def run(self, args):
port = args.port
cn = connection(port)
if cn.connected:
info = cn.ati()
if "vendor" in info:
if info["vendor"] == "Sierra Wireless" or info[
"vendor"] == "Netgear":
print("Sending download mode command")
print(cn.send("AT!BOOTHOLD\r"))
print(cn.send('AT!QPSTDLOAD\r'))
print("Done switching to download mode")
elif info["vendor"] == "Quectel":
print("Sending download mode command")
interface = 0
diag = qcdiag(loglevel=self.__logger.level,
portconfig=[[0x2c7c, 0x0125, interface]])
if diag.connect():
diag.hdlc.receive_reply()
res = diag.send(b"\x4b\x65\x01\x00")
diag.disconnect()
print("Done switching to download mode")
elif info["vendor"] == "Telit":
print("Sending download mode command")
interface = 0
diag = qcdiag(loglevel=self.__logger.level,
portconfig=[[0x2c7c, 0x0125, interface]])
if diag.connect():
diag.hdlc.receive_reply()
res = diag.send(b"\x4b\x65\x01\x00")
diag.disconnect()
print("Done switching to download mode")
elif info["vendor"] == "ZTE":
print("Sending download mode command")
interface = 0
diag = qcdiag(loglevel=self.__logger.level,
portconfig=[[0x19d2, 0x0016, interface]])
if diag.connect():
diag.hdlc.receive_reply()
res = diag.send(b"\x4b\x65\x01\x00")
if res[0] == 0x4B:
print("Done switching to ENANDPRG mode")
else:
res = diag.send(b"\x3a")
if res[0] == 0x3A:
while True:
state = cn.waitforusb(
vendor.zte.value, 0x0076)
if not state:
diag.disconnect()
if diag.connect():
res = diag.send(b"\x3a")
else:
break
if state:
print("Done switching to NANDPRG mode")
else:
print("Failed switching to download mode")
diag.disconnect()
cn.close()
def detect(self, port):
vendortable = {
0x1199: ["Sierra Wireless", 3],
0x2c7c: ["Quectel", 3],
0x19d2: ["ZTE", 2],
0x0846: ["Netgear", 2],
0x413c: ["Telit", 0]
}
mode = "Unknown"
for device in self.detectusbdevices():
if device.vid == vendor.zte.value:
if device.pid == 0x0016:
print(
f"Detected a {vendortable[device.vid][0]} device with pid {hex(device.pid)} in Diag mode"
)
mode = "AT"
break
elif device.pid == 0x1403:
print(
f"Detected a {vendortable[device.vid][0]} device with pid {hex(device.pid)} in Web mode"
)
mode = "Web"
# url = 'http://192.168.0.1/goform/goform_set_cmd_process?goformId=USB_MODE_SWITCH&usb_mode=1' #adb
url = 'http://192.168.0.1/goform/goform_process?goformId=MODE_SWITCH&switchCmd=FACTORY'
if self.websend(url):
mode = "AT"
break
elif device.vid == vendor.telit.value:
if device.pid == 0x81d7:
print(
f"Detected a {vendortable[device.vid][0]} device with pid {hex(device.pid)} in Diag mode"
)
print("Sending download mode command")
interface = 5
diag = qcdiag(loglevel=self.__logger.level,
portconfig=[[0x413c, 0x81d7, interface]])
if diag.connect():
data = diag.hdlc.receive_reply()
res = diag.send(b"\x4b\x65\x01\x00")
if res[0] == 0x4B:
print("Sending download mode succeeded")
diag.disconnect()
break
if mode == "AT" or mode == "Unknown":
for port in self.getserialports():
if port.vid in vendortable:
portid = port.location[-1:]
if int(portid) == vendortable[port.vid][1]:
print(
f"Detected a {vendortable[port.vid][0]} at interface at: "
+ port.device)
return port.device
return ""
def run(self, args):
port = args.port
cn = connection(port)
if cn.connected:
info = cn.ati()
if "vendor" in info:
if info["vendor"] == "Sierra Wireless" or info[
"vendor"] == "Netgear":
print("Sending at switch command")
kg = SierraKeygen(cn)
if kg.openlock():
if cn.send('AT!CUSTOM="ADBENABLE",1\r') == -1:
print("Error on sending adb enable command.")
if cn.send('AT!CUSTOM="TELNETENABLE",1\r') != -1:
time.sleep(5)
tn = Telnet("192.168.1.1", 23, 15)
tn.write(b"adbd &\r\n")
info = tn.read_eager()
print(info)
print("Enabled adb via telnet")
else:
print("Error on sending telnet enable command.")
elif info["vendor"] == "Quectel":
print("Sending at switch command")
salt = cn.send("AT+QADBKEY?\r")
if salt != -1:
if len(salt) > 1:
salt = salt[1]
code = crypt.crypt("SH_adb_quectel", "$1$" + salt)
code = code[12:]
cn.send("AT+QADBKEY=\"%s\"\r" % code)
if cn.send(
"AT+QCFG=\"usbcfg\",0x2C7C,0x125,1,1,1,1,1,1,0\r"
) == -1:
if cn.send("AT+QLINUXCMD=\"adbd\""
) != -1: #echo test > /dev/ttyGS0
print("Success enabling adb")
else:
print("Success enabling adb")
print(
"In order to disable adb, send AT+QCFG=\"usbcfg\",0x2C7C,0x125,1,1,1,1,1,0,0"
)
elif info["vendor"] == "ZTE":
print("Sending switch command via diag")
if cn.send("AT+ZMODE=1") != -1:
print("Success enabling adb")
else:
interface = 0
diag = qcdiag(loglevel=self.__logger.level,
portconfig=[[0x19d2, 0x0016, interface]])
if diag.connect():
res = diag.send(b"\x4B\xA3\x06\x00")
if res[0] == 0x4B:
challenge = res[4:4 + 8]
response = hashlib.md5(challenge).digest()
res = diag.send(b"\x4B\xA3\x07\x00" + response)
if res[0] == 0x4B:
if res[3] == 0x00:
print("Auth success")
res = diag.send(b"\x41" +
b"\x30\x30\x30\x30\x30\x30")
if res[1] == 0x01:
print("SPC success")
sp = b"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE"
res = diag.send(b"\x46" + sp)
if res[0] == 0x46 and res[1] == 0x01:
print("SP success")
else:
res = diag.send(b"\x25" + sp)
if res[0] == 0x46 and res[1] == 0x01:
print("SP success")
res = diag.send(
b"\x4B\xFA\x0B\x00\x01") #Enable adb serial
if res[0] != 0x13:
print("Success enabling adb serial")
res = diag.send(b"\x4B\x5D\x05\x00") #Operate ADB
if res[0] != 0x13:
print("Success enabling adb")
diag.disconnect()
elif info["vendor"] == "Simcom":
print("Sending at switch command")
# Simcom7600
if cn.send("AT+CUSBADB=1,1") != -1:
print("Success enabling adb")
elif info["vendor"] == "Fibocom":
print("Sending at switch command")
# FibocomL718:
if cn.send("AT+ADBDEBUG=1") != -1:
print("Success enabling adb")
elif info["vendor"] == "Alcatel":
print("Send scsi switch command")
print(
"Run \"sudo sg_raw /dev/sg0 16 f9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -v\" to enable adb"
)
elif info["vendor"] == "Samsung":
if cn.send("AT+USBMODEM=1"):
print("Success enabling adb")
elif cn.send("AT+SYSSCOPE=1,0,0"):
print("Success enabling adb")
cn.close()