firmwares}/FPGA/I2C/I2C_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_I2C_INTERACT.rpd +0 -0
- data/lib/{Firmware/FPGA/SWD/SWD_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SWD_INTERACT.rpd → Firmwares/FPGA/PARALLEL/NO_MUX_PARALLEL_MEMORY/HARDSPLOIT_FIRMWARE_FPGA_NO_MUX_PARALLEL_MEMORY.rpd} +0 -0
- data/lib/Firmwares/FPGA/SPI/SPI_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SPI_INTERACT.rpd +0 -0
- data/lib/{Firmware/FPGA/SPI/SPI_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SPI_INTERACT.rpd → Firmwares/FPGA/SPI/SPI_SNIFFER/HARDSPLOIT_FIRMWARE_FPGA_SPI_SNIFFER.rpd} +0 -0
- data/lib/Firmwares/FPGA/SWD/SWD_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SWD_INTERACT.rpd +0 -0
- data/lib/{Firmware → Firmwares}/FPGA/TEST/TEST_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_TEST_INTERACT.rpd +0 -0
- data/lib/Firmwares/FPGA/UART/UART_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_UART_INTERACT.rpd +0 -0
- data/lib/{Firmware → Firmwares}/FPGA/VersionFPGA.rb +1 -1
- data/lib/{Firmware → Firmwares}/UC/HARDSPLOIT_FIRMWARE_UC.bin +0 -0
- data/lib/{Firmware → Firmwares}/UC/VersionUC.rb +1 -1
- data/lib/HardsploitAPI/Core/HardsploitAPI.rb +210 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_CONSTANT.rb +150 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_ERROR.rb +109 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_FIRMWARE.rb +305 -0
- data/lib/HardsploitAPI/{HardsploitAPI_PROGRESS.rb → Core/HardsploitAPI_PROGRESS.rb} +0 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_USB_COMMUNICATION.rb +166 -0
- data/lib/HardsploitAPI/Modules/I2C/HardsploitAPI_I2C.rb +356 -0
- data/lib/HardsploitAPI/{HardsploitAPI_NO_MUX_PARALLELE_MEMORY.rb → Modules/NO_MUX_PARALLEL_MEMORY/HardsploitAPI_NO_MUX_PARALLEL_MEMORY.rb} +26 -49
- data/lib/HardsploitAPI/Modules/NRF24L01/HardsploitAPI_NRF24L01.rb +306 -0
- data/lib/HardsploitAPI/Modules/SPI/HardsploitAPI_SPI.rb +340 -0
- data/lib/HardsploitAPI/Modules/SPI_SNIFFER/HardsploitAPI_SPI_SNIFFER.rb +83 -0
- data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD.rb +367 -0
- data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD_DEBUG.rb +89 -0
- data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD_MEM_AP.rb +61 -0
- data/lib/HardsploitAPI/{SWD → Modules/SWD}/HardsploitAPI_SWD_STM32.rb +32 -15
- data/lib/HardsploitAPI/{HardsploitAPI_TEST_INTERACT.rb → Modules/TEST/HardsploitAPI_TEST_INTERACT.rb} +1 -1
- data/lib/HardsploitAPI/Modules/UART/HardsploitAPI_UART.rb +196 -0
- data/lib/Hardsploit_gui.rb +96 -0
- data/lib/class/Chip_editor.rb +186 -330
- data/lib/class/Chip_management.rb +496 -0
- data/lib/class/Command_editor.rb +130 -182
- data/lib/class/Command_table.rb +16 -22
- data/lib/class/Console.rb +0 -2
- data/lib/class/ErrorMsg.rb +312 -0
- data/lib/class/Export.rb +140 -0
- data/lib/class/Export_manager.rb +43 -43
- data/lib/class/Firmware.rb +52 -11
- data/lib/class/Generic_commands.rb +180 -190
- data/lib/class/Import.rb +193 -0
- data/lib/class/Progress_bar.rb +1 -0
- data/lib/class/Signal_mapper.rb +120 -0
- data/lib/class/Wire_helper.rb +132 -148
- data/lib/class/{I2C → i2c}/I2c_command.rb +16 -13
- data/lib/class/i2c/I2c_export.rb +95 -0
- data/lib/class/i2c/I2c_import.rb +117 -0
- data/lib/class/i2c/I2c_scanner.rb +114 -0
- data/lib/class/i2c/I2c_settings.rb +148 -0
- data/lib/class/parallel/Parallel_export.rb +118 -0
