hardsploit_gui 2.3 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +22 -22
  3. data/Rakefile +1 -1
  4. data/bin/hardsploit_gui +3 -3
  5. data/lib/Firmwares/FPGA/I2C/I2C_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_I2C_INTERACT.rpd +0 -0
  6. data/lib/Firmwares/FPGA/PARALLEL/NO_MUX_PARALLEL_MEMORY/HARDSPLOIT_FIRMWARE_FPGA_NO_MUX_PARALLEL_MEMORY.rpd +0 -0
  7. data/lib/Firmwares/FPGA/SPI/SPI_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SPI_INTERACT.rpd +0 -0
  8. data/lib/Firmwares/FPGA/SPI/SPI_SNIFFER/HARDSPLOIT_FIRMWARE_FPGA_SPI_SNIFFER.rpd +0 -0
  9. data/lib/Firmwares/FPGA/SWD/SWD_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_SWD_INTERACT.rpd +0 -0
  10. data/lib/Firmwares/FPGA/UART/UART_INTERACT/HARDSPLOIT_FIRMWARE_FPGA_UART_INTERACT.rpd +0 -0
  11. data/lib/Firmwares/FPGA/VersionFPGA.rb +5 -5
  12. data/lib/Firmwares/UC/VersionUC.rb +12 -12
  13. data/lib/HardsploitAPI/Core/HardsploitAPI.rb +210 -210
  14. data/lib/HardsploitAPI/Core/HardsploitAPI_CONSTANT.rb +150 -150
  15. data/lib/HardsploitAPI/Core/HardsploitAPI_ERROR.rb +109 -109
  16. data/lib/HardsploitAPI/Core/HardsploitAPI_FIRMWARE.rb +305 -305
  17. data/lib/HardsploitAPI/Core/HardsploitAPI_PROGRESS.rb +28 -28
  18. data/lib/HardsploitAPI/Core/HardsploitAPI_USB_COMMUNICATION.rb +166 -166
  19. data/lib/HardsploitAPI/Modules/I2C/HardsploitAPI_I2C.rb +356 -356
  20. data/lib/HardsploitAPI/Modules/NO_MUX_PARALLEL_MEMORY/HardsploitAPI_NO_MUX_PARALLEL_MEMORY.rb +206 -206
  21. data/lib/HardsploitAPI/Modules/NRF24L01/HardsploitAPI_NRF24L01.rb +306 -306
  22. data/lib/HardsploitAPI/Modules/SPI/HardsploitAPI_SPI.rb +340 -340
  23. data/lib/HardsploitAPI/Modules/SPI_SNIFFER/HardsploitAPI_SPI_SNIFFER.rb +83 -83
  24. data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD.rb +367 -367
  25. data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD_DEBUG.rb +89 -89
  26. data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD_MEM_AP.rb +61 -61
  27. data/lib/HardsploitAPI/Modules/SWD/HardsploitAPI_SWD_STM32.rb +121 -121
  28. data/lib/HardsploitAPI/Modules/TEST/HardsploitAPI_TEST_INTERACT.rb +98 -98
  29. data/lib/HardsploitAPI/Modules/UART/HardsploitAPI_UART.rb +196 -196
  30. data/lib/Hardsploit_gui.rb +96 -96
  31. data/lib/LICENSE.txt +674 -674
  32. data/lib/README.md +22 -22
  33. data/lib/TRADEMARK +2 -2
  34. data/lib/class/Chip_editor.rb +304 -304
  35. data/lib/class/Chip_management.rb +496 -496
  36. data/lib/class/Command_editor.rb +216 -216
  37. data/lib/class/Command_table.rb +233 -233
  38. data/lib/class/Console.rb +26 -26
  39. data/lib/class/ErrorMsg.rb +312 -312
  40. data/lib/class/Export.rb +140 -140
  41. data/lib/class/Export_manager.rb +124 -124
  42. data/lib/class/Firmware.rb +70 -70
  43. data/lib/class/Generic_commands.rb +260 -260
  44. data/lib/class/{i2c → I2C}/I2c_command.rb +51 -51
  45. data/lib/class/{i2c → I2C}/I2c_export.rb +95 -95
  46. data/lib/class/{i2c → I2C}/I2c_import.rb +117 -117
  47. data/lib/class/{i2c → I2C}/I2c_scanner.rb +114 -114
  48. data/lib/class/{i2c → I2C}/I2c_settings.rb +148 -148
  49. data/lib/class/Import.rb +193 -193
