hardsploit_gui 2.2 → 2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/hardsploit_gui +2 -2
- data/lib/{Firmware → Firmwares}/FPGA/I2C/I2C_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_I2C_INTERACT.rpd +0 -0
- data/lib/{Firmware/FPGA/SWD/SWD_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SWD_INTERACT.rpd → Firmwares/FPGA/PARALLEL/NO_MUX_PARALLEL_MEMORY/HARDSPLOIT_FIRMWARE_FPGA_NO_MUX_PARALLEL_MEMORY.rpd} +0 -0
- data/lib/Firmwares/FPGA/SPI/SPI_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SPI_INTERACT.rpd +0 -0
- data/lib/{Firmware/FPGA/SPI/SPI_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SPI_INTERACT.rpd → Firmwares/FPGA/SPI/SPI_SNIFFER/HARDSPLOIT_FIRMWARE_FPGA_SPI_SNIFFER.rpd} +0 -0
- data/lib/Firmwares/FPGA/SWD/SWD_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SWD_INTERACT.rpd +0 -0
- data/lib/{Firmware → Firmwares}/FPGA/TEST/TEST_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_TEST_INTERACT.rpd +0 -0
- data/lib/Firmwares/FPGA/UART/UART_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_UART_INTERACT.rpd +0 -0
- data/lib/{Firmware → Firmwares}/FPGA/VersionFPGA.rb +1 -1
- data/lib/{Firmware → Firmwares}/UC/HARDSPLOIT_FIRMWARE_UC.bin +0 -0
- data/lib/{Firmware → Firmwares}/UC/VersionUC.rb +1 -1
- data/lib/HardsploitAPI/Core/HardsploitAPI.rb +210 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_CONSTANT.rb +150 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_ERROR.rb +109 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_FIRMWARE.rb +305 -0
- data/lib/HardsploitAPI/{HardsploitAPI_PROGRESS.rb → Core/HardsploitAPI_PROGRESS.rb} +0 -0
- data/lib/HardsploitAPI/Core/HardsploitAPI_USB_COMMUNICATION.rb +166 -0
- data/lib/HardsploitAPI/Modules/I2C/HardsploitAPI_I2C.rb +356 -0
- data/lib/HardsploitAPI/{HardsploitAPI_NO_MUX_PARALLELE_MEMORY.rb → Modules/NO_MUX_PARALLEL_MEMORY/HardsploitAPI_NO_MUX_PARALLEL_MEMORY.rb} +26 -49
- data/lib/HardsploitAPI/Modules/NRF24L01/HardsploitAPI_NRF24L01.rb +306 -0
- data/lib/HardsploitAPI/Modules/SPI/HardsploitAPI_SPI.rb +340 -0
- data/lib/HardsploitAPI/Modules/SPI_SNIFFER/HardsploitAPI_SPI_SNIFFER.rb +83 -0
- data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD.rb +367 -0
- data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD_DEBUG.rb +89 -0
- data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD_MEM_AP.rb +61 -0
- data/lib/HardsploitAPI/{SWD → Modules/SWD}/HardsploitAPI_SWD_STM32.rb +32 -15
- data/lib/HardsploitAPI/{HardsploitAPI_TEST_INTERACT.rb → Modules/TEST/HardsploitAPI_TEST_INTERACT.rb} +1 -1
- data/lib/HardsploitAPI/Modules/UART/HardsploitAPI_UART.rb +196 -0
- data/lib/Hardsploit_gui.rb +96 -0
- data/lib/class/Chip_editor.rb +186 -330
- data/lib/class/Chip_management.rb +496 -0
- data/lib/class/Command_editor.rb +130 -182
- data/lib/class/Command_table.rb +16 -22
- data/lib/class/Console.rb +0 -2
- data/lib/class/ErrorMsg.rb +312 -0
- data/lib/class/Export.rb +140 -0
- data/lib/class/Export_manager.rb +43 -43
- data/lib/class/Firmware.rb +52 -11
- data/lib/class/Generic_commands.rb +180 -190
- data/lib/class/Import.rb +193 -0
- data/lib/class/Progress_bar.rb +1 -0
