def execute(self): """Execute the test.""" TLog.generic( "Fuzzing the value ({}), iterations ({}) for handle ({}) on BLE device ({})" .format(self.args.value, self.args.iter, hex(self.args.handle), self.args.addr)) try: device = BlePeripheral() device.connect( self.args.addr, addrType=(Ble.ADDR_TYPE_RANDOM if self.args.randaddrtype else Ble.ADDR_TYPE_PUBLIC), ) for _ in range(self.args.iter): value = self.args.value while value.find("xx") >= 0: value = value.replace( "xx", "{:02x}".format(randint(0, 0xFF)), 1 # nosec ) TLog.trydo("Writing the fuzzed value ({})".format(value)) device.writeCharacteristic( self.args.handle, bytes.fromhex(value), withResponse=(not self.args.noresponse), ) except: # noqa: E722 self.result.exception() finally: device.disconnect()
def execute(self): """Execute the test.""" TLog.generic( "Fuzz Writing to CANbus on interface({}), arbitration id(0x{:x}), " "extended?({}) data({})".format(self.args.iface, self.args.arbitid, self.args.exid, self.args.data)) bus = None try: if self.args.count < 1: raise ValueError("Illegal count value {}".format( self.args.count)) if self.args.wait < 0: raise ValueError("Illegal wait value {}".format( self.args.wait)) bus = CanBus(bustype="socketcan", channel=self.args.iface) for count in range(self.args.count): datacan = self.args.data while datacan.find("xx") >= 0: datacan = datacan.replace("xx", "{:02x}".format( randint(0, 0xFF)), 1) # main fuzzing magic with randint message = CanMessage(arbitration_id=self.args.arbitid, extended_id=self.args.exid, data=list(bytes.fromhex(datacan))) bus.send(message) TLog.success("{} : Wrote message {} ".format(count, datacan)) if self.args.wait > 0: sleep(self.args.wait) except BaseException: self.result.exception() finally: if bus: bus.shutdown()
def execute(self): """Execute the test.""" TLog.generic( "Reading from Notify handle ({}) on BLE device ({})".format( hex(self.args.handle), self.args.addr) ) timer = Timer(self.args.timeout) ndelegate = BleNotifyDelegate(self.notifycb) device = BlePeripheral() try: device.connect( self.args.addr, addrType=( ADDR_TYPE_RANDOM if self.args.randaddrtype else ADDR_TYPE_PUBLIC ), ) TLog.generic("Enabling Notify on the handle") device.enable_notify(ndelegate, self.args.handle, write_response=True) while not timer.is_timeout(): device.waitForNotifications(1) ncount = ndelegate.count() if ncount > 0: self.output_handler(msg="Total notification data received {}".format(ncount), logkwargs=LOGNO, ndata=ncount) else: self.result.setstatus(passed=False, reason="No notification data received from BLE peripheral") except: # noqa: E722 self.result.exception() finally: device.disconnect()
def execute(self): """Execute the test.""" TLog.generic( "Reading ({}) messages from CANbus on interface({})".format( self.args.count, self.args.iface)) bus = None try: if self.args.count < 1: raise ValueError("Illegal count value {}".format( self.args.count)) bus = CanBus(bustype="socketcan", channel=self.args.iface) for cnt in range(1, self.args.count + 1): message = bus.recv(timeout=self.args.timeout) if message is None: raise TimeoutError( "Timed out while waiting for CAN message") if self.args.arbitid: if self.args.arbitid == message.arbitration_id: self.output_handler(logkwargs=LOGNORMAL, count=cnt, data=hexlify( message.data).decode()) else: self.output_handler(logkwargs=LOGNORMAL, count=cnt, arbitration_id="0x{:x}".format( message.arbitration_id), data=hexlify(message.data).decode()) except: # noqa: E722 self.result.exception() finally: if bus: bus.shutdown()