  50. data/lib/class/{parallel → PARALLEL}/Parallel_export.rb +118 -118
  51. data/lib/class/{parallel → PARALLEL}/Parallel_import.rb +113 -113
  52. data/lib/class/{parallel → PARALLEL}/Parallel_settings.rb +81 -81
  53. data/lib/class/Progress_bar.rb +32 -32
  54. data/lib/class/{spi → SPI}/Spi_export.rb +108 -108
  55. data/lib/class/{spi → SPI}/Spi_import.rb +159 -159
  56. data/lib/class/{spi → SPI}/Spi_settings.rb +108 -108
  57. data/lib/class/{spi → SPI}/Spi_sniffer.rb +101 -101
  58. data/lib/class/Signal_mapper.rb +120 -120
  59. data/lib/class/Wire_helper.rb +230 -230
  60. data/lib/class/swd/Swd.rb +125 -125
  61. data/lib/class/swd/Swd_scanner.rb +121 -121
  62. data/lib/class/swd/Swd_settings.rb +76 -76
  63. data/lib/class/uart/Uart_baudrate.rb +62 -62
  64. data/lib/class/uart/Uart_console.rb +115 -115
  65. data/lib/class/uart/Uart_settings.rb +102 -102
  66. data/lib/db/associations.rb +138 -138
  67. data/lib/db/database.rb +4 -4
  68. data/lib/db/development.sqlite3 +0 -0
  69. data/lib/db/migrate/004_create_manufacturers.rb +13 -13
  70. data/lib/db/migrate/005_create_packages.rb +13 -13
  71. data/lib/db/migrate/006_create_chip_types.rb +11 -11
  72. data/lib/db/migrate/007_create_buses.rb +11 -11
  73. data/lib/db/migrate/008_create_signals.rb +14 -14
  74. data/lib/db/migrate/009_create_chips.rb +25 -25
  75. data/lib/db/migrate/010_create_commands.rb +21 -21
  76. data/lib/db/migrate/011_create_bytes.rb +19 -19
  77. data/lib/db/migrate/012_create_i2c_settings.rb +21 -21
  78. data/lib/db/migrate/013_create_spi_settings.rb +26 -26
  79. data/lib/db/migrate/014_create_parallel_settings.rb +21 -21
  80. data/lib/db/migrate/015_create_pins.rb +19 -19
  81. data/lib/db/migrate/016_create_uses.rb +17 -17
  82. data/lib/db/migrate/017_create_swd_settings.rb +19 -19
  83. data/lib/db/migrate/018_create_uart_settings.rb +22 -22
  84. data/lib/db/schema.rb +157 -157
  85. data/lib/db/seeds.rb +161 -161
  86. data/lib/gui/gui_chip_editor.rb +349 -349
  87. data/lib/gui/gui_chip_management.rb +377 -377
  88. data/lib/gui/gui_command_editor.rb +219 -219
  89. data/lib/gui/gui_export.rb +132 -132
  90. data/lib/gui/gui_export_manager.rb +93 -93
  91. data/lib/gui/gui_generic_commands.rb +202 -202
  92. data/lib/gui/gui_generic_export.rb +164 -164
  93. data/lib/gui/gui_generic_import.rb +142 -142
  94. data/lib/gui/gui_i2c_command.rb +116 -116
  95. data/lib/gui/gui_i2c_settings.rb +230 -230
  96. data/lib/gui/gui_import.rb +131 -131
  97. data/lib/gui/gui_parallel_settings.rb +195 -195
  98. data/lib/gui/gui_progress_bar.rb +85 -85
  99. data/lib/gui/gui_signal_mapper.rb +121 -121
  100. data/lib/gui/gui_signal_scanner.rb +146 -146
  101. data/lib/gui/gui_spi_import.rb +126 -126
  102. data/lib/gui/gui_spi_settings.rb +313 -313
  103. data/lib/gui/gui_spi_sniffer.rb +112 -112
  104. data/lib/gui/gui_swd_settings.rb +166 -166
  105. data/lib/gui/gui_uart_baudrate.rb +114 -114
  106. data/lib/gui/gui_uart_console.rb +164 -164
  107. data/lib/gui/gui_uart_settings.rb +243 -243
  108. data/lib/gui/gui_wire_helper.rb +99 -99
  109. data/lib/gui_designer/gui_chip_editor.ui +549 -549
  110. data/lib/gui_designer/gui_chip_management.ui +886 -886