- data/lib/class/Signal_mapper.rb +120 -0
- data/lib/class/Wire_helper.rb +132 -148
- data/lib/class/{I2C → i2c}/I2c_command.rb +16 -13
- data/lib/class/i2c/I2c_export.rb +95 -0
- data/lib/class/i2c/I2c_import.rb +117 -0
- data/lib/class/i2c/I2c_scanner.rb +114 -0
- data/lib/class/i2c/I2c_settings.rb +148 -0
- data/lib/class/parallel/Parallel_export.rb +118 -0
- data/lib/class/parallel/Parallel_import.rb +113 -0
- data/lib/class/parallel/Parallel_settings.rb +81 -0
- data/lib/class/spi/Spi_export.rb +108 -0
- data/lib/class/spi/Spi_import.rb +159 -0
- data/lib/class/spi/Spi_settings.rb +108 -0
- data/lib/class/spi/Spi_sniffer.rb +101 -0
- data/lib/class/swd/Swd.rb +125 -0
- data/lib/class/swd/Swd_scanner.rb +121 -0
- data/lib/class/swd/Swd_settings.rb +76 -0
- data/lib/class/uart/Uart_baudrate.rb +62 -0
- data/lib/class/uart/Uart_console.rb +115 -0
- data/lib/class/uart/Uart_settings.rb +102 -0
- data/lib/db/associations.rb +42 -29
- data/lib/db/database.rb +4 -0
- data/lib/db/development.sqlite3 +0 -0
- data/lib/db/migrate/004_create_manufacturers.rb +13 -0
- data/lib/db/migrate/005_create_packages.rb +13 -0
- data/lib/db/migrate/006_create_chip_types.rb +11 -0
- data/lib/db/migrate/007_create_buses.rb +11 -0
- data/lib/db/migrate/008_create_signals.rb +14 -0
- data/lib/db/migrate/009_create_chips.rb +25 -0
- data/lib/db/migrate/010_create_commands.rb +21 -0
- data/lib/db/migrate/011_create_bytes.rb +19 -0
- data/lib/db/migrate/012_create_i2c_settings.rb +21 -0
- data/lib/db/migrate/013_create_spi_settings.rb +26 -0
- data/lib/db/migrate/014_create_parallel_settings.rb +21 -0
- data/lib/db/migrate/015_create_pins.rb +19 -0
- data/lib/db/migrate/016_create_uses.rb +17 -0
- data/lib/db/migrate/017_create_swd_settings.rb +19 -0
- data/lib/db/migrate/018_create_uart_settings.rb +22 -0
- data/lib/db/schema.rb +157 -0
- data/lib/db/seeds.rb +161 -0
- data/lib/gui/gui_chip_editor.rb +23 -22
- data/lib/gui/gui_chip_management.rb +43 -38
- data/lib/gui/gui_command_editor.rb +2 -1
- data/lib/gui/gui_export.rb +132 -0
- data/lib/gui/gui_generic_commands.rb +69 -31
- data/lib/gui/gui_generic_export.rb +18 -2
- data/lib/gui/gui_generic_import.rb +18 -2
- data/lib/gui/gui_i2c_command.rb +2 -1
- data/lib/gui/gui_i2c_settings.rb +2 -2
- data/lib/gui/gui_import.rb +131 -0
- data/lib/gui/gui_parallel_settings.rb +2 -1
- data/lib/gui/gui_progress_bar.rb +2 -1
- data/lib/gui/gui_signal_mapper.rb +121 -0
- data/lib/gui/gui_signal_scanner.rb +146 -0
- data/lib/gui/gui_spi_settings.rb +6 -2
- data/lib/gui/gui_spi_sniffer.rb +112 -0
- data/lib/gui/gui_swd_settings.rb +166 -0
- data/lib/gui/gui_uart_baudrate.rb +114 -0
- data/lib/gui/gui_uart_console.rb +164 -0
- data/lib/gui/gui_uart_settings.rb +243 -0
- data/lib/gui_designer/gui_chip_editor.ui +9 -6
- data/lib/gui_designer/gui_chip_management.ui +79 -35
- data/lib/gui_designer/gui_command_editor.ui +3 -0
- data/lib/gui_designer/gui_export.ui +171 -0
- data/lib/gui_designer/gui_generic_commands.ui +274 -190
- data/lib/gui_designer/gui_generic_export.ui +24 -1
- data/lib/gui_designer/gui_generic_import.ui +25 -2
- data/lib/gui_designer/gui_i2c_command.ui +3 -0
