def handleEvent(self, event):
if not event.isDataTransaction():
return
header = Struct.Group(None,
Struct.UInt8("eventCode"),
Struct.UInt8("numParameters"),
)
params = header.decode(event.data)
event.pushDecoded("BT Event: %s" % self.eventNames[header.eventCode])
def handleEvent(self, event):
if not event.isDataTransaction():
return
if not event.data.startswith("USBC"):
return
header = Struct.Group(None, Struct.UInt32("sig"), Struct.UInt32("tag"),
Struct.UInt32("datalen"), Struct.UInt8("flag"),
Struct.UInt8("lun"), Struct.UInt8("cdblen"))
cdb = header.decode(event.data)
command = SCSICommand(cdb)
event.pushDecoded("Storage Command: %s" % command)
event.appendDecoded("\n%s" % command.params)
def __init__(self, cdb):
self.header = Struct.Group(None, Struct.UInt8("opcode"))
params = self.header.decode(cdb)
self.name = self._opcodes[self.header.opcode]
if self.name in self._structs:
fmt, children = self._structs[self.name]
self.params = Struct.Group(None, *children())
self.params.decode(params)
self.summary = fmt % self.params.__dict__
else:
self.params = None
self.summary = ''
def decode_HCICommand(self, setup):
header = Struct.Group(None,
Struct.UInt16("opcode"),
Struct.UInt8("numParameters"),
)
params = header.decode(setup.event.data[8:])
if header.opcode is None:
ocf = ogf = None
else:
ocf = header.opcode & 0x03FF
ogf = header.opcode >> 10
ogfName = self.hciOpcodes.get(ogf, (ogf, {}))[0]
ocfName = self.hciOpcodes.get(ogf, (ogf, {}))[1].get(ocf, ocf)
setup.event.pushDecoded("BT Command: %s [%s]" % (ocfName, ogfName))
def handleEvent(self, event):
if not event.isDataTransaction():
return
if not event.data.startswith("USBS"):
return
header = Struct.Group(None, Struct.UInt32("sig"), Struct.UInt32("tag"),
Struct.UInt32("residue"), Struct.UInt8("status"))
header.decode(event.data)
if header.residue:
residue = ', residue=%d' % header.residue
else:
residue = ''
event.pushDecoded("Storage Status (%s%s)" %
(self._statusCodes[header.status], residue))
event.appendDecoded("\n%s" % header)
class DescriptorGroup(Struct.Group):
"""Parses out USB descriptors into a Struct.Group tree.
This class handles any standard descriptor, but
subclasses can add class-specific descriptors as needed.
"""
descriptorTypes = Struct.EnumDict({
0x01: "device",
0x02: "config",
0x03: "string",
0x04: "interface",
0x05: "endpoint",
})
headerStruct = lambda self: (
Struct.UInt8("bLength"),
Struct.UInt8("bDescriptorType"),
)
struct_device = lambda self: (
Struct.UInt16Hex("bcdUSB"),
Struct.UInt8Hex("bDeviceClass"),
Struct.UInt8Hex("bDeviceSubClass"),
Struct.UInt8Hex("bDeviceProtocol"),
Struct.UInt8("bMaxPacketSize0"),
Struct.UInt16Hex("idVendor"),
Struct.UInt16Hex("idProduct"),
Struct.UInt16Hex("bcdDevice"),
Struct.UInt8("iManufacturer"),
Struct.UInt8("iProduct"),
Struct.UInt8("iSerialNumber"),
Struct.UInt8("bNumConfigurations"),
)
struct_config = lambda self: (
Struct.UInt16("wTotalLength"),
Struct.UInt8("bNumInterfaces"),
Struct.UInt8("bConfigurationValue"),
Struct.UInt8("iConfiguration"),
Struct.UInt8Hex("bmAttributes"),
Struct.UInt8("MaxPower"),
)
struct_string = lambda self: (Struct.Utf16String("string"), )
struct_interface = lambda self: (
Struct.UInt8("bInterfaceNumber"),
Struct.UInt8("bAlternateSetting"),
Struct.UInt8("bNumEndpoints"),
Struct.UInt8Hex("bInterfaceClass"),
Struct.UInt8Hex("bInterfaceSubClass"),
Struct.UInt8Hex("bInterfaceProtocol"),
Struct.UInt8("iInterface"),
)
struct_endpoint = lambda self: (
Struct.UInt8Hex("bEndpointAddress"),
Struct.UInt8Hex("bmAttributes"),
Struct.UInt16("wMaxPacketSize"),
Struct.UInt8("bInterval"),
)
def __init__(self):
Struct.Group.__init__(self, "descriptors")
def decode(self, buffer):
# Common descriptor header
buffer = Struct.Group.decode(self, buffer, self.headerStruct())
# Decode descriptor type
self.type = self.descriptorTypes[self.bDescriptorType]
# Make sure that we eat exactly the right number of bytes,
# according to the descriptor header
descriptor = buffer[:self.bLength - 2]
buffer = buffer[self.bLength - 2:]