  111. data/lib/gui_designer/gui_command_editor.ui +350 -350
  112. data/lib/gui_designer/gui_export.ui +171 -171
  113. data/lib/gui_designer/gui_export_manager.ui +115 -115
  114. data/lib/gui_designer/gui_generic_commands.ui +342 -342
  115. data/lib/gui_designer/gui_generic_export.ui +202 -202
  116. data/lib/gui_designer/gui_generic_import.ui +165 -165
  117. data/lib/gui_designer/gui_i2c_command.ui +148 -148
  118. data/lib/gui_designer/gui_i2c_settings.ui +292 -292
  119. data/lib/gui_designer/gui_import.ui +168 -168
  120. data/lib/gui_designer/gui_parallel_settings.ui +247 -247
  121. data/lib/gui_designer/gui_progress_bar.ui +86 -86
  122. data/lib/gui_designer/gui_signal_mapper.ui +179 -179
  123. data/lib/gui_designer/gui_signal_scanner.ui +261 -261
  124. data/lib/gui_designer/gui_spi_settings.ui +446 -446
  125. data/lib/gui_designer/gui_spi_sniffer.ui +156 -156
  126. data/lib/gui_designer/gui_swd_settings.ui +189 -189
  127. data/lib/gui_designer/gui_uart_baudrate.ui +161 -161
  128. data/lib/gui_designer/gui_uart_console.ui +284 -284
  129. data/lib/gui_designer/gui_uart_settings.ui +280 -280
  130. data/lib/gui_designer/gui_wire_helper.ui +117 -117
  131. data/lib/images/search.png +0 -0
  132. data/lib/logs/error.log +0 -63
  133. data/lib/models/bus.rb +19 -19
  134. data/lib/models/byte.rb +29 -29
  135. data/lib/models/chip.rb +41 -41
  136. data/lib/models/chip_type.rb +14 -14
  137. data/lib/models/command.rb +20 -20
  138. data/lib/models/i2c_setting.rb +41 -41
  139. data/lib/models/manufacturer.rb +14 -14
  140. data/lib/models/package.rb +26 -26
  141. data/lib/models/parallel_setting.rb +37 -37
  142. data/lib/models/pin.rb +14 -14
  143. data/lib/models/signall.rb +20 -20
  144. data/lib/models/spi_setting.rb +67 -67
  145. data/lib/models/swd_setting.rb +25 -25
  146. data/lib/models/uart_setting.rb +52 -52
  147. data/lib/models/use.rb +6 -6
  148. data/lib/startHardsploit.rb +10 -10
  149. metadata +14 -14
@@ -1,89 +1,89 @@
1
- #!/usr/bin/ruby
2
- #===================================================
3
- # Hardsploit API - By Opale Security
4
- # www.opale-security.com || www.hardsploit.io
5
- # License: GNU General Public License v3
6
- # License URI: http://www.gnu.org/licenses/gpl.txt
7
- #===================================================
8
- class SWD_DEBUG_PORT
9
-
10
- def initialize(swdAPI)
11
- @swdAPI = swdAPI
12
- sleep(0.5)
13
- @swdAPI.resetSWD
14
-
15
- @curAP = -1
16
- @curBank = -1
17
- abort(1,1,1,1,1)
18
- select(0,0)
19
-
20
- # power shit up
21
- HardsploitAPI.instance.consoleInfo "Power shit up"
22
-
23
- @swdAPI.writeSWD(FALSE, 1, 0x54000000)
24
- if (status() >> 24) != 0xF4 then
25
- raise "error powering up system"
26
- exit(0)
27
- else
28
- HardsploitAPI.instance.consoleInfo "POWERING UP SYTEM OK"
29
- end
30
- end
31
-
32
- def getAPI
33
- return @swdAPI
34
- end
35
-
36
- def idcode
37
- return @swdAPI.readSWD(FALSE, 0)
38
- end
39
-
40
- def abort (orunerr, wdataerr, stickyerr, stickycmp, dap)
41
- value = 0x00000000
42
- (orunerr ? value |= 0x10 : value |= 0x00)
43
- (wdataerr ? value |= 0x08 : value |= 0x00)
44