- data/lib/class/parallel/Parallel_import.rb +113 -0
- data/lib/class/parallel/Parallel_settings.rb +81 -0
- data/lib/class/spi/Spi_export.rb +108 -0
- data/lib/class/spi/Spi_import.rb +159 -0
- data/lib/class/spi/Spi_settings.rb +108 -0
- data/lib/class/spi/Spi_sniffer.rb +101 -0
- data/lib/class/swd/Swd.rb +125 -0
- data/lib/class/swd/Swd_scanner.rb +121 -0
- data/lib/class/swd/Swd_settings.rb +76 -0
- data/lib/class/uart/Uart_baudrate.rb +62 -0
- data/lib/class/uart/Uart_console.rb +115 -0
- data/lib/class/uart/Uart_settings.rb +102 -0
- data/lib/db/associations.rb +42 -29
- data/lib/db/database.rb +4 -0
- data/lib/db/development.sqlite3 +0 -0
- data/lib/db/migrate/004_create_manufacturers.rb +13 -0
- data/lib/db/migrate/005_create_packages.rb +13 -0
- data/lib/db/migrate/006_create_chip_types.rb +11 -0
- data/lib/db/migrate/007_create_buses.rb +11 -0
- data/lib/db/migrate/008_create_signals.rb +14 -0
- data/lib/db/migrate/009_create_chips.rb +25 -0
- data/lib/db/migrate/010_create_commands.rb +21 -0
- data/lib/db/migrate/011_create_bytes.rb +19 -0
- data/lib/db/migrate/012_create_i2c_settings.rb +21 -0
- data/lib/db/migrate/013_create_spi_settings.rb +26 -0
- data/lib/db/migrate/014_create_parallel_settings.rb +21 -0
- data/lib/db/migrate/015_create_pins.rb +19 -0
- data/lib/db/migrate/016_create_uses.rb +17 -0
- data/lib/db/migrate/017_create_swd_settings.rb +19 -0
- data/lib/db/migrate/018_create_uart_settings.rb +22 -0
- data/lib/db/schema.rb +157 -0
- data/lib/db/seeds.rb +161 -0
- data/lib/gui/gui_chip_editor.rb +23 -22
- data/lib/gui/gui_chip_management.rb +43 -38
- data/lib/gui/gui_command_editor.rb +2 -1
- data/lib/gui/gui_export.rb +132 -0
- data/lib/gui/gui_generic_commands.rb +69 -31
- data/lib/gui/gui_generic_export.rb +18 -2
- data/lib/gui/gui_generic_import.rb +18 -2
- data/lib/gui/gui_i2c_command.rb +2 -1
- data/lib/gui/gui_i2c_settings.rb +2 -2
- data/lib/gui/gui_import.rb +131 -0
- data/lib/gui/gui_parallel_settings.rb +2 -1
- data/lib/gui/gui_progress_bar.rb +2 -1
- data/lib/gui/gui_signal_mapper.rb +121 -0
- data/lib/gui/gui_signal_scanner.rb +146 -0
- data/lib/gui/gui_spi_settings.rb +6 -2
- data/lib/gui/gui_spi_sniffer.rb +112 -0
- data/lib/gui/gui_swd_settings.rb +166 -0
- data/lib/gui/gui_uart_baudrate.rb +114 -0
- data/lib/gui/gui_uart_console.rb +164 -0
- data/lib/gui/gui_uart_settings.rb +243 -0
- data/lib/gui_designer/gui_chip_editor.ui +9 -6
- data/lib/gui_designer/gui_chip_management.ui +79 -35
- data/lib/gui_designer/gui_command_editor.ui +3 -0
- data/lib/gui_designer/gui_export.ui +171 -0
- data/lib/gui_designer/gui_generic_commands.ui +274 -190
- data/lib/gui_designer/gui_generic_export.ui +24 -1
- data/lib/gui_designer/gui_generic_import.ui +25 -2
- data/lib/gui_designer/gui_i2c_command.ui +3 -0
- data/lib/gui_designer/gui_i2c_settings.ui +2 -2
- data/lib/gui_designer/gui_import.ui +168 -0
- data/lib/gui_designer/gui_parallel_settings.ui +4 -1
- data/lib/gui_designer/gui_progress_bar.ui +3 -0
- data/lib/gui_designer/gui_signal_mapper.ui +179 -0
- data/lib/gui_designer/gui_signal_scanner.ui +261 -0
- data/lib/gui_designer/gui_spi_settings.ui +15 -2
- data/lib/gui_designer/gui_spi_sniffer.ui +156 -0
- data/lib/gui_designer/gui_swd_settings.ui +189 -0
- data/lib/gui_designer/gui_uart_baudrate.ui +161 -0
- data/lib/gui_designer/gui_uart_console.ui +284 -0
- data/lib/gui_designer/gui_uart_settings.ui +280 -0
