def test_one_station_same_location():
device = Device(Point(0, 0))
station = Station(Point(0, 0), 10)
stations = [station]
best_station, power = device.best_station(stations)
assert best_station == station
assert power == 100
def test_two_stations_out_of_reach():
device = Device(Point(20, 20))
station1 = Station(Point(0, 0), 10)
station2 = Station(Point(10, 10), 10)
stations = [station1, station2]
best_station, power = device.best_station(stations)
assert best_station == None
assert power == 0
def test_two_stations_one_with_same_location():
device = Device(Point(0, 0))
station1 = Station(Point(10, 10), 10)
station2 = Station(Point(0, 0), 10)
stations = [station1, station2]
best_station, power = device.best_station(stations)
assert best_station == station2
assert power == 100
def link(self,dev:Device):
self.connected_devices.add(dev)
if dev.device_type() == Device_Type.ROUTER:
self.connected_routers.add(dev)
elif dev.device_type() == Device_Type.HOST:
self.connected_hosts.add(dev)
self.add_forwarding_table_entry(dev,dev)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-c", "--config", help="Device config", required=True)
parser.add_argument("-p", "--payload", help="Payload file", required=True)
arguments = parser.parse_args()
if not os.path.exists(arguments.config):
log("Config file {} doesn't exist".format(arguments.config))
return
if not os.path.exists(arguments.payload):
log("Payload file {} doesn't exist".format(arguments.payload))
return
with open(arguments.config) as config:
config = json5.load(config)
hw_code = config["hw_code"]
watchdog_address = config["watchdog_address"]
var_0 = config["var_0"]
var_1 = config["var_1"]
device = Device().find()
device.handshake()
device_hw_code = device.get_hw_code()
hw_sub_code, hw_ver, sw_ver = device.get_hw_dict()
secure_boot, serial_link_authorization, download_agent_authorization = device.get_target_config(
)
if hw_code != device_hw_code:
log("Incorrect hw code, expected {}, found {}".format(
hex(hw_code), hex(device_hw_code)))
return
print()
log("Device hw code: {}".format(hex(device_hw_code)))
log("Device hw sub code: {}".format(hex(hw_sub_code)))
log("Device hw version: {}".format(hex(hw_ver)))
log("Device sw version: {}".format(hex(sw_ver)))
log("Device secure boot: {}".format(secure_boot))
log("Device serial link authorization: {}".format(
serial_link_authorization))
log("Device download agent authorization: {}".format(
download_agent_authorization))
print()
log("Disabling watchdog timer")
device.write32(watchdog_address, 0x22000064)
if serial_link_authorization or download_agent_authorization:
log("Disabling protection")
exploit(device, watchdog_address, var_0, var_1, arguments.payload)
log("Protection disabled")
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-c", "--config", help="Device config")
arguments = parser.parse_args()
if arguments.config:
if not os.path.exists(arguments.config):
raise RuntimeError("Config file {} doesn't exist".format(arguments.config))
elif not os.path.exists(DEFAULT_CONFIG):
raise RuntimeError("Default config is missing")
device = Device().find()
device.handshake()
hw_code = device.get_hw_code()
hw_sub_code, hw_ver, sw_ver = device.get_hw_dict()
secure_boot, serial_link_authorization, download_agent_authorization = device.get_target_config()
if arguments.config:
config_file = open(arguments.config)
config = Config().from_file(config_file, hw_code)
config_file.close()
else:
config = Config().default(hw_code)
if not os.path.exists(PAYLOAD_DIR + config.payload):
raise RuntimeError("Payload file {} doesn't exist".format(PAYLOAD_DIR + config.payload))
print()
log("Device hw code: {}".format(hex(hw_code)))
log("Device hw sub code: {}".format(hex(hw_sub_code)))
log("Device hw version: {}".format(hex(hw_ver)))
log("Device sw version: {}".format(hex(sw_ver)))
log("Device secure boot: {}".format(secure_boot))
log("Device serial link authorization: {}".format(serial_link_authorization))
log("Device download agent authorization: {}".format(download_agent_authorization))
print()
log("Disabling watchdog timer")
device.write32(config.watchdog_address, 0x22000064)
if serial_link_authorization or download_agent_authorization:
log("Disabling protection")
payload = open(PAYLOAD_DIR + config.payload, "rb")