- data/lib/gui_designer/gui_i2c_settings.ui +2 -2
- data/lib/gui_designer/gui_import.ui +168 -0
- data/lib/gui_designer/gui_parallel_settings.ui +4 -1
- data/lib/gui_designer/gui_progress_bar.ui +3 -0
- data/lib/gui_designer/gui_signal_mapper.ui +179 -0
- data/lib/gui_designer/gui_signal_scanner.ui +261 -0
- data/lib/gui_designer/gui_spi_settings.ui +15 -2
- data/lib/gui_designer/gui_spi_sniffer.ui +156 -0
- data/lib/gui_designer/gui_swd_settings.ui +189 -0
- data/lib/gui_designer/gui_uart_baudrate.ui +161 -0
- data/lib/gui_designer/gui_uart_console.ui +284 -0
- data/lib/gui_designer/gui_uart_settings.ui +280 -0
- data/lib/logs/error.log +63 -0
- data/lib/models/bus.rb +19 -0
- data/lib/models/byte.rb +29 -0
- data/lib/models/chip.rb +41 -0
- data/lib/models/chip_type.rb +14 -0
- data/lib/models/command.rb +20 -0
- data/lib/models/i2c_setting.rb +41 -0
- data/lib/models/manufacturer.rb +14 -0
- data/lib/models/package.rb +26 -0
- data/lib/models/parallel_setting.rb +37 -0
- data/lib/models/pin.rb +14 -0
- data/lib/models/signall.rb +20 -0
- data/lib/models/spi_setting.rb +67 -0
- data/lib/models/swd_setting.rb +25 -0
- data/lib/models/uart_setting.rb +52 -0
- data/lib/models/use.rb +6 -0
- data/lib/startHardsploit.rb +2 -2
- metadata +106 -41
- data/lib/Firmware/FPGA/PARALLEL/NO_MUX_PARALLEL_MEMORY/HARDSPLOIT_FIRMWARE_FPGA_NO_MUX_PARALLEL_MEMORY.rpd +0 -0
- data/lib/HardsploitAPI/HardsploitAPI.rb +0 -133
- data/lib/HardsploitAPI/HardsploitAPI_CONSTANT.rb +0 -145
- data/lib/HardsploitAPI/HardsploitAPI_ERROR.rb +0 -38
- data/lib/HardsploitAPI/HardsploitAPI_FIRMWARE.rb +0 -311
- data/lib/HardsploitAPI/HardsploitAPI_I2C.rb +0 -360
- data/lib/HardsploitAPI/HardsploitAPI_SPI.rb +0 -369
- data/lib/HardsploitAPI/HardsploitAPI_USB_COMMUNICATION.rb +0 -148
- data/lib/HardsploitAPI/LICENSE.txt +0 -674
- data/lib/HardsploitAPI/README.md +0 -22
- data/lib/HardsploitAPI/SWD/HardsploitAPI_SWD.rb +0 -249
- data/lib/HardsploitAPI/SWD/HardsploitAPI_SWD_DEBUG.rb +0 -102
- data/lib/HardsploitAPI/SWD/HardsploitAPI_SWD_MEM_AP.rb +0 -78
- data/lib/HardsploitAPI/TRADEMARK +0 -3
- data/lib/class/HardsploitGUI.rb +0 -463
- data/lib/class/I2C/I2c_export.rb +0 -118
- data/lib/class/I2C/I2c_import.rb +0 -79
- data/lib/class/I2C/I2c_settings.rb +0 -129
- data/lib/class/PARALLEL/Parallel_export.rb +0 -146
- data/lib/class/PARALLEL/Parallel_import.rb +0 -88
- data/lib/class/PARALLEL/Parallel_settings.rb +0 -102
- data/lib/class/SPI/Spi_export.rb +0 -138
- data/lib/class/SPI/Spi_import.rb +0 -113
- data/lib/class/SPI/Spi_settings.rb +0 -134
- data/lib/db/hs.db +0 -0
- data/lib/hardsploit.rb +0 -131
data/lib/HardsploitAPI/README.md
DELETED
@@ -1,22 +0,0 @@
|
|
1
|
-
# Hardsploit
|
2
|
-
|
3
|
-
The essential security auditing tool for Internet of Things devices you'll need in your toolbox
|
4
|
-
|
5
|
-
### [GO TO HARDSPLOIT](http://www.hardsploit.io)
|
6
|
-
|
7
|
-
TO LEARN ABOUT IT
|
8
|
-
|
9
|
-
### [GO TO SHOP](https://www.shop-hardsploit.com)
|
10
|
-
TO BUY
|
11
|
-
|
12
|
-
### [GO TO WIKI](https://github.com/OPALESECURITY/hardsploit-api/wiki)
|
13
|
-
|
14
|
-
TO UNDERSTAND HOW USE IT
|
15