- data/lib/logs/error.log +63 -0
- data/lib/models/bus.rb +19 -0
- data/lib/models/byte.rb +29 -0
- data/lib/models/chip.rb +41 -0
- data/lib/models/chip_type.rb +14 -0
- data/lib/models/command.rb +20 -0
- data/lib/models/i2c_setting.rb +41 -0
- data/lib/models/manufacturer.rb +14 -0
- data/lib/models/package.rb +26 -0
- data/lib/models/parallel_setting.rb +37 -0
- data/lib/models/pin.rb +14 -0
- data/lib/models/signall.rb +20 -0
- data/lib/models/spi_setting.rb +67 -0
- data/lib/models/swd_setting.rb +25 -0
- data/lib/models/uart_setting.rb +52 -0
- data/lib/models/use.rb +6 -0
- data/lib/startHardsploit.rb +2 -2
- metadata +106 -41
- data/lib/Firmware/FPGA/PARALLEL/NO_MUX_PARALLEL_MEMORY/HARDSPLOIT_FIRMWARE_FPGA_NO_MUX_PARALLEL_MEMORY.rpd +0 -0
- data/lib/HardsploitAPI/HardsploitAPI.rb +0 -133
- data/lib/HardsploitAPI/HardsploitAPI_CONSTANT.rb +0 -145
- data/lib/HardsploitAPI/HardsploitAPI_ERROR.rb +0 -38
- data/lib/HardsploitAPI/HardsploitAPI_FIRMWARE.rb +0 -311
- data/lib/HardsploitAPI/HardsploitAPI_I2C.rb +0 -360
- data/lib/HardsploitAPI/HardsploitAPI_SPI.rb +0 -369
- data/lib/HardsploitAPI/HardsploitAPI_USB_COMMUNICATION.rb +0 -148
- data/lib/HardsploitAPI/LICENSE.txt +0 -674
- data/lib/HardsploitAPI/README.md +0 -22
- data/lib/HardsploitAPI/SWD/HardsploitAPI_SWD.rb +0 -249
- data/lib/HardsploitAPI/SWD/HardsploitAPI_SWD_DEBUG.rb +0 -102
- data/lib/HardsploitAPI/SWD/HardsploitAPI_SWD_MEM_AP.rb +0 -78
- data/lib/HardsploitAPI/TRADEMARK +0 -3
- data/lib/class/HardsploitGUI.rb +0 -463
- data/lib/class/I2C/I2c_export.rb +0 -118
- data/lib/class/I2C/I2c_import.rb +0 -79
- data/lib/class/I2C/I2c_settings.rb +0 -129
- data/lib/class/PARALLEL/Parallel_export.rb +0 -146
- data/lib/class/PARALLEL/Parallel_import.rb +0 -88
- data/lib/class/PARALLEL/Parallel_settings.rb +0 -102
- data/lib/class/SPI/Spi_export.rb +0 -138
- data/lib/class/SPI/Spi_import.rb +0 -113
- data/lib/class/SPI/Spi_settings.rb +0 -134
- data/lib/db/hs.db +0 -0
- data/lib/hardsploit.rb +0 -131
@@ -0,0 +1,305 @@
|
|
1
|
+
#!/usr/bin/ruby
|
2
|
+
#===================================================
|
3
|
+
# Hardsploit API - By Opale Security
|
4
|
+
# www.opale-security.com || www.hardsploit.io
|
5
|
+
# License: GNU General Public License v3
|
6
|
+
# License URI: http://www.gnu.org/licenses/gpl.txt
|
7
|
+
#===================================================
|
8
|
+
|
9
|
+
class HardsploitAPI
|
10
|
+
public
|
11
|
+
def loadFirmware(firmware)
|
12
|
+
base_path = File.expand_path(File.dirname(__FILE__)) + '/../../Firmwares/FPGA/'
|
13
|
+
case firmware
|
14
|
+
when 'I2C'
|
15
|
+
firmware_path = base_path + 'I2C/I2C_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_I2C_INTERACT.rpd'
|
16
|
+
HardsploitAPI.instance.uploadFirmware(pathFirmware: firmware_path, checkFirmware: false)
|
17
|
+
when 'SPI'
|
18
|
+
firmware_path = base_path + 'SPI/SPI_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SPI_INTERACT.rpd'
|
19
|
+
HardsploitAPI.instance.uploadFirmware(pathFirmware: firmware_path, checkFirmware: false)
|
20
|
+
when 'SPI_SNIFFER'
|
21
|
+
firmware_path = base_path + 'SPI/SPI_SNIFFER/HARDSPLOIT_FIRMWARE_FPGA_SPI_SNIFFER.rpd'
|
22
|
+
HardsploitAPI.instance.uploadFirmware(pathFirmware: firmware_path, checkFirmware: false)
|
23
|
+
when 'PARALLEL'
|
24
|
+
firmware_path = base_path + 'PARALLEL/NO_MUX_PARALLEL_MEMORY/HARDSPLOIT_FIRMWARE_FPGA_NO_MUX_PARALLEL_MEMORY.rpd'
|
25