def execute(self): """Execute the test.""" dst_pan = None send_packet = False pcap_reader = None radio = None # Get Destination PAN address if self.args.pan: dst_pan = self.args.pan delay_sec = self.args.delay / 1000 TLog.generic("{:<13}: ({})".format("Channel", self.args.channel)) TLog.generic("{:<13}: ({})".format("File", self.args.pcapfile)) TLog.generic("{:<13}: ({})".format("Delay (seconds)", delay_sec)) if dst_pan: TLog.generic("{:<15}: ({})".format("Destination PAN", hex(dst_pan))) TLog.generic("") try: radio = Dot154Radio() pcap_reader = PcapDumpReader(self.args.pcapfile) radio.radio_on() radio.set_channel(self.args.channel) while True: packet = pcap_reader.read_next_packet() if packet: if not dst_pan and not is_ack_packet(packet): send_packet = True elif dst_pan and dst_pan == get_dst_pan_from_packet( packet): send_packet = True if send_packet: radio.inject_raw_packet(packet[0:-2]) send_packet = False time.sleep(delay_sec) else: break except: # noqa: E722 self.result.setstatus(passed=False, reason="Exception caught: {}".format( sysexcinfo())) finally: # Close file handler if pcap_reader: pcap_reader.close() # Turn OFF radio and exit if radio: self.output_handler( packets_received=radio.get_received_packets(), packets_transmitted=radio.get_transmitted_packets()) radio.radio_off()
def execute(self): """Execute the test.""" TLog.generic( "Reading from handle ({}) on BLE device ({})".format( hex(self.args.handle), self.args.addr ) ) device = BlePeripheral() try: device.connect( self.args.addr, addrType=( ADDR_TYPE_RANDOM if self.args.randaddrtype else ADDR_TYPE_PUBLIC ), ) TLog.success( " (value={})".format( device.readCharacteristic( self.args.handle))) except: # noqa: E722 self.result.exception() finally: device.disconnect()
def scan(self): """ Scan for BLE devices in the proximity. :return: """ TLog.generic("Scanning BLE devices for {} second(s)".format( self.args.timeout)) try: devices = Ble.scan(iface=self.args.iface, tout=self.args.timeout) for device in devices: self.found = True TLog.success("(name={})(address={})".format( device.getValueText(Ble.ADTYPE_NAME) or "Unknown", device.addr)) if self.args.verbose is True: TLog.success(" (rssi={}dB)".format(device.rssi)) TLog.success(" (connectable={})".format( device.connectable)) for scan_data in device.getScanData(): TLog.success(" ({}={})".format( scan_data[1], scan_data[2])) except: # noqa: E722 self.reason = "Exception caught: {}".format(sysexcinfo()) if self.found is False and self.reason is None: self.reason = "No BLE devices found"
def execute(self): """Execute the test.""" TLog.generic( "Writing the value ({}) to handle ({}) on BLE device ({})".format( self.args.value, hex(self.args.handle), self.args.addr ) ) device = BlePeripheral() try: device.connect( self.args.addr, addrType=( ADDR_TYPE_RANDOM if self.args.randaddrtype else ADDR_TYPE_PUBLIC ), ) device.writeCharacteristic( self.args.handle, bytes.fromhex(self.args.value), withResponse=(not self.args.noresponse), ) except: # noqa: E722 self.result.exception() finally: device.disconnect()
def send_receive(self, ip_addr, port, message): """ Send and then receive encrypted data to/from the smart plug. Args: ip_addr(str): The IP address of the smartplug port(int): Port number of the listening service message(str): The plaintext message Returns: bytes: The response received from the smart plug """ response = None sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) try: sock.connect((ip_addr, port)) sock.settimeout(20) sock.send(self.encrypt_decrypt(message)) response = sock.recv(1024) response = self.encrypt_decrypt(response, encrypt=False) except: # noqa: E722 TLog.fail("Couldn't receive/decrypt response.") raise finally: sock.close() return response
def execute(self): """Execute tht test.""" TLog.generic( "Writing to CANbus on interface({}), arbitration id(0x{:x}), " "extended?({}) data({})".format(self.args.iface, self.args.arbitid, self.args.exid, self.args.data)) bus = None try: if self.args.count < 1: raise ValueError("Illegal count value {}".format( self.args.count)) bus = CanBus(bustype="socketcan", channel=self.args.iface) message = CanMessage( arbitration_id=self.args.arbitid, extended_id=self.args.exid, data=list(bytes.fromhex(self.args.data)), ) for count in range(1, self.args.count + 1): bus.send(message) TLog.success("Wrote message {}".format(count)) if self.args.wait and count < self.args.count: sleep(self.args.wait) except: # noqa: E722 self.result.exception() finally: if bus: bus.shutdown()