|
-
|
16
|
-
### [GO TO FORUM](http://forum.hardsploit.io)
|
17
|
-
|
18
|
-
FOR SUPPORT / HELP
|
19
|
-
|
20
|
-
### [GO TO BUG TRACKER](https://github.com/OPALESECURITY/hardsploit-api/issues)
|
21
|
-
|
22
|
-
FOR BUGS OR IMPROVEMENTS
|
@@ -1,249 +0,0 @@
|
|
1
|
-
#!/usr/bin/ruby
|
2
|
-
#===================================================
|
3
|
-
# Hardsploit API - By Opale Security
|
4
|
-
# www.opale-security.com || www.hardsploit.io
|
5
|
-
# License: GNU General Public License v3
|
6
|
-
# License URI: http://www.gnu.org/licenses/gpl.txt
|
7
|
-
#===================================================
|
8
|
-
require_relative 'HardsploitAPI_SWD_DEBUG'
|
9
|
-
require_relative 'HardsploitAPI_SWD_STM32'
|
10
|
-
|
11
|
-
class HardsploitAPI
|
12
|
-
attr_accessor :debugPort
|
13
|
-
attr_accessor :stm32
|
14
|
-
|
15
|
-
def runSWD
|
16
|
-
@debugPort = SWD_DEBUG_PORT.new(self)
|
17
|
-
@stm32 = SWD_STM32.new(debugPort)
|
18
|
-
|
19
|
-
resetSWD()
|
20
|
-
# Cortex M4 0x410FC241
|
21
|
-
# Cortex M3 0x411FC231
|
22
|
-
end
|
23
|
-
|
24
|
-
def obtainCodes
|
25
|
-
resetSWD()
|
26
|
-
code = {
|
27
|
-
:DebugPortId => debugPort.idcode(),
|
28
|
-
:AccessPortId => stm32.ahb.idcode(),
|
29
|
-
:CpuId => stm32.ahb.readWord(0xE000ED00),
|
30
|
-
:DeviceId => stm32.ahb.readWord(0x1FFFF7E8)
|
31
|
-
}
|
32
|
-
return code
|
33
|
-
end
|
34
|
-
|
35
|
-
|
36
|
-
def writeFlash(path)
|
37
|
-
resetSWD()
|
38
|
-
dataWrite = IO.binread(path)
|
39
|
-
dataWrite = dataWrite.unpack("C*")
|
40
|
-
puts "Halting Processor"
|
41
|
-
stm32.halt()
|
42
|
-
puts "Erasing Flash"
|
43
|
-
stm32.flashUnlock()
|
44
|
-
stm32.flashErase()
|
45
|
-
puts "Programming Flash"
|
46
|
-
stm32.flashProgram()
|
47
|
-
time = Time.new
|
48
|
-
stm32.flashWrite(0x08000000, dataWrite)
|
49
|
-
time = Time.new - time
|
50
|
-
puts "Write #{((dataWrite.size/time)).round(2)}Bytes/s #{(dataWrite.size)}Bytes in #{time.round(4)} s"
|
51
|
-
stm32.flashProgramEnd()
|
52
|
-
puts "Resetting"
|
53
|
-
stm32.sysReset()
|
54
|
-
puts "Start"
|
55
|
-
stm32.unhalt
|
56
|
-
end
|
57
|
-
|
58
|
-
def eraseFlash
|
59
|
-
puts 'Erase'
|
60
|
-
stm32.flashErase()
|
61
|
-
end
|
62
|
-
|
63
|
-
def dumpFlash(path)
|
64
|
-
resetSWD()
|
65
|
-
#DUMP FLASH MEMORY TO A FILE
|
66
|
-
@stm32.halt
|
67
|
-
flash_size = (stm32.ahb.readWord(0x1ffff7e0) & 0xFFFF)
|
68
|
-
puts "Flash size : #{(flash_size) } KB"
|
69
|
-
puts "Dump flash"
|
70
|
-
time = Time.new
|
71
|
-
data = @stm32.flashRead(0x08000000,(flash_size*1024))
|
72
|
-
time = Time.new - time
|
73
|
-
puts "DUMP #{((data.size/time)).round(2)}Bytes/s #{(data.size)}Bytes in #{time.round(4)} s"
|
74
|
-
IO.binwrite(path, data.pack('C*'))
|
75
|
-
puts "Finish dump"
|
76
|
-
end
|
77
|
-
|
78
|
-
def writeSWD(ap,register,data)
|
79
|
-
packet = Array.new
|
80
|
-
packet.push 0 #low byte of lenght of trame refresh automaticly before send by usb
|
81
|
-
packet.push 0 #high byte of lenght of trame refresh automaticly before send by usb
|
82
|
-
packet.push HardsploitAPI.lowByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
83
|
-