|
+
HardsploitAPI.instance.uploadFirmware(pathFirmware: firmware_path, checkFirmware: false)
|
26
|
+
when 'SWD'
|
27
|
+
firmware_path = base_path + 'SWD/SWD_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SWD_INTERACT.rpd'
|
28
|
+
HardsploitAPI.instance.uploadFirmware(pathFirmware: firmware_path, checkFirmware: false)
|
29
|
+
when 'UART'
|
30
|
+
firmware_path = base_path + 'UART/UART_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_UART_INTERACT.rpd'
|
31
|
+
HardsploitAPI.instance.uploadFirmware(pathFirmware: firmware_path, checkFirmware: false)
|
32
|
+
when 'uC'
|
33
|
+
system("dfu-util -D 0483:df11 -a 0 -s 0x08000000 -R --download #{File.expand_path(File.dirname(__FILE__))}'/../Firmwares/UC/HARDSPLOIT_FIRMWARE_UC.bin'")
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
# Wait to receive data
|
38
|
+
# * +pathFirmware+:: path of rpd file (vhdl)
|
39
|
+
# * +checkFirmware+:: boolean if check is needed (recommended false, in case issue true to check)
|
40
|
+
# Return true if firmware write == firmware read (slow because read the firmware for check)
|
41
|
+
def uploadFirmware(pathFirmware:,checkFirmware:)
|
42
|
+
stopFPGA
|
43
|
+
eraseFirmware
|
44
|
+
firmwarewrite = self.writeFirmware(pathFirmware)#return array of bytes write
|
45
|
+
if checkFirmware == true then
|
46
|
+
firmwareRead = self.readFirmware(firmwarewrite.length) #return array of bytes read
|
47
|
+
startFPGA
|
48
|
+
sleep(1)
|
49
|
+
return (firmwarewrite == firmwareRead)
|
50
|
+
else
|
51
|
+
startFPGA
|
52
|
+
sleep(1)
|
53
|
+
return true
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def startFPGA
|
58
|
+
packet = Array.new
|
59
|
+
packet.push HardsploitAPI.lowByte(word:4)
|
60
|
+
packet.push HardsploitAPI.highByte(word:4)
|
61
|
+
packet.push HardsploitAPI.lowByte(word:USB_COMMAND::START_FPGA)
|
62
|
+
packet.push HardsploitAPI.highByte(word:USB_COMMAND::START_FPGA)
|
63
|
+
self.sendPacket(packet)
|
64
|
+
end
|
65
|
+
def stopFPGA
|
66
|
+
packet = Array.new
|
67
|
+
packet.push HardsploitAPI.lowByte(word:4)
|
68
|
+
packet.push HardsploitAPI.highByte(word:4)
|
69
|
+
packet.push HardsploitAPI.lowByte(word:USB_COMMAND::STOP_FPGA)
|
70
|
+
packet.push HardsploitAPI.highByte(word:USB_COMMAND::STOP_FPGA)
|
71
|
+
self.sendPacket(packet)
|
72
|
+
end
|
73
|
+
|
74
|
+
|
75
|
+
protected
|
76
|
+
def eraseFirmware
|
77
|
+
usbPacket = Array.new
|
78
|
+
usbPacket.push HardsploitAPI.lowByte(word:4) #length of trame
|
79
|
+
usbPacket.push HardsploitAPI.highByte(word:4)
|
80
|
+
usbPacket.push HardsploitAPI.lowByte(word:USB_COMMAND::ERASE_FIRMWARE)
|
81
|
+
usbPacket.push HardsploitAPI.highByte(word:USB_COMMAND::ERASE_FIRMWARE)
|
82
|
+
|
83
|
+
consoleInfo "Start to erase Firmware\n"
|
84
|
+
t1 = Time.now
|
85
|
+
|
86
|
+
#Timeout very high to detect the end of erasing
|
87
|
+
received_data = sendAndReceiveDATA(usbPacket,15000)
|
88
|
+
|
89
|
+
t2 = Time.now
|
90
|
+
delta = t2 - t1
|
91
|
+
consoleSpeed "Firmware erased in #{delta.round(4)} sec\n\n"
|
92
|
+
|
93
|
+
end
|
94
|
+
|
95
|
+
#Just path of file and wait. is a blocking function until firmware has been uploaded
|
96
|
+
def writeFirmware (file_path)
|
97
|
+
t1 = Time.now
|
98
|
+
consoleInfo "Upload firmware in progress\n"
|
99
|
+
|
100
|
+
usbPacket= Array.new
|
101
|
+
file = File.read(file_path,:encoding => 'iso-8859-1').unpack('C*') #string to array byte
|
102
|