def execute(self): """Execute the test.""" TLog.generic( "Connecting to the the serial port ({}) timeout ({})".format( self.args.port, self.args.timeout)) TLog.generic("Scanning for baud rates: {}".format(self.args.bauds)) reason = "No good baud rate found" best = {"baud_rate": 0, "percentage_ascii": 0} try: for baud in self.args.bauds.split(","): percentage_ascii = self.check_baud(int(baud)) if percentage_ascii == 100: TLog.success("Found correct baud rate: {}".format(baud)) return if percentage_ascii > best["percentage_ascii"]: best["percentage_ascii"] = percentage_ascii best["baud_rate"] = int(baud) if best["percentage_ascii"] > 90: TLog.success( "Found good baud rate {} with {}% ASCII data".format( best["baud_rate"], best["percentage_ascii"])) return TLog.generic( "Baud rate {} has max. ASCII percentage of {} %".format( best["baud_rate"], best["percentage_ascii"])) except: # noqa: E722 reason = "Exception caught: {}".format(sysexcinfo()) self.result.setstatus(passed=False, reason=reason)
def main(cls): """ Run a single command given on the command line or run the main command loop of the console if no command line arguments given. :return: """ TLog.init() parser = argparse.ArgumentParser( description="Expliot - Internet Of Things Security Testing and " "Exploitation Framework Command Line Interface.") parser.add_argument( "cmd", nargs="?", help="Command to execute. If no command is given, it enters an " "interactive console. To see the list of available commands " "use the help command", ) parser.add_argument( "cmd_args", nargs=argparse.REMAINDER, help="Sub-command and/or (optional) arguments", ) args = parser.parse_args() if args.cmd: # Execute a single command and exit cls.cli.onecmd_plus_hooks("{} {}".format(args.cmd, " ".join(args.cmd_args))) else: # No command line argument specified, drop into interactive mode cls.cli.cmdloop()
def execute(self): """Execute the mDNS discovery.""" service_names = list(MDNS_SERVICE_TYPES) if self.args.list: self.output_handler(supported_device_types=service_names) return TLog.generic("Search local network for mDNS enabled devices") if self.args.device: if self.args.device not in service_names: self.result.setstatus(passed=False, reason="Unknown device type specified") return service_names = [self.args.device] cnt = 0 for name in service_names: if self.args.verbose: TLog.trydo("Looking for {} devices".format(name)) details = MdnsDiscovery(name, scan_timeout=self.args.timeout) details.scan() for device in details.devices: cnt += 1 self.output_handler(device_number=cnt, name=device.name, address=device.address, port=device.port, server=device.server, type=device.type, priority=device.priority, weight=device.weight, properties=device.properties) self.output_handler(total_devices_discovered=cnt)
def execute(self): """Execute the test.""" sock_tcp = None try: # Step 1 : Connect to socket host:port sock_tcp = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock_tcp.connect((self.args.rhost, self.args.rport)) # Step 2 : Send encrypted data and save response data = crypto.encrypt(self.args.data) sock_tcp.settimeout(10.0) sock_tcp.send(data) data_tp = sock_tcp.recv(2048) # Step 3 : Check for Empty or no response if not data_tp: self.result.setstatus(passed=False, reason="Empty or no response received") else: # Step 4 : Convert bytes array to hex string data_tp = "".join(map(chr, list(data_tp))) data_tp = [hex(ord(b))[2:] for b in list(data_tp)] data_tp = [i if len(i) == 2 else "0" + i for i in data_tp] data_tp = "".join(data_tp) # Step 5 : Decrypt the hex string decrypted = crypto.decrypt(data_tp) self.output_handler(response_raw=data_tp, response_decrypted=decrypted) jsondata = json.loads(decrypted) # Step 6 : Check for