packet.push HardsploitAPI.highByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
84
|
-
|
85
|
-
packet.push 0x50 #Command RAW COMMUNICATION TO FPGA FIFO
|
86
|
-
|
87
|
-
packet.push 0x10 #Write mode
|
88
|
-
|
89
|
-
packet.push (calcOpcode(ap, register, false)) #Send Request
|
90
|
-
|
91
|
-
packet.push ((data & 0xFF) >> 0)
|
92
|
-
packet.push ((data & 0xFF00) >> 8 )
|
93
|
-
packet.push ((data & 0xFF0000) >> 16 )
|
94
|
-
packet.push ((data & 0xFF000000) >> 24 )
|
95
|
-
|
96
|
-
result = sendAndReceiveDATA(packet,1000)
|
97
|
-
|
98
|
-
if result.class == Array then
|
99
|
-
if result.size == 1 + 4 then #receive ACK
|
100
|
-
if result[4] == 1 then
|
101
|
-
return true
|
102
|
-
elsif result[4] == 2 then
|
103
|
-
raise "WAIT response"
|
104
|
-
elsif result[4] == 4 then
|
105
|
-
raise "FAULT response"
|
106
|
-
else
|
107
|
-
raise "WRITE ERROR #{result[4]}"
|
108
|
-
end
|
109
|
-
else
|
110
|
-
raise "Error during writing}"
|
111
|
-
end
|
112
|
-
else # Receive and error
|
113
|
-
raise "Error during writing, timeout "
|
114
|
-
end
|
115
|
-
|
116
|
-
return false
|
117
|
-
end
|
118
|
-
|
119
|
-
def writeBlockAP(data)
|
120
|
-
if data.size > 8000 then
|
121
|
-
raise "data is too big > 8000"
|
122
|
-
end
|
123
|
-
|
124
|
-
packet = Array.new
|
125
|
-
packet.push 0 #low byte of lenght of trame refresh automaticly before send by usb
|
126
|
-
packet.push 0 #high byte of lenght of trame refresh automaticly before send by usb
|
127
|
-
packet.push HardsploitAPI.lowByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
128
|
-
packet.push HardsploitAPI.highByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
129
|
-
|
130
|
-
packet.push 0x50 #Command RAW COMMUNICATION TO FPGA FIFO
|
131
|
-
packet.push 0xBB #Write ap
|
132
|
-
packet.push *data
|
133
|
-
|
134
|
-
result = sendAndReceiveDATA(packet,1000)
|
135
|
-
if result.class == Array then
|
136
|
-
if result.size == 1 + 4 then #receive ACK
|
137
|
-
if result[4] == 1 then
|
138
|
-
return true
|
139
|
-
elsif result[4] == 2 then
|
140
|
-
raise "WAIT response"
|
141
|
-
elsif result[4] == 4 then
|
142
|
-
raise "FAULT response"
|
143
|
-
else
|
144
|
-
raise "WRITE ERROR #{result[4]}"
|
145
|
-
end
|
146
|
-
else
|
147
|
-
raise "Error during writing"
|
148
|
-
end
|
149
|
-
else # Receive and error
|
150
|
-
raise "Error during writing, timeout "
|
151
|
-
end
|
152
|
-
return false
|
153
|
-
end
|
154
|
-
|
155
|
-
|
156
|
-
def readBlockAP(size)
|
157
|
-
packet = Array.new
|
158
|
-
packet.push 0 #low byte of lenght of trame refresh automaticly before send by usb
|
159
|
-
packet.push 0 #high byte of lenght of trame refresh automaticly before send by usb
|
160
|
-
packet.push HardsploitAPI.lowByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
161
|
-
packet.push HardsploitAPI.highByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
162
|
-
|
163
|
-
packet.push 0x50 #Command RAW COMMUNICATION TO FPGA FIFO
|
164
|
-
|
165
|
-
packet.push 0xAA #Read mode
|
166
|
-
packet.push HardsploitAPI.lowByte(size)
|
167
|
-
packet.push HardsploitAPI.highByte(size)
|
168
|
-
|
169
|
-
result = sendAndReceiveDATA(packet,1000)
|
170
|
-