- (stickyerr ? value |= 0x04 : value |= 0x00)
45
- (stickycmp ? value |= 0x02 : value |= 0x00)
46
- (dap ? value |= 0x01 : value |= 0x00)
47
- @swdAPI.writeSWD(FALSE, 0, value)
48
- end
49
-
50
- def status
51
- val= @swdAPI.readSWD(FALSE,1)
52
- return val
53
- end
54
-
55
- def control (trnCount = 0, trnMode = 0, maskLane = 0, orunDetect = 0)
56
- value = 0x54000000
57
- value = value | ((trnCount & 0xFFF) << 12)
58
- value = value | ((maskLane & 0x00F) << 8)
59
- value = value | ((trnMode & 0x003) << 2)
60
- (orunDetect ? value |= 0x01 : value |= 0x00)
61
- @swdAPI.writeSWD(False, 1, value)
62
- end
63
-
64
- def select (apsel, apbank)
65
- if apsel != @curAP or apbank != @curBank then
66
- @curAP = apsel
67
- @curBank = apbank
68
- value = 0 | ((apsel & 0xFF) << 24) | ((apbank & 0x0F) << 4)
69
- @swdAPI.writeSWD(FALSE, 2, value)
70
- end
71
- end
72
-
73
- def readRB
74
- return @swdAPI.readSWD(FALSE, 3)
75
- end
76
- def readAP ( apsel, address)
77
- adrBank = (address >> 4) & 0xF
78
- adrReg = (address >> 2) & 0x3
79
- select(apsel, adrBank)
80
- return @swdAPI.readSWD(TRUE, adrReg)
81
- end
82
-
83
- def writeAP (apsel, address, data)
84
- adrBank = (address >> 4) & 0xF
85
- adrReg = (address >> 2) & 0x3
86
- select(apsel, adrBank)
87
- @swdAPI.writeSWD(TRUE, adrReg, data)
88
- end
89
- end
1
+ #!/usr/bin/ruby
2
+ #===================================================
3
+ # Hardsploit API - By Opale Security
4
+ # www.opale-security.com || www.hardsploit.io
5
+ # License: GNU General Public License v3
6
+ # License URI: http://www.gnu.org/licenses/gpl.txt
7
+ #===================================================
8
+ class SWD_DEBUG_PORT
9
+
10
+ def initialize(swdAPI)
11
+ @swdAPI = swdAPI
12
+ sleep(0.5)
13
+ @swdAPI.resetSWD
14
+
15
+ @curAP = -1
16
+ @curBank = -1
17
+ abort(1,1,1,1,1)
18
+ select(0,0)
19
+
20
+ # power shit up
21
+ HardsploitAPI.instance.consoleInfo "Power shit up"
22
+
23
+ @swdAPI.writeSWD(FALSE, 1, 0x54000000)
24
+ if (status() >> 24) != 0xF4 then
25
+ raise "error powering up system"
26
+ exit(0)
27
+ else
28
+ HardsploitAPI.instance.consoleInfo "POWERING UP SYTEM OK"
29
+ end
30
+ end
31
+
32
+ def getAPI
33
+ return @swdAPI
34
+ end
35
+
36
+ def idcode
37
+ return @swdAPI.readSWD(FALSE, 0)
38
+ end
39
+
40
+ def abort (orunerr, wdataerr, stickyerr, stickycmp, dap)
41
+ value = 0x00000000
42
+ (orunerr ? value |= 0x10 : value |= 0x00)
43
+ (wdataerr ? value |= 0x08 : value |= 0x00)
44
+ (stickyerr ? value |= 0x04 : value |= 0x00)
45
+ (stickycmp ? value |= 0x02 : value |= 0x00)
46
+ (dap ? value |= 0x01 : value |= 0x00)
47
+ @swdAPI.writeSWD(FALSE, 0, value)
48
+ end
49
+
50
+ def status
51
+ val= @swdAPI.readSWD(FALSE,1)
52
+ return val
53
+ end
54
+
55
+ def control (trnCount = 0, trnMode = 0, maskLane = 0, orunDetect = 0)
56
+ value = 0x54000000
57
+ value = value | ((trnCount & 0xFFF) << 12)
58
+ value = value | ((maskLane & 0x00F) << 8)
59
+ value = value | ((trnMode & 0x003) << 2)
60
+ (orunDetect ? value |= 0x01 : value |= 0x00)
61
+ @swdAPI.writeSWD(False, 1, value)
62
+ end
63
+
64
+ def select (apsel, apbank)
65
+ if apsel != @curAP or apbank != @curBank then
66
+ @curAP = apsel
67