reason of failture if jsondata.get("system") and \ jsondata.get("system").get("err_msg"): reason = jsondata.get("system").get("err_msg") self.result.setstatus(passed=False, reason=reason) elif jsondata.get("system") and \ not jsondata.get("system").get("err_msg") and \ jsondata.get("system").get("set_relay_state") and \ jsondata.get("system").get("set_relay_state").get("err_msg"): reason = jsondata.get("system").get("set_relay_state").get("err_msg") self.result.setstatus(passed=False, reason=reason) elif jsondata.get("system") and \ not jsondata.get("system").get("err_msg") and \ jsondata.get("system").get("set_relay_state") and \ not jsondata.get("system").get("set_relay_state").get("err_msg"): TLog.success("Json data successfully received by the device.") else: self.result.setstatus(passed=False, reason="Invalid Response") except socket.timeout: self.result.setstatus(passed=False, reason="Connection timed out") except socket.error: self.result.setstatus( passed=False, reason="Could not connect to host {}:{}".format( self.args.rhost, str(self.args.rport) ) ) finally: if sock_tcp: sock_tcp.close()
def subcb(cls, client, userdata, message): """ A callback method that is called when the thing receives a message on the subscribed topic from an AWS IoT endpoint. """ TLog.success("(topic={})(payload={})".format(message.topic, message.payload))
def notifycb(handle, data): """Notification data read callback. Args: handle (int): The handle of the characteristic whose data is received. data (bytes): The data that is received from the BLE device. Returns: Nothing """ TLog.success(data.hex())
def execute(self): """Execute the test.""" modbus_client = ModbusTcpClient(self.args.rhost, port=self.args.rport) try: if self.args.item < 0 or self.args.item >= len(WRITE_ITEMS): raise AttributeError( "Unknown --item specified ({})".format(self.args.item) ) if self.args.count < 1: raise AttributeError( "Invalid --count specified ({})".format(self.args.count) ) TLog.generic( "Sending write command to Modbus Server ({}) on port ({})".format( self.args.rhost, self.args.rport ) ) TLog.generic( "(item={})(address={})(count={})(unit={})".format( WRITE_ITEMS[self.args.item], self.args.address, self.args.count, self.args.unit, ) ) modbus_client.connect() if self.args.item == COIL: value = bool(self.args.value != 0) TLog.trydo("Writing value(s): {}".format(value)) response = modbus_client.write_coils( self.args.address, [value] * self.args.count, unit=self.args.unit ) if response.isError() is True: raise Exception(str(response)) elif self.args.item == REG: TLog.trydo("Writing value(s): {}".format(self.args.value)) response = modbus_client.write_registers( self.args.address, [self.args.value] * self.args.count, unit=self.args.unit, ) if response.isError() is True: raise Exception(str(response)) else: raise AttributeError( "Unknown --item specified ({})".format(self.args.item) ) TLog.success("Values successfully written") except: # noqa: E722 self.result.exception() finally: modbus_client.close()
def execute(self): """Execute the test.""" TLog.generic("Sending unauthorized command ({}) to Kankun smart " "plug on ({}) port ({})".format(self.args.cmd, self.args.rhost, self.args.rport)) if self.args.cmd.lower() == "on": operation = "open" elif self.args.cmd.lower() == "off": operation = "close" else: self.result.setstatus(passed=False, reason="Unknown --cmd ({})".format( self.args.cmd)) return message = self.create_message(operation) # Step 1: Send command and receive the confirmation ID response response = self.send_receive(self.args.rhost, self.args.rport, message) if response is None: self.result.setstatus( passed=False, reason="Communication error while sending message({})".format( message), ) return # Get the confirmation ID cid = self.get_confirm_id(response) if cid is None: self.result.setstatus( passed=False, reason="Couldn't extract confirmation ID from ({})".format( response), ) return self.output_handler(command=message, response=response, received_confirmation_id=cid) message = self.create_message("confirm", cid) # Step 2: Send confirmation command with the confirmation ID and receive ACK response response = self.send_receive(self.args.rhost, self.args.rport, message) if response is None: self.result.setstatus( passed=False, reason="Communication error while sending message({})".format( message), ) return self.output_handler(command2=message, response2=response)