if result.class == Array then
|
171
|
-
if result.size >= 4 then #Receive read + 4bytes for header
|
172
|
-
return result.drop(4)
|
173
|
-
else
|
174
|
-
raise "Receive just Header where is the data ? "
|
175
|
-
end
|
176
|
-
else # Receive and error
|
177
|
-
raise "Error during reading timeout or ACK issue "
|
178
|
-
end
|
179
|
-
end
|
180
|
-
|
181
|
-
def readSWD(ap,register)
|
182
|
-
packet = Array.new
|
183
|
-
packet.push 0 #low byte of lenght of trame refresh automaticly before send by usb
|
184
|
-
packet.push 0 #high byte of lenght of trame refresh automaticly before send by usb
|
185
|
-
packet.push HardsploitAPI.lowByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
186
|
-
packet.push HardsploitAPI.highByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
187
|
-
|
188
|
-
packet.push 0x50 #Command RAW COMMUNICATION TO FPGA FIFO
|
189
|
-
|
190
|
-
packet.push 0x11 #Read mode
|
191
|
-
packet.push(calcOpcode(ap,register, true)) #Send Request
|
192
|
-
|
193
|
-
result = sendAndReceiveDATA(packet,1000)
|
194
|
-
if result.class == Array then
|
195
|
-
if result.size == 4 + 4 then #Receive read + 4bytes for header
|
196
|
-
convert = (result[7] << 24) + (result[6] << 16) + (result[5] << 8 ) + result[4]
|
197
|
-
return convert
|
198
|
-
elsif result.size == 4+1 then #receive ACK
|
199
|
-
raise "Read error ACK : #{result[4]}"
|
200
|
-
else
|
201
|
-
raise "Error during reading"
|
202
|
-
end
|
203
|
-
else # Receive and error
|
204
|
-
raise "Error during reading timeout "
|
205
|
-
end
|
206
|
-
end
|
207
|
-
|
208
|
-
|
209
|
-
#Return array with 1 byte for ACK
|
210
|
-
#Return 32bits integer for data read here is Core ID
|
211
|
-
#Raise if error
|
212
|
-
def resetSWD
|
213
|
-
packet = Array.new
|
214
|
-
packet.push 0 #low byte of lenght of trame refresh automaticly before send by usb
|
215
|
-
packet.push 0 #high byte of lenght of trame refresh automaticly before send by usb
|
216
|
-
packet.push HardsploitAPI.lowByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
217
|
-
packet.push HardsploitAPI.highByte(HardsploitAPI::USB_COMMAND::FPGA_COMMAND)
|
218
|
-
|
219
|
-
packet.push 0x50 #Command RAW COMMUNICATION TO FPGA FIFO
|
220
|
-
|
221
|
-
packet.push 0x00 #Reset mode
|
222
|
-
|
223
|
-
result = sendAndReceiveDATA(packet,1000)
|
224
|
-
if result.class == Array then
|
225
|
-
if result.size == 4 + 4 then #Receive read + 4bytes for header
|
226
|
-
convert = (result[7] << 24) + (result[6] << 16) + (result[5] << 8 ) + result[4]
|
227
|
-
return convert
|
228
|
-
elsif result.size == 4 +1 then #reveice ACK
|
229
|
-
raise "ERROR ACK #{result[4]}"
|
230
|
-
else
|
231
|
-
raise "Error during reading ICCODE result != 4"
|
232
|
-
end
|
233
|
-
else # Receive and error
|
234
|
-
raise "Error during reading ICCODE timeout "
|
235
|
-
end
|
236
|
-
end
|
237
|
-
|
238
|
-
|
239
|
-
def calcOpcode (ap, register, read)
|
240
|
-
opcode = 0x00
|
241
|
-
(ap ? opcode |= 0x40 : opcode |= 0x00)
|
242
|
-
(read ? opcode |= 0x20 : opcode |= 0x00)
|
243
|
-
opcode = opcode | ((register & 0x01) << 4) | ((register & 0x02) << 2) #Addr AP DP bit 2..3
|
244
|
-
