def extract_buffer(filename):
if not os.path.isfile(filename):
sys.stderr.write('{} is not a file\n'.format(filename))
sys.exit(1)
with open(filename, 'r') as infile:
content = infile.readlines()
hex_data_server = ''
hex_data_client = ''
for l in content:
if '>' is l[:1]:
if l != '> \n':
hex_data_client = hex_data_client + l[2:]
if '<' is l[:1]:
if l != '< \n':
hex_data_server = hex_data_server + l[2:]
if hex_data_client is '' and hex_data_server is '':
print("no unixdump data found")
sys.exit(1)
if hex_data_client is not '':
client_filename = "{}.client".format(filename)
print('Client file created: {}'.format(client_filename))
with open(client_filename, 'wb') as coutfile:
coutfile.write(hexdump.restore(hex_data_client))
if hex_data_server is not '':
server_filename = "{}.server".format(filename)
print('Server file created: {}'.format(server_filename))
with open(server_filename, 'wb') as soutfile:
soutfile.write(hexdump.restore(hex_data_server))
def from_hexdump(self):
"""Convert hexdump back to str
Returns:
Chepy: The Chepy object.
"""
self.state = hexdump.restore(self._convert_to_str())
return self
def __hexdump_to_packet(a_hexdump):
"""
Tranformt a hexdump to a packet if is it valid
:param a_hexdump: The hexdump
:type a_hexdump: str
:return: The scapy Packet or None if the packet is not valid
:rtype Packet | None
"""
raw = restore(a_hexdump)
if raw.startswith(binascii.unhexlify('0004')):
return IP(raw)
else:
return None
def restore_file(self, file_name, source=None):
if source:
f = open(source, "r")
to_restore = f.read()
f.close()
else:
to_restore = self.bytes_dump
try:
f = open(file_name, "w")
f.write(bytes_to_str(hexdump.restore(to_restore)))
f.close()
except FileNotFoundError as e:
debug(e)
def restore_file(self, file_name, source=None):
if source:
f = open(source, "r")
to_restore = f.read()
f.close()
else:
to_restore = self.bytes_dump
try:
f = open(file_name, "w")
f.write(bytes_to_str(hexdump.restore(to_restore)))
f.close()
except FileNotFoundError as e:
debug(e)
def cook(raw):
return hexdump.restore(raw)
constant_array = ''' 70 3B 68 F3 4D DB A4 B7 46 BE 2B 38 E1 FA 6B 50
FC E5 F7 62 B0 77 5A 5C D0 8C D5 1A 87 DC 12 3D
CD 3A 9B 7B 4A EC 4B 1E 63 1D 60 C2 78 AD F6 94
23 BC 97 2D 8D E3 8E 69 88 66 2C 98 9D CB 1B FB
20 AA 5D B1 05 61 52 F9 1F BB 04 FF 31 10 89 55
F1 82 7A 45 25 49 6F 64 ED 18 9E 1C D6 D3 9A F4
C9 C0 0F 0A E2 28 7E 33 FD 34 A0 2F 91 57 DD 03
27 B6 6D CE BF 01 16 43 A3 59 EF 4C DF D1 71 15
E0 7F 47 85 48 C4 DE 56 76 4F 53 75 5B B9 95 2A
09 5F 92 32 D2 6C 08 26 A5 8A 58 07 F5 51 E8 9F
AB D8 C3 B2 EE C7 81 44 17 80 0D D7 29 E4 A9 83
C1 99 E6 F0 0E 6A D4 A1 74 0B EB 3F AE 0C A6 41
B4 93 CA 30 35 AF 79 72 AC A8 7C BD 84 14 B5 B3
CC CF 9C 13 B8 C5 40 39 E7 8B 22 02 65 DA 96 F2
90 54 06 EA 2E 21 42 F8 C8 3E 3C %s 5E 19 D9 67
86 8F A2 7D 4E 6E 37 BA 73 24 E9 FE 11 A7 36 C6 ''' % S
constant_array = hexdump.restore(constant_array)
'''
do
{
v23 = pass_buffer[v22];
for ( i = 0; i < len(user_buffer); v23 = constant_array[v25] )
v25 = (unsigned __int8)v23 ^ user_buffer[i++];
result_array[v22++] = v23;
}
while ( v22 < 8 ); //
//
v29 = 0xBAA5E82Fu;
v30 = 0xBD0FA4A4u;
'''
def true_sendall(self, data, *args, **kwargs):
req = decode_from_bytes(data)
# make request unique again
req_signature = hashlib.md5(encode_to_bytes(''.join(sorted(req.split('\r\n'))))).hexdigest()
# port should be always a string
port = text_type(self._port)
# prepare responses dictionary
responses = dict()
if Mocket.get_truesocket_recording_dir():
path = os.path.join(
Mocket.get_truesocket_recording_dir(),
Mocket.get_namespace() + '.json',
)
# check if there's already a recorded session dumped to a JSON file
try:
with io.open(path) as f:
responses = json.load(f)
# if not, create a new dictionary
except (FileNotFoundError, JSONDecodeError):