+ @curBank = apbank
68
+ value = 0 | ((apsel & 0xFF) << 24) | ((apbank & 0x0F) << 4)
69
+ @swdAPI.writeSWD(FALSE, 2, value)
70
+ end
71
+ end
72
+
73
+ def readRB
74
+ return @swdAPI.readSWD(FALSE, 3)
75
+ end
76
+ def readAP ( apsel, address)
77
+ adrBank = (address >> 4) & 0xF
78
+ adrReg = (address >> 2) & 0x3
79
+ select(apsel, adrBank)
80
+ return @swdAPI.readSWD(TRUE, adrReg)
81
+ end
82
+
83
+ def writeAP (apsel, address, data)
84
+ adrBank = (address >> 4) & 0xF
85
+ adrReg = (address >> 2) & 0x3
86
+ select(apsel, adrBank)
87
+ @swdAPI.writeSWD(TRUE, adrReg, data)
88
+ end
89
+ end
@@ -1,61 +1,61 @@
1
- #!/usr/bin/ruby
2
- #===================================================
3
- # Hardsploit API - By Opale Security
4
- # www.opale-security.com || www.hardsploit.io
5
- # License: GNU General Public License v3
6
- # License URI: http://www.gnu.org/licenses/gpl.txt
7
- #===================================================
8
-
9
- class SWD_MEM_AP
10
-
11
- def initialize( dp, apsel)
12
- @dp = dp
13
- @apsel = apsel
14
- csw(1,2) # 32-bit auto-incrementing addressing
15
- end
16
-
17
- def csw ( addrInc, size)
18
- @dp.readAP(@apsel, 0x00)
19
- val = @dp.readRB() & 0xFFFFFF00
20
- @dp.writeAP(@apsel, 0x00, val + (addrInc << 4) + size)
21
- end
22
-
23
- def idcode
24
- @dp.readAP(@apsel, 0xFC)
25
- id = @dp.readRB()
26
- @dp.select(0,0)
27
- return id
28
- end
29
-
30
- def readWord (addr)
31
- @dp.writeAP(@apsel, 0x04, addr)
32
- @dp.readAP(@apsel, 0x0C)
33
- return @dp.readRB()
34
- end
35
-
36
- def writeWord (addr, data)
37
- @dp.writeAP(@apsel, 0x04, addr)
38
- @dp.writeAP(@apsel, 0x0C, data)
39
- return @dp.readRB()
40
- end
41
-
42
- def readBlock ( address, size)#1K boundaries and return 4K of data word alignement
43
- if size < 1 then
44
- raise "readBlock error : count must be >= 1"
45
- end
46
- if size > 1024 then
47
- raise "readBlock error : size must be <= 1024 "
48
- end
49
- return @dp.getAPI.read_mem32(address,size)
50
- end
51
-
52
- def writeBlock (address,data) #1K boundaries
53
- if data.length < 1 then
54
- raise "readBlock error : count must be >= 1"
55
- end
56
- if data.length > 1024 then
57
- raise "readBlock error : size must be <= 1024 "
58
- end
59
- @dp.getAPI.write_mem16Packed(address,data)
60
- end
61
- end
1
+ #!/usr/bin/ruby
2
+ #===================================================
3
+ # Hardsploit API - By Opale Security
4
+ # www.opale-security.com || www.hardsploit.io
5
+ # License: GNU General Public License v3
6
+ # License URI: http://www.gnu.org/licenses/gpl.txt
7
+ #===================================================
8
+
9
+ class SWD_MEM_AP
10
+
11
+ def initialize( dp, apsel)
12
+ @dp = dp
13
+ @apsel = apsel
14
+ csw(1,2) # 32-bit auto-incrementing addressing
15
+ end
16
+
17
+ def csw ( addrInc, size)
18
+ @dp.readAP(@apsel, 0x00)
19
+ val = @dp.readRB() & 0xFFFFFF00
20
+ @dp.writeAP(@apsel, 0x00, val + (addrInc << 4) + size)
21
+ end
22
+
23
+ def idcode
24
+ @dp.readAP(@apsel, 0xFC)
25
+ id = @dp.readRB()
26
+ @dp.select(0,0)
27
+ return id
28
+ end
29
+
30
+ def readWord (addr)
31
+ @dp.writeAP(@apsel, 0x04, addr)
32
+ @dp.readAP(@apsel, 0x0C)
33