exploit(device, config.watchdog_address, config.var_0, config.var_1, payload)
payload.close()
log("Protection disabled")
def device_get(self, device_name: str) -> Optional[Device]:
device = self.devices.get(device_name)
if device is None:
details = self.config.device_details(device_name)
if details is None:
log.warning(f'Request for unknown device \'{device_name}\'')
return
(devtype, host, mac) = details
try:
device = Device(device_name, devtype, host, mac)
self.devices[device_name] = device
except Exception as e:
log.error(f'Could not open device \'{device_name}\': {e}')
return device
def test_process(self):
device = Device(1)
request = Request(0, 1, 0.0)
request_count = 100000
for _ in range(request_count):
device.process(request)
self.assertTrue(abs(device.release_time - request_count) / request_count < 0.01,
'mean without delays')
device = Device(1)
request = Request(0, 1, 0.5)
request_count = 100000
for _ in range(request_count):
device.process(request)
request = Request(0, 1, device.release_time + 0.5)
self.assertTrue(abs(device.release_time - 1.5 * request_count) / (1.5 * request_count) < 0.01,
'mean with delays')
def __init__(self, producer_count, alpha, beta, device_count, lambda_param,
buffer_size):
self.__producers = [
Producer(i, alpha, beta) for i in range(producer_count)
]
self.__devices = [Device(lambda_param) for _ in range(device_count)]
self.__current_device = 0
self.__buffer = Buffer(buffer_size)
self.__alpha = alpha
self.__beta = beta
self.__lambda = lambda_param
self.__stat = Statistics(producer_count, device_count)
self.__creation_log = []
self.__setting_log = []
self.__event_log = []
self.__release_log = []
self.__deny_log = []
self.__buffer_log = []
def crash_preloader(device, config):
print("")
log("Found device in preloader mode, trying to crash...")
print("")
if config.crash_method == 0:
try:
payload = b'\x00\x01\x9F\xE5\x10\xFF\x2F\xE1' + b'\x00' * 0x110
device.send_da(0, len(payload), 0, payload)
device.jump_da(0)
except RuntimeError as e:
log(e)
print("")
elif config.crash_method == 1:
payload = b'\x00' * 0x100
device.send_da(0, len(payload), 0x100, payload)
device.jump_da(0)
elif config.crash_method == 2:
device.read32(0)
device.dev.close()
device = Device().find()
return device
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-c", "--config", help="Device config")
parser.add_argument("-t", "--test", help="Testmode", action="store_true")
parser.add_argument("-w", "--watchdog", help="Watchdog address(in hex)")
parser.add_argument("-u", "--uart", help="UART base address(in hex)")
parser.add_argument("-v", "--var_1", help="var_1 value(in hex)")
parser.add_argument("-a",
"--payload_address",
help="payload_address value(in hex)")
parser.add_argument("-p", "--payload", help="Payload to use")
parser.add_argument("-s",
"--serial_port",
help="Connect to existing serial port")
parser.add_argument("-f",
"--force",
help="Force exploit on insecure device",
action="store_true")
parser.add_argument("-n",
"--no_handshake",
help="Skip handshake",
action="store_true")
parser.add_argument("-m",
"--crash_method",
help="Method to use for crashing preloader (0, 1, 2)",
type=int)
arguments = parser.parse_args()
if arguments.config:
if not os.path.exists(arguments.config):
raise RuntimeError("Config file {} doesn't exist".format(
arguments.config))
elif not os.path.exists(DEFAULT_CONFIG):
raise RuntimeError("Default config is missing")
if arguments.serial_port:
device = Device(arguments.serial_port)
else:
device = Device().find()
config, serial_link_authorization, download_agent_authorization, hw_code = get_device_info(
device, arguments)
while device.preloader:
device = crash_preloader(device, config)
config, serial_link_authorization, download_agent_authorization, hw_code = get_device_info(
device, arguments)
log("Disabling watchdog timer")
device.write32(config.watchdog_address, 0x22000064)
if serial_link_authorization or download_agent_authorization or arguments.force:
log("Disabling protection")
payload = prepare_payload(config)
result = exploit(device, config.watchdog_address,
config.payload_address, config.var_0, config.var_1,
payload)
if arguments.test:
while not result:
device.dev.close()
config.var_1 += 1
log("Test mode, testing " + hex(config.var_1) + "...")
