def connect_as_smartcard(vid, pid, rev, mode):
if mode == 1:
ver1 = 0
ver2 = 0
else:
ver1 = 1
ver2 = 4
# sp = connectserial()
fake_testcase = ["dummy", "", 0]
fd = Facedancer(sp, verbose=ver1)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, mode, fake_testcase, verbose=ver1)
if network_socket == True:
netserver(u, 2001).start()
u.server_running = True
input(
"Network socket listening on TCP port 2001 - Press Enter to continue with device emulation..."
)
d = USBSmartcardDevice(u, vid, pid, rev, verbose=ver2)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
def connect_as_mass_storage (vid, pid, rev, mode):
if mode == 1:
ver1 = 0
ver2 = 0
else:
ver1 = 1
ver2 = 4
# sp = connectserial()
fake_testcase = ["dummy","",0]
fd = Facedancer(sp, verbose=ver1)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, mode, fake_testcase, verbose=ver1)
if network_socket == True:
netserver(u, 2001).start()
u.server_running = True
input("Network socket listening on TCP port 2001 - Press Enter to continue with device emulation...")
try:
d = USBMassStorageDevice(u, vid, pid, rev, 8, 6, 80, "stick.img", verbose=ver2)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
except:
print ("Error: stick.img not found - please create a disk image using dd")
def connect_as_keyboard(vid, pid, rev, mode):
print("network socket={0}".format(network_socket))
if mode == 1:
ver1 = 0
ver2 = 0
else:
ver1 = 1
ver2 = 4
# sp = connectserial()
fake_testcase = ["dummy", "", 0]
fd = Facedancer(sp, verbose=ver1)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, mode, fake_testcase, verbose=ver1)
d = USBKeyboardDevice(u, vid, pid, rev, verbose=ver2)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
def open(self, dst=""):
if DEBUG:
verbose = 1
else:
verbose = 0
ns = {}
with open(self.filename) as f:
exec(compile(f.read(), self.filename, 'exec'), ns)
DD = ns["DD"]
success = False
if DEBUG:
print("setting up facedancer")
sys.__stdout__.flush()
while not success:
try:
self.sp = Serial(self.device,
115200,
parity=PARITY_NONE,
timeout=2)
self.fd = Facedancer(self.sp, verbose=verbose)
self.app = MAXUSBApp(self.fd, verbose=verbose)
self.d = dizzyUSBDevice(self.app, DD, verbose, self.data,
self.fuzz_dscr)
success = True
except:
time.sleep(0.1)
self.d.connect()
self.t = threading.Thread(target=self.run)
self.ep = None
self.opened = False
if not dst == "":
self.ep = int(dst)
self.t.start()
self.opened = True
if DEBUG:
print("Waiting for USB to setup...")
if self.fuzz_dscr == "":
time.sleep(2)
else:
times = self.timeout
while (not (self.d.dd_sent and self.d.cd_sent
and self.d.scr_recieved and False)) and times > 0:
if DEBUG:
sys.__stdout__.write(".")
sys.__stdout__.flush()
time.sleep(0.1)
times -= 1
if DEBUG:
sys.__stdout__.write("\n")
sys.__stdout__.flush()
if times <= 0 and DEBUG:
print("timeout reached, canceled!")
#raise
return
if DEBUG:
print("USB setup complete.")
def execute_fuzz_testcase (device_class, device_subclass, device_proto, current_testcase, serialnum):
# sp = connectserial()
mode = 3
if device_class == 8:
mode = 4 # Hack to get the Mass storage device to stop for each fuzz case
fd = Facedancer(sp, verbose=0)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, mode, current_testcase, verbose=0)
if device_class == 1:
d = USBAudioDevice(u, device_vid, device_pid, device_rev, verbose=0)
elif device_class == 2:
d = USBCDCDevice(u, device_vid, device_pid, device_rev, verbose=0)
elif device_class == 3:
d = USBKeyboardDevice(u, device_vid, device_pid, device_rev, verbose=0)
elif device_class == 6:
d = USBImageDevice(u, device_vid, device_pid, device_rev, device_class, device_subclass, device_proto, "ncc_group_logo.jpg", verbose=0)
elif device_class == 7:
d = USBPrinterDevice(u, device_vid, device_pid, device_rev, device_class, device_subclass, device_proto, verbose=0)
elif device_class == 8:
try:
d = USBMassStorageDevice(u, device_vid, device_pid, device_rev, device_class, device_subclass, device_proto, "stick.img", verbose=0)
except:
print ("Error: stick.img not found - please create a disk image using dd")
elif device_class == 9:
d = USBHubDevice(u, device_vid, device_pid, device_rev, verbose=0)
elif device_class == 10:
d = USBCDCDevice(u, device_vid, device_pid, device_rev, verbose=0)
elif device_class == 11:
d = USBSmartcardDevice(u, device_vid, device_pid, device_rev, verbose=0)
elif device_class == 14:
d = USBImageDevice(u, device_vid, device_pid, device_rev, 0xe, 1, 0, "ncc_group_logo.jpg", verbose=0) #HACK
try:
d.connect()
except:
pass
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
time.sleep(int(enumeration_delay))
def connect_as_hub (vid, pid, rev, mode):
if mode == 1:
ver1 = 0
ver2 = 0
else:
ver1 = 1
ver2 = 4
# sp = connectserial()
fake_testcase = ["dummy","",0]
fd = Facedancer(sp, verbose=ver1)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, mode, fake_testcase, verbose=ver1)
d = USBHubDevice(u, vid, pid, rev, verbose=ver2)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
except:
pid = 0x2222
try:
print(rev)
except:
rev = 0x3333
# --- Attempt fingerprint ---
# sp = connectserial()
fake_testcase = ["dummy", "", 0]
fd = Facedancer(sp, verbose=0)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, 3, fake_testcase, verbose=0)
d = USBPrinterDevice(u, vid, pid, rev, 7, 1, 2, verbose=0)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
# --- Try to match fingerprint responses ---
matchedfingerprints = []
for fingerprint in fingerprints:
# --- Perform each match in the fingerprint ---
numfpmatched = 0
#!/usr/bin/env python3
#
# facedancer-keyboard.py
from Facedancer import *
from MAXUSBApp import *
from USBMouse import *
sp = GoodFETSerialPort()
fd = Facedancer(sp, verbose=1)
u = MAXUSBApp(fd, verbose=1)
d = USBMouseDevice(u, verbose=4)
d.connect()
try:
d.run()
# SIGINT raises KeyboardInterrupt
except KeyboardInterrupt:
d.disconnect()