+
puts "Date of last modification of the firmware #{File.mtime(file_path)}"
|
103
|
+
|
104
|
+
consoleInfo "FIRMARE Write #{file.size} bytes\n"
|
105
|
+
|
106
|
+
nbFullPage = file.size/256
|
107
|
+
nbLastByte = file.size%256
|
108
|
+
|
109
|
+
nbFullPacket = nbFullPage/31
|
110
|
+
nbLastPagePacket = nbFullPage%31
|
111
|
+
nbSuppressBytesAtLast = 256-nbLastByte
|
112
|
+
#complete last page with the last alone byte ( without full page)
|
113
|
+
if nbLastByte > 0 then
|
114
|
+
for i in 0.. (nbSuppressBytesAtLast-1)
|
115
|
+
file.push 0xFF
|
116
|
+
end
|
117
|
+
nbFullPage = nbFullPage+1
|
118
|
+
nbLastByte = 0
|
119
|
+
|
120
|
+
#recalculating packet after complete half page to a full page
|
121
|
+
nbFullPacket = nbFullPage/31
|
122
|
+
nbLastPagePacket = nbFullPage%31
|
123
|
+
else
|
124
|
+
nbSuppressBytesAtLast = 0
|
125
|
+
end
|
126
|
+
|
127
|
+
consoleInfo "REAL Write #{file.size} bytes\n"
|
128
|
+
|
129
|
+
#Now only full page but maybe a half packet
|
130
|
+
#Prepare the full packet (31 pages of 256 byte each)
|
131
|
+
for ipacket in 0..nbFullPacket-1
|
132
|
+
usbPacket= Array.new
|
133
|
+
usbPacket.push 0 #lenght of trame modify by sendUSBPacket
|
134
|
+
usbPacket.push 0
|
135
|
+
usbPacket.push HardsploitAPI.lowByte(word:USB_COMMAND::WRITE_PAGE_FIRMWARE)
|
136
|
+
usbPacket.push HardsploitAPI.highByte(word:USB_COMMAND::WRITE_PAGE_FIRMWARE)
|
137
|
+
usbPacket.push HardsploitAPI.lowByte(word:(ipacket)*31) # low byte Nb of the first page
|
138
|
+
usbPacket.push HardsploitAPI.highByte(word:(ipacket)*31) # high byte Nb of the first page
|
139
|
+
usbPacket.push 31 #Nb of pages sent
|
140
|
+
|
141
|
+
start = (ipacket)*31*256
|
142
|
+
stop = (ipacket+1)*31*256 -1 #array start at index = 0
|
143
|
+
|
144
|
+
for iFile in start..stop
|
145
|
+
usbPacket.push HardsploitAPI.reverseBit(file[iFile])
|
146
|
+
end
|
147
|
+
|
148
|
+
percent = ipacket *100 / (nbFullPacket-1)
|
149
|
+
begin
|
150
|
+
sendPacket(usbPacket)
|
151
|
+
consoleSpeed "UPLOAD AT : #{ipacket} / #{(nbFullPacket-1)} (#{percent}) %\n"
|
152
|
+
HardsploitAPI.instance.consoleProgress(
|
153
|
+
percent: percent,
|
154
|
+
startTime:t1,
|
155
|
+
endTime: Time.new
|
156
|
+
)
|
157
|
+
rescue
|
158
|
+
raise USB_ERROR
|
159
|
+
end
|
160
|
+
end
|
161
|
+
|
162
|
+
#Prepare the last packet with the rest of data
|
163
|
+
if nbLastPagePacket >0 then
|
164
|
+
usbPacket= Array.new
|
165
|
+
usbPacket.push 0 #lenght of trame modify by sendUSBPacket
|
166
|
+
usbPacket.push 0
|
167
|
+
usbPacket.push HardsploitAPI.lowByte(word:USB_COMMAND::WRITE_PAGE_FIRMWARE)
|
168
|
+
usbPacket.push HardsploitAPI.highByte(word:USB_COMMAND::WRITE_PAGE_FIRMWARE)
|
169
|
+
|
170
|
+
if nbFullPacket == 0 then
|
171
|
+
usbPacket.push HardsploitAPI.lowByte(word:(nbFullPacket)*31) # low byte Nb of the first page
|
172
|
+
usbPacket.push HardsploitAPI.highByte(word:(nbFullPacket)*31) # high byte Nb of the first page
|
173
|
+
else
|
174
|
+
usbPacket.push HardsploitAPI.lowByte(word:(nbFullPacket)*31 + 1 ) # low byte Nb of the first page
|
175
|
+
usbPacket.push HardsploitAPI.highByte(word:(nbFullPacket)*31+ 1 ) # high byte Nb of the first page
|
176
|
+
end
|
177
|
+
|
178
|
+
usbPacket.push nbLastPagePacket # nb of page < 31
|
179
|
+
|
180
|
+
start = (nbFullPacket)*31*256
|
181
|
+
stop = (nbFullPacket)*31*256 + nbLastPagePacket*256 -1
|
182
|
+
|
183
|
+
for iFile in start..stop