device = Device().find()
device.handshake()
while device.preloader:
device = crash_preloader(device, config)
device.handshake()
result = exploit(device, config.watchdog_address,
config.payload_address, config.var_0,
config.var_1, payload)
else:
log("Insecure device, sending payload using send_da")
if not arguments.payload:
config.payload = DEFAULT_PAYLOAD
if not arguments.payload_address:
config.payload_address = DEFAULT_DA_ADDRESS
payload = prepare_payload(config)
payload += b'\x00' * 0x100
device.send_da(config.payload_address, len(payload), 0x100, payload)
device.jump_da(config.payload_address)
result = device.read(4)
bootrom__name = "bootrom_" + hex(hw_code)[2:] + ".bin"
if result == to_bytes(0xA1A2A3A4, 4):
log("Protection disabled")
elif result == to_bytes(0xC1C2C3C4, 4):
dump_brom(device, bootrom__name)
elif result == to_bytes(0x0000C1C2, 4) and device.read(4) == to_bytes(
0xC1C2C3C4, 4):
dump_brom(device, bootrom__name, True)
elif result != b'':
raise RuntimeError("Unexpected result {}".format(result.hex()))
else:
log("Payload did not reply")
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-c", "--config", help="Device config")
parser.add_argument("-t", "--test", help="Testmode", action="store_true")
parser.add_argument("-w", "--watchdog", help="Watchdog address(in hex)")
parser.add_argument("-u", "--uart", help="UART base address(in hex)")
parser.add_argument("-v", "--var_1", help="var_1 value(in hex)")
parser.add_argument("-a",
"--payload_address",
help="payload_address value(in hex)")
parser.add_argument("-p", "--payload", help="Payload to use")
parser.add_argument("-s",
"--serial_port",
help="Connect to existing serial port")
parser.add_argument("-f",
"--force",
help="Force exploit on insecure device",
action="store_true")
parser.add_argument("-n",
"--no_handshake",
help="Skip handshake",
action="store_true")
arguments = parser.parse_args()
if arguments.config:
if not os.path.exists(arguments.config):
raise RuntimeError("Config file {} doesn't exist".format(
arguments.config))
elif not os.path.exists(DEFAULT_CONFIG):
raise RuntimeError("Default config is missing")
if arguments.serial_port:
device = Device(arguments.serial_port)
else:
device = Device().find()
if not arguments.no_handshake:
device.handshake()
hw_code = device.get_hw_code()
hw_sub_code, hw_ver, sw_ver = device.get_hw_dict()
secure_boot, serial_link_authorization, download_agent_authorization = device.get_target_config(
)
if arguments.config:
config_file = open(arguments.config)
config = Config().from_file(config_file, hw_code)
config_file.close()
else:
try:
config = Config().default(hw_code)
except NotImplementedError as e:
if arguments.test:
config = Config()
log(e)
else:
raise e
if arguments.test:
config.payload = DEFAULT_PAYLOAD
if arguments.var_1:
config.var_1 = int(arguments.var_1, 16)
if arguments.watchdog:
config.watchdog_address = int(arguments.watchdog, 16)
if arguments.uart:
config.uart_base = int(arguments.uart, 16)
if arguments.payload_address:
config.payload_address = int(arguments.payload_address, 16)
if arguments.payload:
config.payload = arguments.payload
if not os.path.exists(PAYLOAD_DIR + config.payload):
raise RuntimeError(
"Payload file {} doesn't exist".format(PAYLOAD_DIR +
config.payload))
print()
log("Device hw code: {}".format(hex(hw_code)))
log("Device hw sub code: {}".format(hex(hw_sub_code)))
log("Device hw version: {}".format(hex(hw_ver)))
log("Device sw version: {}".format(hex(sw_ver)))
log("Device secure boot: {}".format(secure_boot))
log("Device serial link authorization: {}".format(
serial_link_authorization))
log("Device download agent authorization: {}".format(
download_agent_authorization))
print()
log("Disabling watchdog timer")
device.write32(config.watchdog_address, 0x22000064)
if serial_link_authorization or download_agent_authorization or arguments.force:
log("Disabling protection")
payload = prepare_payload(config)
result = exploit(device, config.watchdog_address,
config.payload_address, config.var_0, config.var_1,
payload)
if arguments.test:
while not result:
device.dev.close()
config.var_1 += 1
log("Test mode, testing " + hex(config.var_1) + "...")