pass
try:
response_dict = responses[self._host][port][req_signature]
except KeyError:
# preventing next KeyError exceptions
responses.setdefault(self._host, dict())
responses[self._host].setdefault(port, dict())
responses[self._host][port].setdefault(req_signature, dict())
response_dict = responses[self._host][port][req_signature]
# try to get the response from the dictionary
try:
try:
encoded_response = hexdump.dehex(response_dict['response'])
except TypeError: # pragma: no cover
# Python 2
encoded_response = hexdump.restore(encode_to_bytes(response_dict['response']))
# if not available, call the real sendall
except KeyError:
self._connect()
self.true_socket.sendall(data, *args, **kwargs)
encoded_response = b''
# https://github.com/kennethreitz/requests/blob/master/tests/testserver/server.py#L13
while select.select([self.true_socket], [], [], 0.5)[0]:
recv = self.true_socket.recv(self._buflen)
if recv:
encoded_response += recv
else:
break
# dump the resulting dictionary to a JSON file
if Mocket.get_truesocket_recording_dir():
# update the dictionary with request and response lines
response_dict['request'] = req
response_dict['response'] = hexdump.dump(encoded_response)
with io.open(path, mode='w') as f:
f.write(decode_from_bytes(json.dumps(responses, indent=4, sort_keys=True)))
# response back to .sendall() which writes it to the mocket socket and flush the BytesIO
return encoded_response
def true_sendall(self, data, *args, **kwargs):
req = decode_from_bytes(data)
# make request unique again
req_signature = _hash_request(hasher, req)
# port should be always a string
port = text_type(self._port)
# prepare responses dictionary
responses = dict()
if Mocket.get_truesocket_recording_dir():
path = os.path.join(
Mocket.get_truesocket_recording_dir(), Mocket.get_namespace() + ".json"
)
# check if there's already a recorded session dumped to a JSON file
try:
with io.open(path) as f:
responses = json.load(f)
# if not, create a new dictionary
except (FileNotFoundError, JSONDecodeError):
pass
try:
try:
response_dict = responses[self._host][port][req_signature]
except KeyError:
if hasher is not hashlib.md5:
# Fallback for backwards compatibility
req_signature = _hash_request(hashlib.md5, req)
response_dict = responses[self._host][port][req_signature]
else:
raise
except KeyError:
# preventing next KeyError exceptions
responses.setdefault(self._host, dict())
responses[self._host].setdefault(port, dict())
responses[self._host][port].setdefault(req_signature, dict())
response_dict = responses[self._host][port][req_signature]
# try to get the response from the dictionary
try:
try:
encoded_response = hexdump.dehex(response_dict["response"])
except TypeError: # pragma: no cover
# Python 2
encoded_response = hexdump.restore(
encode_to_bytes(response_dict["response"])
)
# if not available, call the real sendall
except KeyError:
host, port = Mocket._address
host = true_gethostbyname(host)
try:
self.true_socket.connect((host, port))
except (OSError, socket.error, ValueError):
# already connected
pass
self.true_socket.sendall(data, *args, **kwargs)
encoded_response = b""
# https://github.com/kennethreitz/requests/blob/master/tests/testserver/server.py#L13
while True:
if not select.select(
[self.true_socket], [], [], 0.1
)[0] and encoded_response:
break
recv = self.true_socket.recv(self._buflen)
if not recv and encoded_response:
break
encoded_response += recv
# dump the resulting dictionary to a JSON file
if Mocket.get_truesocket_recording_dir():
# update the dictionary with request and response lines
response_dict["request"] = req
response_dict["response"] = hexdump.dump(encoded_response)
with io.open(path, mode="w") as f:
f.write(
decode_from_bytes(
json.dumps(responses, indent=4, sort_keys=True)