# The rest of the decoding is done by a hander, in the form of a child item list.
Struct.Group.decode(
self, descriptor,
getattr(self, "struct_%s" % self.type, lambda: None)())
return buffer
class SCSICommand:
"""Decodes a SCSI command block"""
_opcodes = Struct.EnumDict({
0x00: 'TEST_UNIT_READY',
0x01: 'REZERO_UNIT',
0x03: 'REQUEST_SENSE',
0x04: 'FORMAT_UNIT',
0x05: 'READ_BLOCKLIMITS',
0x07: 'REASSIGN_BLOCKS',
0x07: 'INIT_ELEMENT_STATUS',
0x08: 'READ(6)',
0x0a: 'WRITE(6)',
0x0a: 'PRINT',
0x0b: 'SEEK(6)',
0x0b: 'SLEW_AND_PRINT',
0x0f: 'READ_REVERSE',
0x10: 'WRITE_FILEMARKS',
0x10: 'SYNC_BUFFER',
0x11: 'SPACE',
0x12: 'INQUIRY',
0x14: 'RECOVER_BUFFERED',
0x15: 'MODE_SELECT',
0x16: 'RESERVE_UNIT',
0x17: 'RELEASE_UNIT',
0x18: 'COPY',
0x19: 'ERASE',
0x1a: 'MODE_SENSE',
0x1b: 'START_UNIT',
0x1b: 'SCAN',
0x1b: 'STOP_PRINT',
0x1c: 'RECV_DIAGNOSTIC',
0x1d: 'SEND_DIAGNOSTIC',
0x1e: 'MEDIUM_REMOVAL',
0x23: 'READ_FORMAT_CAPACITIES',
0x24: 'SET_WINDOW',
0x25: 'GET_WINDOW',
0x25: 'READ_CAPACITY',
0x28: 'READ(10)',
0x29: 'READ_GENERATION',
0x2a: 'WRITE(10)',
0x2b: 'SEEK(10)',
0x2b: 'POSITION_TO_ELEMENT',
0x2d: 'READ_UPDATED_BLOCK',
0x2e: 'WRITE_VERIFY',
0x2f: 'VERIFY',
0x30: 'SEARCH_DATA_HIGH',
0x31: 'SEARCH_DATA_EQUAL',
0x32: 'SEARCH_DATA_LOW',
0x33: 'SET_LIMITS',
0x34: 'PREFETCH',
0x34: 'READ_POSITION',
0x35: 'SYNC_CACHE',
0x36: 'LOCKUNLOCK_CACHE',
0x37: 'READ_DEFECT_DATA',
0x38: 'MEDIUM_SCAN',
0x39: 'COMPARE',
0x3a: 'COPY_VERIFY',
0x3b: 'WRITE_BUFFER',
0x3c: 'READ_BUFFER',
0x3d: 'UPDATE_BLOCK',
0x3e: 'READ_LONG',
0x3f: 'WRITE_LONG',
0x40: 'CHANGE_DEF',
0x41: 'WRITE_SAME',
0x42: 'READ_SUBCHANNEL',
0x43: 'READ_TOC',
0x44: 'READ_HEADER',
0x45: 'PLAY_AUDIO(10)',
0x46: 'GET_CONFIGURATION',
0x47: 'PLAY_AUDIO_MSF',
0x48: 'PLAY_AUDIO_TRACK',
0x49: 'PLAY_AUDIO_RELATIVE',
0x4a: 'GET_EVENT_STATUS_NOTIFICATION',
0x4b: 'PAUSE',
0x4c: 'LOG_SELECT',
0x4d: 'LOG_SENSE',
0x4e: 'STOP_PLAY',
0x51: 'READ_DISC_INFO',
0x52: 'READ_TRACK_INFO',
0x53: 'RESERVE_TRACK',
0x54: 'SEND_OPC_INFORMATION',
0x55: 'MODE_SELECT(10)',
0x56: 'RESERVE_UNIT(10)',
0x57: 'RELEASE_UNIT(10)',
0x5a: 'MODE_SENSE(10)',
0x5b: 'CLOSE_SESSION',
0x5c: 'READ_BUFFER_CAPACITY',
0x5d: 'SEND_CUE_SHEET',
0x5e: 'PERSISTENT_RESERVE_IN',
0x5f: 'PERSISTENT_RESERVE_OUT',
0x88: 'READ(16)',
0x8a: 'WRITE(16)',
0x9e: 'READ_CAPACITY(16)',
0xa0: 'REPORT_LUNS',
0xa1: 'BLANK',
0xa3: 'MAINTENANCE_IN',
0xa4: 'MAINTENANCE_OUT',