device = Device().find()
device.handshake()
result = exploit(device, config.watchdog_address,
config.payload_address, config.var_0,
config.var_1, payload)
else:
log("Insecure device, sending payload using send_da")
if not arguments.payload:
config.payload = DEFAULT_PAYLOAD
if not arguments.payload_address:
config.payload_address = DEFAULT_DA_ADDRESS
payload = prepare_payload(config)
payload += b'\x00' * 0x100
device.send_da(config.payload_address, len(payload), 0x100, payload)
device.jump_da(config.payload_address)
result = device.read(4)
bootrom__name = "bootrom_" + hex(hw_code)[2:] + ".bin"
if result == to_bytes(0xA1A2A3A4, 4):
log("Protection disabled")
elif result == to_bytes(0xC1C2C3C4, 4):
dump_brom(device, bootrom__name)
elif result == to_bytes(0x0000C1C2, 4) and device.read(4) == to_bytes(
0xC1C2C3C4, 4):
dump_brom(device, bootrom__name, True)
elif result != b'':
raise RuntimeError("Unexpected result {}".format(result.hex()))
else:
log("Payload did not reply")
def test_init(self):
device = Device(1)
self.assertEqual(device.release_time, 0.0, 'release time after init')
user=UserMain(app)
router.addUser(userData)
threadAssign.__setitem__(username, {"thread": user})
user.start()
elif mac in devices:
deviceData = devices[mac]
deviceName = deviceData["name"]
if deviceName in threadAssign and threadAssign[deviceName]["thread"].isAlive():
print("resuming DEVICE:", deviceName)
threadAssign[deviceName]["thread"].resumeConnection(so)
else:
if deviceName in threadAssign:
print("dead DEVICE", deviceName)
threadAssign.pop(deviceName)
router.removeDevice(deviceName)
print("connecting DEVICE:", deviceName)
deviceApp = Application(so, adr, deviceData, router)
dev = Device(deviceApp, deviceData)
dev.start()
threadAssign.__setitem__(deviceName, {"thread": dev})
router.addDevice(dev)
print("Clients connected:", len(threadAssign))
print("-----")
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-c", "--config", help="Device config")
parser.add_argument("-t", "--test", help="Testmode", action="store_true")
parser.add_argument("-w", "--watchdog", help="Watchdog address(in hex) for testmode")
parser.add_argument("-v", "--var_1", help="var_1 value(in hex) for testmode")
parser.add_argument("-p", "--payload_address", help="payload_address value(in hex) for testmode")
arguments = parser.parse_args()
if arguments.config:
if not os.path.exists(arguments.config):
raise RuntimeError("Config file {} doesn't exist".format(arguments.config))
elif not os.path.exists(DEFAULT_CONFIG):
raise RuntimeError("Default config is missing")
device = Device().find()
device.handshake()
hw_code = device.get_hw_code()
hw_sub_code, hw_ver, sw_ver = device.get_hw_dict()
secure_boot, serial_link_authorization, download_agent_authorization = device.get_target_config()
if arguments.config:
config_file = open(arguments.config)
config = Config().from_file(config_file, hw_code)
config_file.close()
else:
try:
config = Config().default(hw_code)
except NotImplementedError as e:
if arguments.test:
config = Config()
if arguments.var_1:
config.var_1 = int(arguments.var_1, 16)
if arguments.watchdog:
config.watchdog_address = int(arguments.watchdog, 16)
if arguments.payload_address:
config.payload_address = int(arguments.payload_address, 16)