def execute(self): """ Execute the plugin. Enumerate the services and/or characteristics of the specified BLE device. Returns: Nothing """ # Documentation is wrong, the first keyword argument is deviceAddr instead of # deviceAddress. http://ianharvey.github.io/bluepy-doc/ if self.args.services is False and self.args.chars is False: reason = "Incomplete args. Enumerate what? Either or both - services, chars" self.result.setstatus(passed=False, reason=reason) return TLog.generic( "Enumerating services/characteristics of the device {}".format( self.args.addr ) ) device = BlePeripheral() try: device.connect( self.args.addr, addrType=( ADDR_TYPE_RANDOM if self.args.randaddrtype else ADDR_TYPE_PUBLIC ), ) if self.args.services is True: services = device.getServices() for service in services: self.output_handler(service_uuid=str(service.uuid), service_uuid_name=service.uuid.getCommonName(), handle_start=hex(service.hndStart), handle_end=hex(service.hndEnd)) if self.args.chars is True: chars = device.getCharacteristics() for char in chars: chardict = {"char_uuid": str(char.uuid), "char_uuid_name": char.uuid.getCommonName(), "handle": hex(char.getHandle()), "supported_properties": char.propertiesToString()} if char.supportsRead(): chardict["readvalue"] = char.read() self.output_handler(**chardict) except: # noqa: E722 self.result.setstatus(passed=False, reason="Exception caught: {}".format(sysexcinfo())) finally: device.disconnect()
def execute(self): """Execute the test.""" TLog.generic("Sending GET request to CoRE discovery URI Path ({}) " "to CoAP Server {} on port {}".format( WKRPATH, self.args.rhost, self.args.rport)) try: scanner = CoapDiscovery(self.args.rhost, port=self.args.rport) scanner.scan() resources = scanner.services() for resource in resources: self.output_handler(**resource) self.output_handler(total_resources=len(resources)) except: # noqa: E722 self.result.exception()
def execute(self): """Execute the test.""" count = self.args.count timeout = self.args.timeout packetcount = 0 pcap_writer = None radio = None TLog.generic("{:<13}: ({})".format("Channel", self.args.channel)) TLog.generic("{:<13}: ({})".format("File", self.args.filepath)) TLog.generic("{:<13}: ({})".format("Count", count)) TLog.generic("{:<13}: ({})".format("Time-Out", timeout)) try: # Get the Sniffer interface driver radio = Dot154Radio() # Create pcap file to dump the packet pcap_writer = PcapDumper(PCAP_DLT_IEEE802_15_4, self.args.filepath) # Turn ON radio sniffer radio.sniffer_on(self.args.channel) # kick start timer, if user set some timeout if timeout != 0: # Create Timer for timeout check timer = Timer() timer.timeout = timeout while True: packet = radio.read_raw_packet() if packet is not None: packetcount += 1 pcap_frame = PcapFrame(packet) pcap_writer.write_to_pcapfile(pcap_frame.get_pcap_frame()) if timeout != 0: if timer.is_timeout(): break if packetcount == count: break except: # noqa: E722 self.result.setstatus(passed=False, reason="Exception caught: {}".format( sysexcinfo())) finally: # Close file handler if pcap_writer: pcap_writer.close() # Turn OFF radio sniffer and exit if radio: # Execution Done self.output_handler( packets_received=radio.get_received_packets()) radio.sniffer_off()
def execute(self): """Execute the test.""" TLog.success("nmap arguments = ({})".format(self.args.args)) try: nmp = Nmap() out, err = nmp.run_xmltodict_output(self.args.args, timeout=self.args.timeout or None) if err: self.result.setstatus(passed=False, reason=err) else: self.output_handler(**out) except: # noqa: E722 self.result.exception()