)
)
# response back to .sendall() which writes it to the mocket socket and flush the BytesIO
return encoded_response
00000040: 9E 67 53 BC 6C 82 9F AB 49 D8 7F 64 00 98 3F 58 .gS.l...I..d..?X 00000050: 21 40 65 48 6D DB 6C 49 85 47 70 7E 94 29 C4 B8 [email protected]~.).. 00000060: 57 79 00 2E B7 87 C9 C1 65 D7 CF 72 D8 7F 7D 4E Wy......e..r..}N """ data = """ 0000: 33 5c ed 15 55 3c f5 f4 de 14 a0 f2 59 68 00 a2 0010: a0 98 58 c2 06 67 d5 c1 06 e3 bf e6 6a ec 6a c0 0020: 2d b2 d8 77 d9 0e c4 12 e3 ab 48 ab aa b4 b9 56 0030: 75 30 69 9d 0a c3 d9 bb ff de 42 11 bd 34 03 21 0040: cf a2 8d 3c 1b e4 ba f0 1f f4 40 69 6f b4 78 18 0050: f3 2d 6b 22 80 86 64 31 14 34 2a 81 2c cc d7 c6 0060: 62 f3 9e 5f 78 a6 39 d3 db 57 c3 30 d4 dd 12 8f """ data = hexdump.restore(data) #key = bytes(k1) key = hexdump.restore(""" 48 78 02 70 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22 39 e0 bf 8f 0c 85 4d de 49 0c cc f6 87 ef ad 9c """) iv = bytes(data[:16]) cypher = AES.new(key, AES.MODE_CBC, iv) print("key", key.hex()) print("data", data.hex()) print(cypher.decrypt(bytes(data[16:])).hex())
def restore(input=''):
return restore(input).decode()
from init6 import Init6
import sys
import json
import pprint
import hexdump
import io
import kaitaistruct
pp = pprint.PrettyPrinter(indent=2)
init6 = None
if sys.argv[1] == 'bin':
init6 = Init6.from_file(sys.argv[2])
else:
io = io.BytesIO(hexdump.restore(open(sys.argv[2], 'r').read()))
init6 = Init6(kaitaistruct.KaitaiStream(io))
def str_intercept(data):
if isinstance(data, bytes):
return hexdump.hexdump(data, result='return')
return str(data)
def str_fileds(self, fields):
res = ''
for field in fields:
res += field + ':\n'
res += ' ' + '\n ' \
.join(str_intercept(getattr(self, field)).split('\n')) + '\n'
def main():
if args.verbose:
LOGGER.setLevel(logging.DEBUG)
cur_dir = Path.cwd()
device = args.device
output = Path(args.output)
LOGGER.info('Open %s file' % output)
with open(output.as_posix(), 'w') as o:
LOGGER.info('Open %s serial device' % device)
try:
with serial.Serial(device, baudrate=115200, timeout=3.0) as s:
# Send Ctrl-C for sanity
cmd = b'\x03'
LOGGER.debug('Send %s to %s' % (cmd, device))
s.write(cmd)
_ = s.readlines() # Flush stdout content
address_format = '%08x' # 0x00000000
offset = 0x0
# Initialise SPI Flash read
cmd = b'sf probe 1\n'
LOGGER.debug('Send %s to %s' % (cmd, device))
s.write(cmd)
_ = s.readlines() # Flush stdout content
cmd = b'sf read 0x08000000 0 %x\n' % (
512 * 1024
) # MX25L4005 with page size 64 KiB, total 512 KiB
LOGGER.debug('Send %s to %s' % (cmd, device))
s.write(cmd)
_ = s.readlines() # Flush stdout content
cmd = b'md.b 0x08000000 %x\n' % (
512 * 1024
) # MX25L4005 with page size 64 KiB, total 512 KiB
LOGGER.debug('Send %s to %s' % (cmd, device))
s.write(cmd)
_ = s.readline() # Flush stdout content
while True:
line = s.readline()
line = line.decode('utf-8')
regex = '(?P<offset>[0-9a-fA-F]+): (?P<hex>([0-9a-fA-F]+ ){15}[0-9a-fA-F]+) *(?P<ascii>.*)'
regex = re.compile(regex)
m = regex.match(line)
if m:
line = m.groupdict()
hexa = ' '.join(
re.findall('..', line['hex'].replace(' ', '')))
line = "%s: %s %s\n" % (address_format %
(offset * 16), hexa,
line['ascii'])
offset += 1
LOGGER.debug('Write %s to %s' % (line, output))
o.write(line)
# No more dump data
if not line:
break
except serial.serialutil.SerialException as se:
LOGGER.error('Failed to open %s: %s' % (device, str(se)))
sys.exit(1)
with open(output.as_posix(), 'r') as txt:
LOGGER.info('Convert dump to binrary')
hex_dump = txt.read()
with open(output.as_posix(), 'bw') as binary:
binary.write(hexdump.restore(hex_dump))
def true_sendall(self, data, *args, **kwargs):
req = decode_from_bytes(data)
# make request unique again
req_signature = _hash_request(hasher, req)