+ return @dp.readRB()
34
+ end
35
+
36
+ def writeWord (addr, data)
37
+ @dp.writeAP(@apsel, 0x04, addr)
38
+ @dp.writeAP(@apsel, 0x0C, data)
39
+ return @dp.readRB()
40
+ end
41
+
42
+ def readBlock ( address, size)#1K boundaries and return 4K of data word alignement
43
+ if size < 1 then
44
+ raise "readBlock error : count must be >= 1"
45
+ end
46
+ if size > 1024 then
47
+ raise "readBlock error : size must be <= 1024 "
48
+ end
49
+ return @dp.getAPI.read_mem32(address,size)
50
+ end
51
+
52
+ def writeBlock (address,data) #1K boundaries
53
+ if data.length < 1 then
54
+ raise "readBlock error : count must be >= 1"
55
+ end
56
+ if data.length > 1024 then
57
+ raise "readBlock error : size must be <= 1024 "
58
+ end
59
+ @dp.getAPI.write_mem16Packed(address,data)
60
+ end
61
+ end
@@ -1,121 +1,121 @@
1
- #!/usr/bin/ruby
2
- #===================================================
3
- # Hardsploit API - By Opale Security
4
- # www.opale-security.com || www.hardsploit.io
5
- # License: GNU General Public License v3
6
- # License URI: http://www.gnu.org/licenses/gpl.txt
7
- #===================================================
8
-
9
- require_relative 'HardsploitAPI_SWD_MEM_AP'
10
-
11
- class SWD_STM32
12
- attr_accessor :ahb
13
-
14
- def initialize(debugPort)
15
- @ahb = SWD_MEM_AP.new(debugPort, 0)
16
- @debugPort = debugPort
17
- end
18
-
19
- def halt
20
- # halt the processor core
21
- @ahb.writeWord(0xE000EDF0, 0xA05F0003)
22
- end
23
- def unhalt
24
- # unhalt the processor core
25
- @ahb.writeWord(0xE000EDF0, 0xA05F0000)
26
- end
27
- def sysReset
28
- # restart the processor and peripherals
29
- @ahb.writeWord(0xE000ED0C, 0x05FA0004)
30
- end
31
-
32
- def flashRead(address,size)
33
- data = Array.new
34
- # Read a word of 32bits (4 Bytes in same time)
35
- size = size / 4
36
- #Chunk to 1k block for SWD
37
- # ARM_debug_interface_v5 Automatic address increment is only guaranteed to operate on the bottom 10-bits of the
38
- # address held in the TAR. Auto address incrementing of bit [10] and beyond is
39
- # IMPLEMENTATION DEFINED. This means that auto address incrementing at a 1KB boundary
40
- # is IMPLEMENTATION DEFINED
41
-
42
- #But for hardsploit max 8192 so chuck to 1k due to swd limitation
43
-
44
- packet_size = 1024
45
- number_complet_packet = (size / packet_size).floor
46
- size_last_packet = size % packet_size
47
- startTime = Time.now
48
- #number_complet_packet
49
- for i in 0..number_complet_packet - 1 do
50
- data.push(*self.ahb.readBlock(i * 4 * packet_size + address, packet_size))
51
- #puts "Read #{packet_size} KB : #{i}"
52
- HardsploitAPI.instance.consoleProgress(
53
- percent: 100 * (i + 1) / (number_complet_packet + (size_last_packet.zero? ? 0 : 1)),
54
- startTime: startTime,
55
- endTime: Time.new
56
- )
57
- end
58
- #Last partial packet
59
- if size_last_packet > 0 then
60
- data.push(*self.ahb.readBlock(number_complet_packet*4*packet_size+address,size_last_packet))
61
- #puts "Read last packet : #{size_last_packet} packet of 4 bytes"
62
- HardsploitAPI.instance.consoleProgress(
63
- percent: 100,
64
- startTime: startTime,
65
- endTime: Time.new
66
- )
67
- end
68
- return data