|
184
|
+
#inverted LSB MSB
|
185
|
+
usbPacket.push HardsploitAPI.reverseBit(file[iFile])
|
186
|
+
end
|
187
|
+
begin
|
188
|
+
sendPacket(usbPacket)
|
189
|
+
consoleSpeed "UPLOAD AT : 100 %\n"
|
190
|
+
HardsploitAPI.instance.consoleProgress(
|
191
|
+
percent: 100,
|
192
|
+
startTime:t1,
|
193
|
+
endTime: Time.new
|
194
|
+
)
|
195
|
+
rescue
|
196
|
+
raise ERROR::USB_ERROR
|
197
|
+
end
|
198
|
+
end
|
199
|
+
|
200
|
+
t2 = Time.now
|
201
|
+
delta = t2 - t1
|
202
|
+
consoleSpeed "FIRMWARE WAS WRITTEN in #{delta.round(4)} sec\n"
|
203
|
+
file.pop(nbSuppressBytesAtLast)
|
204
|
+
return file
|
205
|
+
end
|
206
|
+
|
207
|
+
#Read firmware
|
208
|
+
def readFirmware(size)
|
209
|
+
consoleSpeed "START READ FIRMWARE \n"
|
210
|
+
readFirmware = Array.new
|
211
|
+
t1 = Time.now
|
212
|
+
|
213
|
+
nbFullPage = size/256
|
214
|
+
nbLastByte = size%256
|
215
|
+
|
216
|
+
|
217
|
+
nbFullPacket = nbFullPage/31
|
218
|
+
nbLastPagePacket = nbFullPage%31
|
219
|
+
|
220
|
+
if nbLastByte > 0 then
|
221
|
+
nbSuppressBytesAtLast = 256-nbLastByte
|
222
|
+
|
223
|
+
nbFullPage = nbFullPage+1
|
224
|
+
nbLastByte = 0
|
225
|
+
|
226
|
+
nbFullPacket = nbFullPage/31
|
227
|
+
nbLastPagePacket = nbFullPage%31
|
228
|
+
else
|
229
|
+
nbSuppressBytesAtLast = 0
|
230
|
+
|
231
|
+
end
|
232
|
+
|
233
|
+
for ipacket in 0..nbFullPacket-1
|
234
|
+
usbPacket= Array.new
|
235
|
+
usbPacket.push 7
|
236
|
+
usbPacket.push 0
|
237
|
+
usbPacket.push HardsploitAPI.lowByte(word:USB_COMMAND::READ_PAGE_FIRMWARE)
|
238
|
+
usbPacket.push HardsploitAPI.highByte(word:USB_COMMAND::READ_PAGE_FIRMWARE)
|
239
|
+
usbPacket.push HardsploitAPI.lowByte(word:(ipacket)*31) # low byte Nb of the first page
|
240
|
+
usbPacket.push HardsploitAPI.highByte(word:(ipacket)*31) # high byte Nb of the first page
|
241
|
+
usbPacket.push 31 # nb of page max 31 per packet
|
242
|
+
|
243
|
+
received_data = sendAndReceiveDATA(usbPacket,3000)
|
244
|
+
#remove header
|
245
|
+
received_data = received_data.drop(7)
|
246
|
+
|
247
|
+
#reverse byte
|
248
|
+
received_data = received_data.collect {|x| HardsploitAPI.reverseBit(x) }
|
249
|
+
readFirmware.push *received_data
|
250
|
+
if nbFullPacket == 1 then
|
251
|
+
consoleSpeed "READ AT : 1 / 2 50 %\n"
|
252
|
+
HardsploitAPI.instance.consoleProgress(
|
253
|
+
percent: 50,
|
254
|
+
startTime:t1,
|
255
|
+
endTime: Time.new
|
256
|
+
)
|
257
|
+
else
|
258
|
+
percent = ipacket *100 / (nbFullPacket-1)
|
259
|
+
consoleSpeed "READ AT : #{ipacket} / #{(nbFullPacket-1)} (#{percent} %) \n"
|
260
|
+
HardsploitAPI.instance.consoleProgress(
|
261
|
+
percent: percent,
|
262
|
+
startTime:t1,
|
263
|
+
endTime: Time.new
|
264
|
+
)
|
265
|
+
end
|
266
|
+
end
|
267
|
+
|
268
|
+
#Prepare the last packet with the rest of data
|
269
|
+
if nbLastPagePacket >0 then
|
270
|
+
usbPacket= Array.new
|
271
|
+
usbPacket.push 7
|
272
|
+
usbPacket.push 0
|
273
|
+
usbPacket.push HardsploitAPI.lowByte(word:USB_COMMAND::READ_PAGE_FIRMWARE)
|
274
|
+
usbPacket.push HardsploitAPI.highByte(word:USB_COMMAND::READ_PAGE_FIRMWARE)
|
275
|
+
|
276
|
+
#Increase nb of page to add the last byte
|
277
|
+
if nbFullPacket == 0 then
|
278
|
+
usbPacket.push HardsploitAPI.lowByte(word:(nbFullPacket)*31) # low byte Nb of the first page
|
279
|
+
usbPacket.push HardsploitAPI.highByte(word:(nbFullPacket)*31) # high byte Nb of the first page