def execute(self): """Execute the plugin.""" TLog.generic( "Subscribing to topic ({}) on AWS IoT endpoint ({}) on port ({})". format(self.args.topic, self.args.rhost, self.args.rport)) if not self.args.websocket: # As of Christmas eve 2019, only two connection types are available # 1. TLSv1.2 Mutual Authentication # - X.509 certificate-based secured MQTT connection to AWS IoT # 2. Websocket SigV4 # - IAM credential-based secured MQTT connection over Websocket # to AWS IoT # Source: https://s3.amazonaws.com/aws-iot-device-sdk-python-docs/html/index.html if not self.args.privatekey: raise FileNotFoundError("Thing Private Key file not specified") if not self.args.cert: raise FileNotFoundError("Thing Certificate file not specified") thing = None timer = Timer(self.args.timeout) try: thing = AwsMqttClient(self.args.id, useWebsocket=self.args.websocket) thing.easy_config( host=self.args.rhost, port=self.args.rport, use_websocket=self.args.websocket, rootca=self.args.rootca, privatekey=self.args.privatekey, cert=self.args.cert, user=self.args.user, passwd=self.args.passwd, timeout=self.args.timeout, ) if self.args.user and self.args.passwd: TLog.trydo( "Using authentication (username={})(password={})".format( self.args.user, self.args.passwd)) thing.connect() thing.subscribe(self.args.topic, 1, self.subcb) while not timer.is_timeout(): sleep(1) except: # noqa: E722 self.result.exception() finally: if thing: thing.easy_disconnect()
def check_baud(self, baud): """ Scan a serial connection for ASCII data with a given baud rate. :param baud: The baud rate to use for the serial connection :return: Percentage of ASCII characters present in the received data """ sock = None output = { "baud": baud, "ascii_percent": -1, "received_data": None, "ascii_data": None, "status": None, "exception": None } TLog.trydo("Checking baud rate: {}".format(baud)) try: sock = Serial(self.args.port, baud, timeout=self.args.timeout) output["received_data"] = sock.read(self.args.count) sock.flush() output["ascii_data"] = "".join([ chr(entry) for entry in output["received_data"] if chr(entry) in string.printable ]) received_length = len(output["received_data"]) ascii_length = len(output["ascii_data"]) if received_length == 0: output["status"] = "No data received" TLog.fail("\t{}".format(output["status"])) else: output["status"] = "Data received" output["ascii_percent"] = round( ascii_length / received_length * 100, 2) if self.args.verbose: TLog.success("\tdata: {}, ASCII: {}".format( output["received_data"], output["ascii_data"])) TLog.success("\tASCII ratio: {}/{}, {} %".format( ascii_length, received_length, output["ascii_percent"])) except: # noqa: E722 output["exception"] = sysexcinfo() TLog.fail("\tError: {}".format(output["exception"])) finally: if sock: sock.close() self.output_handler(logkwargs=LOGNO, **output) return output["ascii_percent"]
def execute(self): """Execute the test.""" TLog.generic("Sending GET request for URI Path ({}) " "to CoAP Server {} on port {}".format( self.args.path, self.args.rhost, self.args.rport)) try: client = CoapClient(self.args.rhost, port=self.args.rport) response = client.get(path=self.args.path) if not response.code.is_successful(): self.result.setstatus(passed=False, reason="Error Response: {}".format( CoapClient.response_dict(response))) return self.output_handler(response_code=int(response.code), response_code_str=str(response.code), response_payload=response.payload) except: # noqa: E722 self.result.exception()