opcode = opcode | (((opcode & 0x78).to_s(2).count('1').odd? ? 1 : 0) << 2) #0x78 mask to take only read ap and register to process parity bit
|
245
|
-
opcode = opcode | 0x81 #Start and Park Bit
|
246
|
-
#puts "OpCode #{opcode.to_s(16)}"
|
247
|
-
return opcode
|
248
|
-
end
|
249
|
-
end
|
@@ -1,102 +0,0 @@
|
|
1
|
-
#!/usr/bin/ruby
|
2
|
-
#===================================================
|
3
|
-
# Hardsploit API - By Opale Security
|
4
|
-
# www.opale-security.com || www.hardsploit.io
|
5
|
-
# License: GNU General Public License v3
|
6
|
-
# License URI: http://www.gnu.org/licenses/gpl.txt
|
7
|
-
#===================================================
|
8
|
-
class SWD_DEBUG_PORT
|
9
|
-
|
10
|
-
def initialize(hardAPI)
|
11
|
-
@HardAPI = hardAPI
|
12
|
-
@HardAPI.startFPGA
|
13
|
-
sleep(0.5)
|
14
|
-
@HardAPI.resetSWD
|
15
|
-
# read the IDCODE
|
16
|
-
# if HardAPI.resetSWD() != 0x1ba01477 then
|
17
|
-
# raise "warning: unexpected idcode"
|
18
|
-
# else
|
19
|
-
# puts "MCU DETECTED"
|
20
|
-
# end
|
21
|
-
abort(1,1,1,1,1)
|
22
|
-
select(0,0)
|
23
|
-
# power shit up
|
24
|
-
puts "Power shit up"
|
25
|
-
@HardAPI.writeSWD(FALSE, 1, 0x54000000)
|
26
|
-
if (status() >> 24) != 0xF4 then
|
27
|
-
raise "error powering up system"
|
28
|
-
exit(0)
|
29
|
-
else
|
30
|
-
puts "POWERING UP SYTEM OK"
|
31
|
-
end
|
32
|
-
#get the SELECT register to a known state
|
33
|
-
select(0,0)
|
34
|
-
@curAP = 0
|
35
|
-
@curBank = 0
|
36
|
-
end
|
37
|
-
|
38
|
-
def getAPI
|
39
|
-
return @HardAPI
|
40
|
-
end
|
41
|
-
|
42
|
-
def idcode
|
43
|
-
return @HardAPI.readSWD(FALSE, 0)
|
44
|
-
end
|
45
|
-
|
46
|
-
def abort (orunerr, wdataerr, stickyerr, stickycmp, dap)
|
47
|
-
value = 0x00000000
|
48
|
-
(orunerr ? value |= 0x10 : value |= 0x00)
|
49
|
-
(wdataerr ? value |= 0x08 : value |= 0x00)
|
50
|
-
(stickyerr ? value |= 0x04 : value |= 0x00)
|
51
|
-
(stickycmp ? value |= 0x02 : value |= 0x00)
|
52
|
-
(dap ? value |= 0x01 : value |= 0x00)
|
53
|
-
@HardAPI.writeSWD(FALSE, 0, value)
|
54
|
-
end
|
55
|
-
|
56
|
-
def status
|
57
|
-
val= @HardAPI.readSWD(FALSE,1)
|
58
|
-
return val
|
59
|
-
end
|
60
|
-
|
61
|
-
def control (trnCount = 0, trnMode = 0, maskLane = 0, orunDetect = 0)
|
62
|
-
value = 0x54000000
|
63
|
-
value = value | ((trnCount & 0xFFF) << 12)
|
64
|
-
value = value | ((maskLane & 0x00F) << 8)
|
65
|
-
value = value | ((trnMode & 0x003) << 2)
|
66
|
-
(orunDetect ? value |= 0x01 : value |= 0x00)
|
67
|
-
@HardAPI.writeSWD(False, 1, value)
|
68
|
-
end
|
69
|
-
|
70
|
-
def select (apsel, apbank)
|
71
|
-
value = 0x00000000
|
72
|
-
value = value | ((apsel & 0xFF) << 24)
|
73
|
-
value = value | ((apbank & 0x0F) << 4)
|
74
|
-
@HardAPI.writeSWD(FALSE, 2, value)
|
75
|
-
end
|
76
|
-
|
77
|
-
|
78
|
-
def readRB
|
79
|
-
return @HardAPI.readSWD(FALSE, 3)
|
80
|
-
end
|
81
|
-
def readAP ( apsel, address)
|
82
|
-
adrBank = (address >> 4) & 0xF
|
83
|
-
adrReg = (address >> 2) & 0x3
|
84
|
-
if apsel != @curAP or adrBank != @curBank then
|
85
|
-
select(apsel, adrBank)
|
86
|
-
@curAP = apsel
|
87
|
-
@curBank = adrBank
|
88
|
-
end
|
89
|
-
return @HardAPI.readSWD(TRUE, adrReg)
