def get_someip(self, stacked=False):
p = SOMEIP()
p.msg_id.srv_id = SD.SOMEIP_MSGID_SRVID
p.msg_id.sub_id = SD.SOMEIP_MSGID_SUBID
p.msg_id.event_id = SD.SOMEIP_MSGID_EVENTID
p.proto_ver = SD.SOMEIP_PROTO_VER
p.iface_ver = SD.SOMEIP_IFACE_VER
p.msg_type = SD.SOMEIP_MSG_TYPE
if (stacked):
return (p / self)
else:
return (p)
def get_someip(self, stacked=False):
p = SOMEIP()
p.msg_id.srv_id = SD.SOMEIP_MSGID_SRVID
p.msg_id.sub_id = SD.SOMEIP_MSGID_SUBID
p.msg_id.event_id = SD.SOMEIP_MSGID_EVENTID
p.proto_ver = SD.SOMEIP_PROTO_VER
p.iface_ver = SD.SOMEIP_IFACE_VER
p.msg_type = SD.SOMEIP_MSG_TYPE
if (stacked):
return (p / self)
else:
return (p)
def get_required_message(self, source, target, service_id, method_id):
'''
检索期望消息
'''
srcIP = self.ethAppChannel[source]["ip"]
srcPort = self.ethAppChannel[source]["port"]
dstIP = self.ethAppChannel[target]["ip"]
dstPort = self.ethAppChannel[target]["port"]
while True:
try:
msg_list = MessageRecorder.get_tmp_message_list((srcIP, dstIP, srcPort, dstPort))
for msg in msg_list[::-1]:
target_params = msg # 只关注最后一条
try:
raw = SOMEIP(target_params['raw'])
# raw.show()
msg_service_id = raw.srv_id
msg_method_id = raw.method_id
if msg_service_id == service_id and msg_method_id == method_id:
rfic_info("检索到期望消息", target_params)
MessageRecorder.clear_tmp_message_list() # 清空临时消息,缩短消息检索时间
time.sleep(0.03) # 等待消息流程完成
return True, target_params
except:
pass
except:
pass
def generate_someip_based_tcp(self, s_ip, d_ip, s_port, d_port, seq=2496318543, ack=594476641, flags="PA",
matrix=None):
vlan = Dot1Q(vlan=4)
ip = IP(src=s_ip, dst=d_ip)
tcp = TCP(flags=flags, sport=s_port, dport=d_port, seq=seq, ack=ack)
if flags == "PA": # PSH+ACK
if matrix is None:
matrix = {}
srv_id = matrix.get("srv_id", 0xffff)
method_id = matrix.get("method_id", 65535)
session_id = matrix.get("session_id", 1)
msg_type = matrix.get("msg_type", SOMEIP.TYPE_NOTIFICATION)
req_data = matrix.get("req_data", [])
someip = SOMEIP(srv_id=srv_id, sub_id=0x0,
method_id=method_id, event_id=0,
client_id=method_id, session_id=session_id,
msg_type=msg_type)
packet = b''.join([bytes().fromhex(i) for i in req_data])
target = ip / tcp / someip / packet
elif flags == "A": # ACK
target = ip / tcp
else:
target = ip / tcp
payload_length = len(target)
hex_target = hexdump(target, True)
results = hex_target.split("\n")
finalResult = []
for item in results:
finalResult.append(item.split(" ")[1])
x = " ".join(finalResult)
x_list = x.split(" ")
return payload_length, x_list
def trans_data(target_ip, target_port, data):
# 先建立TCP连接
start_tcp(target_ip=target_ip, target_port=target_port)
# print sport,s_seq,d_seq
# 发起GET请求
ether = Ether(src="54:05:db:8e:83:03", dst="aa:bb:cc:dd:ee:03")
ip = IP(src="192.168.0.101", dst="192.168.0.102")
tcp = TCP(sport=55555, dport=49101, seq=s_seq, ack=d_seq, flags=0x018)
someip = SOMEIP(srv_id=0x0100,
sub_id=0x0,
method_id=0x3b,
client_id=0x1,
session_id=0x1,
msg_type=SOMEIP.TYPE_REQUEST,
retcode=SOMEIP.RET_E_OK)
ans = srp(ether / ip / tcp / someip,
iface="Intel(R) Ethernet Connection (10) I219-V",
verbose=False)
print(ans[0][TCP][0])
def send_msg_as_method(self, source, target, matrix):
'''
发送(TCP)method消息,需要等待对端回复
A->B:PSH+ACK
B->A:PSH+ACK
A->B:ACK
:param source: 源ECU
:param target: 目的ECU
:param matrix: 通信矩阵,包含service_id,method_id,msg_type
:return:
'''
# 监听本端给对端发的ACK消息
srcIP = self.ethAppChannel[source]["ip"]
srcPort = self.ethAppChannel[source]["port"]
dstIP = self.ethAppChannel[target]["ip"]
dstPort = self.ethAppChannel[target]["port"]
msg_list = MessageRecorder.get_message_list((srcIP, dstIP, srcPort, dstPort))
while len(msg_list) == 0:
msg_list = MessageRecorder.get_message_list((srcIP, dstIP, srcPort, dstPort))
target_params = msg_list[-1] # 只关注最后一条
# 本端发送PSH+ACK消息
tx_data = self.generate_tx_data(target_params, "PA", matrix)
self.eth_send(target, tx_data)
# 监听对端给本端发的PSH+ACK消息
msg_list = MessageRecorder.get_message_list((dstIP, srcIP, dstPort, srcPort))
while len(msg_list) == 0: # 没有消息的时候,不停的收
msg_list = MessageRecorder.get_message_list((dstIP, srcIP, dstPort, srcPort))
target_params = msg_list[-1] # 只关注最后一条
raw_info = SOMEIP(target_params['raw']).show(dump=True)
rfic_info(raw_info)
# 本端发送ACK消息
tx_data = self.generate_tx_data(target_params, "A")
return self.eth_send(target, tx_data)