# port should be always a string
port = text_type(self._port)
# prepare responses dictionary
responses = dict()
if Mocket.get_truesocket_recording_dir():
path = os.path.join(Mocket.get_truesocket_recording_dir(),
Mocket.get_namespace() + ".json")
# check if there's already a recorded session dumped to a JSON file
try:
with io.open(path) as f:
responses = json.load(f)
# if not, create a new dictionary
except (FileNotFoundError, JSONDecodeError):
pass
try:
try:
response_dict = responses[self._host][port][req_signature]
except KeyError:
if hasher is not hashlib.md5:
# Fallback for backwards compatibility
req_signature = _hash_request(hashlib.md5, req)
response_dict = responses[self._host][port][req_signature]
else:
raise
except KeyError:
# preventing next KeyError exceptions
responses.setdefault(self._host, dict())
responses[self._host].setdefault(port, dict())
responses[self._host][port].setdefault(req_signature, dict())
response_dict = responses[self._host][port][req_signature]
# try to get the response from the dictionary
try:
try:
encoded_response = hexdump.dehex(response_dict["response"])
except TypeError: # pragma: no cover
# Python 2
encoded_response = hexdump.restore(
encode_to_bytes(response_dict["response"]))
# if not available, call the real sendall
except KeyError:
host, port = Mocket._address
host = true_gethostbyname(host)
if isinstance(self.true_socket,
true_socket) and self._secure_socket:
try:
self = MocketSocket(sock=self)
except TypeError:
ssl_context = self.kwargs.get("ssl_context")
server_hostname = self.kwargs.get("server_hostname")
self.true_socket = true_ssl_context.wrap_socket(
self=ssl_context,
sock=self.true_socket,
server_hostname=server_hostname,
)
try:
self.true_socket.connect((host, port))
except (OSError, socket.error, ValueError):
# already connected
pass
self.true_socket.sendall(data, *args, **kwargs)
encoded_response = b""
# https://github.com/kennethreitz/requests/blob/master/tests/testserver/server.py#L13
while True:
if not select.select([self.true_socket], [], [],
0.1)[0] and encoded_response:
break
recv = self.true_socket.recv(self._buflen)
if not recv and encoded_response:
break
encoded_response += recv
# dump the resulting dictionary to a JSON file
if Mocket.get_truesocket_recording_dir():
# update the dictionary with request and response lines
response_dict["request"] = req
response_dict["response"] = hexdump.dump(encoded_response)
with io.open(path, mode="w") as f:
f.write(
decode_from_bytes(
json.dumps(responses, indent=4, sort_keys=True)))
# response back to .sendall() which writes it to the Mocket socket and flush the BytesIO
return encoded_response
def read_hex(data):
return hexdump.restore(data)
def read_hex(data):
return hexdump.restore(data)
FC E5 F7 62 B0 77 5A 5C D0 8C D5 1A 87 DC 12 3D
CD 3A 9B 7B 4A EC 4B 1E 63 1D 60 C2 78 AD F6 94
23 BC 97 2D 8D E3 8E 69 88 66 2C 98 9D CB 1B FB
20 AA 5D B1 05 61 52 F9 1F BB 04 FF 31 10 89 55
F1 82 7A 45 25 49 6F 64 ED 18 9E 1C D6 D3 9A F4
C9 C0 0F 0A E2 28 7E 33 FD 34 A0 2F 91 57 DD 03
27 B6 6D CE BF 01 16 43 A3 59 EF 4C DF D1 71 15
E0 7F 47 85 48 C4 DE 56 76 4F 53 75 5B B9 95 2A
09 5F 92 32 D2 6C 08 26 A5 8A 58 07 F5 51 E8 9F
AB D8 C3 B2 EE C7 81 44 17 80 0D D7 29 E4 A9 83
C1 99 E6 F0 0E 6A D4 A1 74 0B EB 3F AE 0C A6 41
B4 93 CA 30 35 AF 79 72 AC A8 7C BD 84 14 B5 B3
CC CF 9C 13 B8 C5 40 39 E7 8B 22 02 65 DA 96 F2
90 54 06 EA 2E 21 42 F8 C8 3E 3C %s 5E 19 D9 67
86 8F A2 7D 4E 6E 37 BA 73 24 E9 FE 11 A7 36 C6 ''' % S
constant_array = hexdump.restore(constant_array)
'''
do
{
v23 = pass_buffer[v22];
for ( i = 0; i < len(user_buffer); v23 = constant_array[v25] )
v25 = (unsigned __int8)v23 ^ user_buffer[i++];
result_array[v22++] = v23;
}
while ( v22 < 8 ); //
//
v29 = 0xBAA5E82Fu;
v30 = 0xBD0FA4A4u;
'''