|
90
|
-
end
|
91
|
-
|
92
|
-
def writeAP (apsel, address, data)
|
93
|
-
adrBank = (address >> 4) & 0xF
|
94
|
-
adrReg = (address >> 2) & 0x3
|
95
|
-
if apsel != @curAP or adrBank != @curBank then
|
96
|
-
select(apsel, adrBank)
|
97
|
-
@curAP = apsel
|
98
|
-
@curBank = adrBank
|
99
|
-
end
|
100
|
-
@HardAPI.writeSWD(TRUE, adrReg, data)
|
101
|
-
end
|
102
|
-
end
|
@@ -1,78 +0,0 @@
|
|
1
|
-
#!/usr/bin/ruby
|
2
|
-
#===================================================
|
3
|
-
# Hardsploit API - By Opale Security
|
4
|
-
# www.opale-security.com || www.hardsploit.io
|
5
|
-
# License: GNU General Public License v3
|
6
|
-
# License URI: http://www.gnu.org/licenses/gpl.txt
|
7
|
-
#===================================================
|
8
|
-
|
9
|
-
class SWD_MEM_AP
|
10
|
-
|
11
|
-
def initialize( dp, apsel)
|
12
|
-
@dp = dp
|
13
|
-
@apsel = apsel
|
14
|
-
csw(1,2) # 32-bit auto-incrementing addressing
|
15
|
-
end
|
16
|
-
|
17
|
-
def csw ( addrInc, size)
|
18
|
-
@dp.readAP(@apsel, 0x00)
|
19
|
-
val = @dp.readRB() & 0xFFFFFF00
|
20
|
-
@dp.writeAP(@apsel, 0x00, val + (addrInc << 4) + size)
|
21
|
-
end
|
22
|
-
def idcode
|
23
|
-
@dp.readAP(@apsel, 0xFC)
|
24
|
-
return @dp.readRB()
|
25
|
-
end
|
26
|
-
def readWord (adr)
|
27
|
-
@dp.writeAP(@apsel, 0x04, adr)
|
28
|
-
@dp.readAP(@apsel, 0x0C)
|
29
|
-
return @dp.readRB()
|
30
|
-
end
|
31
|
-
def writeWord (adr, data)
|
32
|
-
@dp.writeAP(@apsel, 0x04, adr)
|
33
|
-
@dp.writeAP(@apsel, 0x0C, data)
|
34
|
-
return @dp.readRB()
|
35
|
-
end
|
36
|
-
def readBlock ( adr, count)#1K boundaries and return 4K of data word alignement
|
37
|
-
if count < 1 then
|
38
|
-
raise "readBlock error : count must be >= 1"
|
39
|
-
end
|
40
|
-
if count > 1024 then
|
41
|
-
raise "readBlock error : count must be <= 1024 "
|
42
|
-
end
|
43
|
-
csw(1, 2) # 32-bit single-incrementing addressing
|
44
|
-
@dp.writeAP(@apsel, 0x04, adr)
|
45
|
-
vals = Array.new
|
46
|
-
@dp.readAP(@apsel, 0x0C) #For the first byte
|
47
|
-
vals.push(*@dp.getAPI.readBlockAP(count-1)) #Hardcoded function to increase speed of read block
|
48
|
-
return vals
|
49
|
-
end
|
50
|
-
|
51
|
-
# def writeBlockNonInc (adr, data)
|
52
|
-
# self.csw(0, 2) # 32-bit non-incrementing addressing
|
53
|
-
# for val in data
|
54
|
-
# @dp.writeAP(@apsel, 0x04, adr)
|
55
|
-
# @dp.writeAP(@apsel, 0x0C, val)
|
56
|
-
# end
|
57
|
-
# self.csw(1, 2) # 32-bit auto-incrementing addressing
|
58
|
-
# end
|
59
|
-
|
60
|
-
def writeBlock (adr, data) #1K boundaries
|
61
|
-
@dp.writeAP(@apsel, 0x04, adr)
|
62
|
-
puts "writeBlock #{adr.to_s(16)}"
|
63
|
-
|
64
|
-
@dp.getAPI.writeBlockAP(data)
|
65
|
-
# for i in (0..data.size-1).step(4)
|
66
|
-
# @dp.writeAP(@apsel, 0x0C, data[i].to_i + (data[i+1].to_i << 8) + (data[i+2].to_i << 16)+ (data[i+3].to_i << 24))
|
67
|
-
# end
|
68
|
-
end
|
69
|
-
|
70
|
-
def writeHalfs (adr, data)
|
71
|
-
self.csw(2, 1) # 16-bit packed-incrementing addressing
|
72
|
-
@dp.writeAP(@apsel, 0x04, adr)
|
73
|
-
for val in data
|
74
|
-
sleep(0.001)
|
75
|
-
@dp.writeAP(@apsel, 0x0C, val)
|
76
|
-
end
|
77
|
-
end
|
78
|
-
end
|