config.payload = "generic_dump_payload.bin"
log(e)
else:
raise e
if not os.path.exists(PAYLOAD_DIR + config.payload):
raise RuntimeError("Payload file {} doesn't exist".format(PAYLOAD_DIR + config.payload))
print()
log("Device hw code: {}".format(hex(hw_code)))
log("Device hw sub code: {}".format(hex(hw_sub_code)))
log("Device hw version: {}".format(hex(hw_ver)))
log("Device sw version: {}".format(hex(sw_ver)))
log("Device secure boot: {}".format(secure_boot))
log("Device serial link authorization: {}".format(serial_link_authorization))
log("Device download agent authorization: {}".format(download_agent_authorization))
print()
log("Disabling watchdog timer")
device.write32(config.watchdog_address, 0x22000064)
if serial_link_authorization or download_agent_authorization:
log("Disabling protection")
with open(PAYLOAD_DIR + config.payload, "rb") as payload:
payload = payload.read()
result = exploit(device, config.watchdog_address, config.payload_address, config.var_0, config.var_1, payload)
if arguments.test:
while not result:
config.var_1 += 1
log("Test mode, testing " + hex(config.var_1) + "...")
device = Device().find()
device.handshake()
result = exploit(device, config.watchdog_address, config.payload_address,
config.var_0, config.var_1, payload)
bootrom__name = "bootrom_" + hex(hw_code)[2:] + ".bin"
if result == to_bytes(0xA1A2A3A4, 4):
log("Protection disabled")
elif result == to_bytes(0xC1C2C3C4, 4):
dump_brom(device, bootrom__name)
elif result == to_bytes(0x0000C1C2, 4) and device.read(4) == to_bytes(0xC1C2C3C4, 4):
dump_brom(device, bootrom__name, True)
"""
# Add ./src to the path
import sys
sys.path.append('/flash/src')
# pylint: disable=C0413
import pycom # pylint: disable=F0401
import utime # pylint: disable=E0401
from src.device import Device
# Turn off blinking LED.
pycom.heartbeat(False) # pylint: disable=E1101
# Disable WiFi:
pycom.wifi_on_boot(False) # pylint: disable=E1101
DATA_CACHE_DURATION = 7 # days
DATA_INTERVAL = 5 # seconds
EVENTS_COUNT = 100 # max # of events stored in memory.
# Initialize Device object
DD_DEVICE = Device(
duration=DATA_CACHE_DURATION,
interval=DATA_INTERVAL,
num_events=EVENTS_COUNT
)
while True:
DD_DEVICE.read_sensor_data() # create humidity_temp reading.
DD_DEVICE.check_for_event() # check sensor data for event
utime.sleep(DATA_INTERVAL) # sleep until time to create new reading
# if the new client is a device
elif mac in devices:
deviceData = devices[mac]
deviceName = deviceData["name"]
# if the device thread s still alive, resume connection
if deviceName in threadAssign and threadAssign[deviceName][
"thread"].isAlive():
log.debug("resuming DEVICE: {!r}".format(deviceName))
threadAssign[deviceName]["thread"].resumeConnection(so)
else:
# if the device thread is dead, terminate thread
if deviceName in threadAssign:
log.debug("dead DEVICE {!r}".format(deviceName))
threadAssign.pop(deviceName)
omnia_controller.removeDevice(deviceName)
# initialize device
log.debug("connecting DEVICE: {!r}".format(deviceName))
dev = Device(so, adr, deviceData, omnia_controller)
omnia_controller.addDevice(dev)
# create new thread
threadAssign.__setitem__(deviceName, {"thread": dev})
dev.start()
# display number of connected clients
log.debug("Clients connected: {!r}".format(len(threadAssign)))
log.debug("-----")