def connect_as_mass_storage (vid, pid, rev, mode):
if mode == 1:
ver1 = 0
ver2 = 0
else:
ver1 = 1
ver2 = 4
# sp = connectserial()
fake_testcase = ["dummy","",0]
fd = Facedancer(sp, verbose=ver1)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, mode, fake_testcase, verbose=ver1)
if network_socket == True:
netserver(u, 2001).start()
u.server_running = True
input("Network socket listening on TCP port 2001 - Press Enter to continue with device emulation...")
try:
d = USBMassStorageDevice(u, vid, pid, rev, 8, 6, 80, "stick.img", verbose=ver2)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
except:
print ("Error: stick.img not found - please create a disk image using dd")
def connect_as_smartcard (vid, pid, rev, mode):
if mode == 1:
ver1 = 0
ver2 = 0
else:
ver1 = 1
ver2 = 4
# sp = connectserial()
fake_testcase = ["dummy","",0]
fd = Facedancer(sp, verbose=ver1)
logfp = 0
if options.log:
logfp = fplog
u = MAXUSBApp(fd, logfp, mode, fake_testcase, verbose=ver1)
if network_socket == True:
netserver(u, 2001).start()
u.server_running = True
input("Network socket listening on TCP port 2001 - Press Enter to continue with device emulation...")
d = USBSmartcardDevice(u, vid, pid, rev, verbose=ver2)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()
if options.log:
fplog.close()
def open(self, dst=""):
if DEBUG:
verbose = 1
else:
verbose = 0
ns = {}
with open(self.filename) as f:
exec(compile(f.read(), self.filename, 'exec'), ns)
DD = ns["DD"]
success = False
if DEBUG:
print("setting up facedancer")
sys.__stdout__.flush()
while not success:
try:
self.sp = Serial(self.device, 115200, parity=PARITY_NONE, timeout=2)
self.fd = Facedancer(self.sp, verbose=verbose)
self.app = MAXUSBApp(self.fd, verbose=verbose)
self.d = dizzyUSBDevice(self.app, DD, verbose, self.data, self.fuzz_dscr)
success = True
except:
time.sleep(0.1)
self.d.connect()
self.t = threading.Thread(target=self.run)
self.ep = None
self.opened = False
if not dst == "":
self.ep = int(dst)
self.t.start()
self.opened = True
if DEBUG:
print("Waiting for USB to setup...")
if self.fuzz_dscr == "":
time.sleep(2)
else:
times = self.timeout
while (not (self.d.dd_sent and self.d.cd_sent and self.d.scr_recieved and False)) and times > 0:
if DEBUG:
sys.__stdout__.write(".")
sys.__stdout__.flush()
time.sleep(0.1)
times -= 1
if DEBUG:
sys.__stdout__.write("\n")
sys.__stdout__.flush()
if times <= 0 and DEBUG:
print("timeout reached, canceled!")
#raise
return
if DEBUG:
print("USB setup complete.")
rcv[offset_c] = 0x80 | 0x03
else:
print('ERROR: 3RD ENDPOINT CANNOT BE HANDLED, NOT AN "IN" ENDPOINT')
if self.verbose:
print("MODIFIED endpoint descriptors: %s" % rcv)
return rcv
if __name__ == '__main__':
signal.signal(signal.SIGINT, signal_handler)
parser = argparse.ArgumentParser()
parser.add_argument("-v", "--verbose", action="store_true",
help="turn on verbose output of USB communication")
parser.add_argument("--fuzz", type=int, default=-1, help="endpoint to be fuzzed (0 for device enumeration phase)")
args = parser.parse_args()
sp = GoodFETSerialPort()
fd = Facedancer(sp, verbose=1)
u = MAXUSBApp(fd, verbose=1)
print("Attempting connection")
u.connect(TTWEClientDevice(args.verbose, args.fuzz))
print("Done connecting")
u.service_irqs()
print ("Running")
u.disconnect()
class dizzyUSB(object):
def __init__(self, filename, timeout, device=DEFAULT_TTY, data="", fuzz_dscr=""):
self.filename = filename
self.timeout = timeout
self.device = device
self.data = data
self.fuzz_dscr = fuzz_dscr
self.sp = None
self.d = None
def open(self, dst=""):
if DEBUG:
verbose = 1
else:
verbose = 0
ns = {}
with open(self.filename) as f:
exec(compile(f.read(), self.filename, 'exec'), ns)
DD = ns["DD"]
success = False
if DEBUG:
print("setting up facedancer")
sys.__stdout__.flush()
while not success:
try:
self.sp = Serial(self.device, 115200, parity=PARITY_NONE, timeout=2)
self.fd = Facedancer(self.sp, verbose=verbose)
self.app = MAXUSBApp(self.fd, verbose=verbose)
self.d = dizzyUSBDevice(self.app, DD, verbose, self.data, self.fuzz_dscr)
success = True
except:
time.sleep(0.1)
self.d.connect()
self.t = threading.Thread(target=self.run)
self.ep = None
self.opened = False
if not dst == "":
self.ep = int(dst)
self.t.start()
self.opened = True
if DEBUG:
print("Waiting for USB to setup...")
if self.fuzz_dscr == "":
time.sleep(2)
else:
times = self.timeout
while (not (self.d.dd_sent and self.d.cd_sent and self.d.scr_recieved and False)) and times > 0:
if DEBUG:
sys.__stdout__.write(".")
sys.__stdout__.flush()
time.sleep(0.1)
times -= 1
if DEBUG:
sys.__stdout__.write("\n")
sys.__stdout__.flush()
if times <= 0 and DEBUG:
print("timeout reached, canceled!")
#raise
return
if DEBUG:
print("USB setup complete.")
def run(self):
try:
self.d.run()
except SerialException:
pass
except select.error:
pass
except OSError:
pass
except TypeError:
pass
except IndexError:
pass
except Exception as e:
if DEBUG:
traceback.print_exc()
print(e)
self.opened = False
def close(self):
if not self.open:
return
if not self.d is None:
try:
self.d.disconnect()
except IndexError:
pass
except SerialException:
pass
except ValueError:
pass
except Exception as e:
if DEBUG:
traceback.print_exc()
print(e)
if not self.sp is None:
self.sp.close()
self.open = False
def read(self):
pass
def write(self, data):
if not self.ep is None:
while not self.opened:
time.sleep(0.1)
try:
self.app.send_on_endpoint(self.ep, data)
except Exception as e:
#~ if DEBUG:
#~ traceback.print_exc()
#~ print(e)
raise e
)
USBDevice.__init__(
self,
maxusb_app,
0, # device class
0, # device subclass
0, # protocol release number
64, # max packet size for endpoint 0
0x0763, # vendor id
0x1002, # product id
0, # device revision
"Midiman", # manufacturer string
"MidiSport 2x2", # product string
"?", # serial number string
[config],
verbose=verbose)
from Facedancer import *
from MAXUSBApp import *
sp = GoodFETSerialPort()
fd = Facedancer(sp, verbose=1)
u = MAXUSBApp(fd, verbose=1)
d = PwnUSBDevice(u, verbose=4)
d.connect()
try:
d.run()
except KeyboardInterrupt:
d.disconnect()