69
- end
70
-
71
- def flashWrite(address,data)
72
- #Chunk to 1k block for SWD
73
- packet_size = 1024 #1024
74
- number_complet_packet = (data.size/packet_size).floor
75
- size_last_packet = data.size % packet_size
76
- startTime = Time.now
77
- #ahb.csw(2, 1) # 16-bit packed incrementing addressing
78
- #number_complet_packet
79
- for i in 0..number_complet_packet-1 do
80
- self.ahb.writeBlock(address+i*packet_size,data[i*packet_size..i*packet_size-1+packet_size])
81
- #puts "Write #{packet_size} KB : #{i}"
82
- HardsploitAPI.instance.consoleProgress(
83
- percent: 100 * (i + 1) / (number_complet_packet + (size_last_packet.zero? ? 0 : 1)),
84
- startTime: startTime,
85
- endTime:Time.new
86
- )
87
- end
88
- #Last partial packet
89
- if size_last_packet > 0 then
90
- self.ahb.writeBlock(address+number_complet_packet*packet_size,data[number_complet_packet*packet_size..number_complet_packet*packet_size+size_last_packet])
91
- #puts "Write last packet : #{size_last_packet} packet"
92
- HardsploitAPI.instance.consoleProgress(percent:100,startTime:startTime,endTime:Time.new)
93
- end
94
- ahb.csw(1, 2) # set to default 32-bit incrementing addressing
95
- end
96
-
97
- def flashUnlock
98
- # unlock main flash
99
- @ahb.writeWord(0x40022004, 0x45670123)
100
- @ahb.writeWord(0x40022004, 0xCDEF89AB)
101
- end
102
- def flashErase
103
- HardsploitAPI.instance.consoleInfo "Flash unlock"
104
- flashUnlock
105
- # start the mass erase
106
- @ahb.writeWord(0x40022010, 0x00000204)
107
- @ahb.writeWord(0x40022010, 0x00000244)
108
- # check the BSY flag
109
- while (@ahb.readWord(0x4002200C) & 1) == 1
110
- HardsploitAPI.instance.consoleInfo "waiting for erase completion..."
111
- end
112
- @ahb.writeWord(0x40022010, 0x00000200)
113
- HardsploitAPI.instance.consoleInfo "Finish unlock flash"
114
- end
115
- def flashProgram
116
- @ahb.writeWord(0x40022010, 0x00000201)
117
- end
118
- def flashProgramEnd
119
- @ahb.writeWord(0x40022010, 0x00000200)
120
- end
121
- end
1
+ #!/usr/bin/ruby
2
+ #===================================================
3
+ # Hardsploit API - By Opale Security
4
+ # www.opale-security.com || www.hardsploit.io
5
+ # License: GNU General Public License v3
6
+ # License URI: http://www.gnu.org/licenses/gpl.txt
7
+ #===================================================
8
+
9
+ require_relative 'HardsploitAPI_SWD_MEM_AP'
10
+
11
+ class SWD_STM32
12
+ attr_accessor :ahb
13
+
14
+ def initialize(debugPort)
15
+ @ahb = SWD_MEM_AP.new(debugPort, 0)
16
+ @debugPort = debugPort
17
+ end
18
+
19
+ def halt
20
+ # halt the processor core
21
+ @ahb.writeWord(0xE000EDF0, 0xA05F0003)
22
+ end
23
+ def unhalt
24
+ # unhalt the processor core
25
+ @ahb.writeWord(0xE000EDF0, 0xA05F0000)
26
+ end
27
+ def sysReset
28
+ # restart the processor and peripherals
29
+ @ahb.writeWord(0xE000ED0C, 0x05FA0004)
30
+ end
31
+
32
+ def flashRead(address,size)
33
+ data = Array.new
34
+ # Read a word of 32bits (4 Bytes in same time)
35
+ size = size / 4
36
+ #Chunk to 1k block for SWD
37
+ # ARM_debug_interface_v5 Automatic address increment is only guaranteed to operate on the bottom 10-bits of the
38