|
280
|
+
else
|
281
|
+
usbPacket.push HardsploitAPI.lowByte(word:(nbFullPacket)*31 + 1 ) # low byte Nb of the first page
|
282
|
+
usbPacket.push HardsploitAPI.highByte(word:(nbFullPacket)*31+ 1 ) # high byte Nb of the first page
|
283
|
+
end
|
284
|
+
|
285
|
+
usbPacket.push nbLastPagePacket
|
286
|
+
|
287
|
+
received_data = sendAndReceiveDATA(usbPacket,15000)
|
288
|
+
#remove header
|
289
|
+
received_data = received_data.drop(7)
|
290
|
+
#reverse byte
|
291
|
+
received_data = received_data.collect {|x| HardsploitAPI.reverseBit(x) }
|
292
|
+
readFirmware.push *received_data
|
293
|
+
|
294
|
+
consoleSpeed "READ AT 100%\n"
|
295
|
+
end
|
296
|
+
|
297
|
+
#remove a fake byte at last of reading just for transmiting
|
298
|
+
readFirmware.pop(nbSuppressBytesAtLast)
|
299
|
+
|
300
|
+
t2 = Time.now
|
301
|
+
delta = t2 - t1
|
302
|
+
consoleSpeed "READ FIRMWARE FINISH in #{delta.round(4)} sec\n"
|
303
|
+
return readFirmware
|
304
|
+
end
|
305
|
+
end
|
File without changes
|
@@ -0,0 +1,166 @@
|
|
1
|
+
#!/usr/bin/ruby
|
2
|
+
#===================================================
|
3
|
+
# Hardsploit API - By Opale Security
|
4
|
+
# www.opale-security.com || www.hardsploit.io
|
5
|
+
# License: GNU General Public License v3
|
6
|
+
# License URI: http://www.gnu.org/licenses/gpl.txt
|
7
|
+
#===================================================
|
8
|
+
|
9
|
+
require "benchmark"
|
10
|
+
class HardsploitAPI
|
11
|
+
public
|
12
|
+
|
13
|
+
# Obtain the number of hardsploit connected to PC
|
14
|
+
# Return number
|
15
|
+
def self.getNumberOfBoardAvailable
|
16
|
+
return LIBUSB::Context.new.devices(:idVendor => 0x0483, :idProduct => 0xFFFF).size
|
17
|
+
end
|
18
|
+
|
19
|
+
# Connect board and get an instance to work with
|
20
|
+
# Return USB_STATE
|
21
|
+
def connect
|
22
|
+
@usb = LIBUSB::Context.new
|
23
|
+
@devices = @usb.devices(:idVendor => 0x0483, :idProduct => 0xFFFF)
|
24
|
+
|
25
|
+
if @devices.size == 0 then
|
26
|
+
@device = nil
|
27
|
+
@dev = nil
|
28
|
+
raise ERROR::HARDSPLOIT_NOT_FOUND
|
29
|
+
else
|
30
|
+
if @@id >= @devices.size then
|
31
|
+
raise ERROR::HARDSPLOIT_NOT_FOUND
|
32
|
+
else
|
33
|
+
begin
|
34
|
+
if @dev == nil then
|
35
|
+
@dev = @devices[@@id].open
|
36
|
+
if RUBY_PLATFORM=~/linux/i && @dev.kernel_driver_active?(0)
|
37
|
+
@dev.detach_kernel_driver(0)
|
38
|
+
end
|
39
|
+
@dev.claim_interface(0)
|
40
|
+
end
|
41
|
+
self.startFPGA
|
42
|
+
sleep(0.1)
|
43
|
+
self.setStatutLed(led:USB_COMMAND::GREEN_LED,state:true);
|
44
|
+
rescue
|
45
|
+
raise ERROR::USB_ERROR
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def reconncet
|
52
|
+
@usb = LIBUSB::Context.new
|
53
|
+
@devices = @usb.devices(:idVendor => 0x0483, :idProduct => 0xFFFF)
|
54
|
+
if @devices.size == 0 then
|
55
|
+
@device = nil
|
56
|
+
@dev = nil
|
57
|
+
raise ERROR::HARDSPLOIT_NOT_FOUND
|
58
|
+
else
|
59
|
+
begin
|
60
|
+
@dev = @devices[@@id].open
|
61
|
+
if RUBY_PLATFORM=~/linux/i && @dev.kernel_driver_active?(0)
|
62
|
+
@dev.detach_kernel_driver(0)
|
63
|
+
end
|
64
|
+
@dev.claim_interface(0)
|
65
|
+
self.startFPGA
|
66
|
+
sleep(0.1)
|
67
|
+
self.setStatutLed(led:USB_COMMAND::GREEN_LED,state:true);
|
68
|
+
|
69
|
+
rescue
|
70
|
+
raise ERROR::USB_ERROR
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
# Obtain low byte of a word
|
76
|
+
# * +word+:: 16 bit word
|
77
|
+