0xa3: 'SEND_KEY',
0xa4: 'REPORT_KEY',
0xa5: 'MOVE_MEDIUM',
0xa5: 'PLAY_AUDIO(12)',
0xa6: 'EXCHANGE_MEDIUM',
0xa6: 'LOADCD',
0xa8: 'READ(12)',
0xa9: 'PLAY_TRACK_RELATIVE',
0xaa: 'WRITE(12)',
0xac: 'ERASE(12)',
0xac: 'GET_PERFORMANCE',
0xad: 'READ_DVD_STRUCTURE',
0xae: 'WRITE_VERIFY(12)',
0xaf: 'VERIFY(12)',
0xb0: 'SEARCH_DATA_HIGH(12)',
0xb1: 'SEARCH_DATA_EQUAL(12)',
0xb2: 'SEARCH_DATA_LOW(12)',
0xb3: 'SET_LIMITS(12)',
0xb5: 'REQUEST_VOLUME_ELEMENT_ADDR',
0xb6: 'SEND_VOLUME_TAG',
0xb6: 'SET_STREAMING',
0xb7: 'READ_DEFECT_DATA(12)',
0xb8: 'READ_ELEMENT_STATUS',
0xb8: 'SELECT_CDROM_SPEED',
0xb9: 'READ_CD_MSF',
0xba: 'AUDIO_SCAN',
0xbb: 'SET_CDROM_SPEED',
0xbc: 'SEND_CDROM_XA_DATA',
0xbc: 'PLAY_CD',
0xbd: 'MECH_STATUS',
0xbe: 'READ_CD',
0xbf: 'SEND_DVD_STRUCTURE',
})
# For every command we want to decode parameters for, this includes
# a struct definition, and a format string that defines a useful
# summary of the parameters. The entire struct is included after
# the summary line.
_structs = {
# 'INQUIRY': None, # FIXME: We should decode this. SCSI-2, page 104 (8.2.5)
'READ(6)': (
"0x%(length)02x blocks at 0x%(lba)04x",
lambda: (
Struct.UInt8('lun'), # FIXME: lun is actually a bitfield
Struct.UInt16BE('lba'),
Struct.UInt8('length'),
Struct.UInt8('control'))),
'READ(10)': (
"0x%(length)04x blocks at 0x%(lba)08x",
lambda: (
Struct.UInt8('lun'), # FIXME: lun is actually a bitfield
Struct.UInt32BE('lba'),
Struct.UInt8('reserved_1'),
Struct.UInt16BE('length'),
Struct.UInt8('control'))),
'WRITE(6)': (
"0x%(length)02x blocks at 0x%(lba)04x",
lambda: (
Struct.UInt8('lun'), # FIXME: lun is actually a bitfield
Struct.UInt16BE('lba'),
Struct.UInt8('length'),
Struct.UInt8('control'))),
'WRITE(10)': (
"0x%(length)04x blocks at 0x%(lba)08x",
lambda: (
Struct.UInt8('lun'), # FIXME: lun is actually a bitfield
Struct.UInt32BE('lba'),
Struct.UInt8('reserved_1'),
Struct.UInt16BE('length'),
Struct.UInt8('control'))),
}
def __init__(self, cdb):
self.header = Struct.Group(None, Struct.UInt8("opcode"))
params = self.header.decode(cdb)
self.name = self._opcodes[self.header.opcode]
if self.name in self._structs:
fmt, children = self._structs[self.name]
self.params = Struct.Group(None, *children())
self.params.decode(params)
self.summary = fmt % self.params.__dict__
else:
self.params = None
self.summary = ''
def __str__(self):
return "%s %s" % (self.name, self.summary)