+ # address held in the TAR. Auto address incrementing of bit [10] and beyond is
39
+ # IMPLEMENTATION DEFINED. This means that auto address incrementing at a 1KB boundary
40
+ # is IMPLEMENTATION DEFINED
41
+
42
+ #But for hardsploit max 8192 so chuck to 1k due to swd limitation
43
+
44
+ packet_size = 1024
45
+ number_complet_packet = (size / packet_size).floor
46
+ size_last_packet = size % packet_size
47
+ startTime = Time.now
48
+ #number_complet_packet
49
+ for i in 0..number_complet_packet - 1 do
50
+ data.push(*self.ahb.readBlock(i * 4 * packet_size + address, packet_size))
51
+ #puts "Read #{packet_size} KB : #{i}"
52
+ HardsploitAPI.instance.consoleProgress(
53
+ percent: 100 * (i + 1) / (number_complet_packet + (size_last_packet.zero? ? 0 : 1)),
54
+ startTime: startTime,
55
+ endTime: Time.new
56
+ )
57
+ end
58
+ #Last partial packet
59
+ if size_last_packet > 0 then
60
+ data.push(*self.ahb.readBlock(number_complet_packet*4*packet_size+address,size_last_packet))
61
+ #puts "Read last packet : #{size_last_packet} packet of 4 bytes"
62
+ HardsploitAPI.instance.consoleProgress(
63
+ percent: 100,
64
+ startTime: startTime,
65
+ endTime: Time.new
66
+ )
67
+ end
68
+ return data
69
+ end
70
+
71
+ def flashWrite(address,data)
72
+ #Chunk to 1k block for SWD
73
+ packet_size = 1024 #1024
74
+ number_complet_packet = (data.size/packet_size).floor
75
+ size_last_packet = data.size % packet_size
76
+ startTime = Time.now
77
+ #ahb.csw(2, 1) # 16-bit packed incrementing addressing
78
+ #number_complet_packet
79
+ for i in 0..number_complet_packet-1 do
80
+ self.ahb.writeBlock(address+i*packet_size,data[i*packet_size..i*packet_size-1+packet_size])
81
+ #puts "Write #{packet_size} KB : #{i}"
82
+ HardsploitAPI.instance.consoleProgress(
83
+ percent: 100 * (i + 1) / (number_complet_packet + (size_last_packet.zero? ? 0 : 1)),
84
+ startTime: startTime,
85
+ endTime:Time.new
86
+ )
87
+ end
88
+ #Last partial packet
89
+ if size_last_packet > 0 then
90
+ self.ahb.writeBlock(address+number_complet_packet*packet_size,data[number_complet_packet*packet_size..number_complet_packet*packet_size+size_last_packet])
91
+ #puts "Write last packet : #{size_last_packet} packet"
92
+ HardsploitAPI.instance.consoleProgress(percent:100,startTime:startTime,endTime:Time.new)
93
+ end
94
+ ahb.csw(1, 2) # set to default 32-bit incrementing addressing
95
+ end
96
+
97
+ def flashUnlock
98
+ # unlock main flash
99
+ @ahb.writeWord(0x40022004, 0x45670123)
100
+ @ahb.writeWord(0x40022004, 0xCDEF89AB)
101
+ end
102
+ def flashErase
103
+ HardsploitAPI.instance.consoleInfo "Flash unlock"
104
+ flashUnlock
105
+ # start the mass erase
106
+ @ahb.writeWord(0x40022010, 0x00000204)
107
+ @ahb.writeWord(0x40022010, 0x00000244)
108
+ # check the BSY flag
109
+ while (@ahb.readWord(0x4002200C) & 1) == 1
110
+ HardsploitAPI.instance.consoleInfo "waiting for erase completion..."
111
+ end
112
+ @ahb.writeWord(0x40022010, 0x00000200)
113
+ HardsploitAPI.instance.consoleInfo "Finish unlock flash"
114
+ end
115
+ def flashProgram
116
+ @ahb.writeWord(0x40022010, 0x00000201)
117
+ end
118
+ def flashProgramEnd
119
+ @ahb.writeWord(0x40022010, 0x00000200)
120
+ end
121
+ end