# Return low byte of the word
|
78
|
+
def self.lowByte(word:)
|
79
|
+
return word & 0xFF
|
80
|
+
end
|
81
|
+
|
82
|
+
# Obtain high byte of a word
|
83
|
+
# * +word+:: 16 bit word
|
84
|
+
# Return high byte of the word
|
85
|
+
def self.highByte(word:)
|
86
|
+
return (word & 0xFF00) >> 8
|
87
|
+
end
|
88
|
+
|
89
|
+
# Obtain high byte of a word
|
90
|
+
# * +lByte+:: low byte
|
91
|
+
# * +hByte+:: high byte
|
92
|
+
# Return 16 bits integer concatenate with low and high bytes
|
93
|
+
def self.BytesToInt(lByte:,hByte:)
|
94
|
+
return (lByte + (hByte<<8))
|
95
|
+
end
|
96
|
+
|
97
|
+
|
98
|
+
# Send data and wait to receive response
|
99
|
+
# * +packet_send+:: array of byte
|
100
|
+
# * +timeout+:: timeout to read response (ms)
|
101
|
+
# Return USB_STATE or array with response (improve soon with exception)
|
102
|
+
def sendAndReceiveDATA(packet_send,timeout)
|
103
|
+
time = Time.new
|
104
|
+
begin
|
105
|
+
sendPacket(packet_send)
|
106
|
+
received_data = @dev.bulk_transfer(:endpoint=>IN_ENDPOINT, :dataIn=>USB::USB_TRAME_SIZE, :timeout=>timeout)
|
107
|
+
consoleSpeed "RECEIVE #{((received_data.bytes.to_a.size/(Time.new-time))).round(2)}Bytes/s #{(received_data.bytes.to_a.size)}Bytes in #{(Time.new-time).round(4)} s"
|
108
|
+
return received_data.bytes.to_a
|
109
|
+
rescue LIBUSB::ERROR_NO_DEVICE
|
110
|
+
raise ERROR::HARDSPLOIT_NOT_FOUND
|
111
|
+
rescue
|
112
|
+
raise ERROR::USB_ERROR
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
# Wait to receive data
|
117
|
+
# * +timeout+:: timeout to read response (ms)
|
118
|
+
# Return USB_STATE or array with response (improve soon with exception)
|
119
|
+
def receiveDATA(timeout)
|
120
|
+
begin
|
121
|
+
received_data = @dev.bulk_transfer(:endpoint=>IN_ENDPOINT, :dataIn=>USB::USB_TRAME_SIZE, :timeout=>timeout)
|
122
|
+
return received_data
|
123
|
+
rescue LIBUSB::ERROR_NO_DEVICE
|
124
|
+
raise ERROR::USB_ERROR
|
125
|
+
rescue LIBUSB::ERROR_NO_DEVICE
|
126
|
+
raise ERROR::HARDSPLOIT_NOT_FOUND
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
# Send USB packet
|
131
|
+
# * +packet+:: array with bytes
|
132
|
+
# Return number of byte sent
|
133
|
+
def sendPacket(packet_send)
|
134
|
+
|
135
|
+
begin
|
136
|
+
if packet_send.size <= 8191 then
|
137
|
+
|
138
|
+
packet_send[0] = HardsploitAPI.lowByte(word:packet_send.size)
|
139
|
+
packet_send[1] = HardsploitAPI.highByte(word:packet_send.size)
|
140
|
+
|
141
|
+
#if a multiple of packet size add a value to explicit the end of trame
|
142
|
+
if packet_send.size % 64 ==0 then
|
143
|
+
packet_send.push 0
|
144
|
+
end
|
145
|
+
|
146
|
+
number_of_data_send = 0
|
147
|
+
time = Benchmark.realtime do
|
148
|
+
number_of_data_send = @dev.bulk_transfer(:endpoint=>OUT_ENDPOINT, :dataOut=>packet_send.pack('c*'),:timeout=>3000)
|
149
|
+
end
|
150
|
+
consoleSpeed "SEND #{((number_of_data_send/time)).round(2)}Bytes/s SEND #{(number_of_data_send)}Bytes in #{time.round(4)} s"
|
151
|
+
if number_of_data_send == packet_send.size then
|
152
|
+
return number_of_data_send
|
153
|
+
else
|
154
|
+
raise ERROR::USB_ERROR
|
155
|
+
end
|
156
|
+
else
|
157
|
+
raise ERROR::USB_ERROR
|
158
|
+
end
|
159
|
+
rescue LIBUSB::ERROR_NO_DEVICE
|
160
|
+
#TRY TO RECONNECT maybe error due to disconnecting and reconnecting board
|
161
|
+
reconncet
|
162
|
+
rescue
|
163
|
+
raise ERROR::USB_ERROR
|
164
|
+
end
|
165
|
+
end
|
166
|
+
end
|