def execute(self): TLog.generic( "Writing data to i2c eeprom at address({}) using device({})". format(self.args.addr, self.args.url)) d = None f = None try: stime = None etime = None data = None saddr = self.args.addr if self.args.rfile: TLog.trydo("Reading data from the file ({})".format( self.args.rfile)) f = open(self.args.rfile, "r+b") data = f.read() f.close() elif self.args.data: data = bytes.fromhex(self.args.data) else: raise AttributeError( "Specify either --data or --rfile (but not both)") d = I2cEepromManager.get_flash_device(self.args.url, self.args.chip, address=self.slaveaddr) TLog.success("(chip size={} bytes)".format(len(d))) ln = len(data) TLog.trydo("Writing {} byte(s) at start address {}".format( ln, saddr)) if self.args.addr + ln > len(d): raise IndexError("Length is out of range of the chip size") stime = time() d.write(saddr, data) etime = time() TLog.success( "wrote {} byte(s) of data from address {}. Time taken {} secs". format(len(data), saddr, round(etime - stime, 2))) except: self.result.exception() finally: I2cEepromManager.close(d)
def on_msg(client, userdata, message): """ Custom on_message callback for MqttClient. It just logs the topic and the message received. Args: client (MqttClient) - The MQTT client object. This is not used as it is the same as self. userdata (caller defined): Callback specific data passed in __init__(). This is not used as we use self members to pass information. message (MQTTMessage): Contains topic, payload, qos, retain for the message received from the broker. Returns: Nothing. """ TLog.success("(topic={})(payload={})".format(message.topic, message.payload))
def execute(self): c = ModbusTcpClient(self.args.rhost, port=self.args.rport) try: # Check what to write to i.e. coils, registers etc if self.args.item < 0 or self.args.item >= len(self.ITEMS): raise AttributeError("Unknown --item specified ({})".format( self.args.item)) if self.args.count < 1: raise AttributeError("Invalid --count specified ({})".format( self.args.count)) TLog.generic( "Sending write command to Modbus Server ({}) on port ({})". format(self.args.rhost, self.args.rport)) TLog.generic("(item={})(address={})(count={})(unit={})".format( self.ITEMS[self.args.item], self.args.address, self.args.count, self.args.unit)) c.connect() if self.args.item == self.COIL: val = True if self.args.value != 0 else False TLog.trydo("Writing value(s) ({})".format(val)) # below r = class pymodbus.bit_write_message.WriteMultipleCoilsResponse r = c.write_coils(self.args.address, [val] * self.args.count, unit=self.args.unit) if r.isError() == True: raise Exception(str(r)) elif self.args.item == self.REG: TLog.trydo("Writing value(s) ({})".format(self.args.value)) # below r = class pymodbus.register_write_message.WriteMultipleRegistersResponse r = c.write_registers(self.args.address, [self.args.value] * self.args.count, unit=self.args.unit) if r.isError() == True: raise Exception(str(r)) else: raise AttributeError("Unknown --item specified ({})".format( self.args.item)) TLog.success("Values successfully written") except: self.result.exception() finally: c.close()
def unlock(self, mac): """ Unlock the specified Tapplock. :param mac: The BLE address of the Tapplock :return: """ device = BlePeripheral() try: TLog.trydo("Unlocking Tapplock ({})".format(mac)) # Get key1 and serial pairing_data = None if self.args.default is False: remote_mac = ":".join(mac.upper().split(":")[::-1]) md5_hash = md5(remote_mac.encode()).hexdigest() # nosec key1 = md5_hash[0:8] serial = md5_hash[16:24] TLog.generic("(Calculated hash={})(key1={})(serial={})".format( md5_hash, key1, serial)) pairing_data = self.PAIRPREXIX + key1 + serial else: TLog.generic("(default key1={})(default serial={})".format( self.DEFKEY, self.DEFSERIAL)) pairing_data = self.DEFPAIR # Calculate the checksum checksum = 0 for byte in bytes.fromhex(pairing_data): checksum = checksum + (byte % 255) checksum_string = "{:04x}".format(checksum) # Create the pairing data pairing_data = pairing_data + checksum_string[ 2:4] + checksum_string[0:2] device.connect(mac, addrType=ADDR_TYPE_RANDOM) TLog.trydo("Sending pair data({})".format(pairing_data)) device.writeCharacteristic(self.UNLOCKHNDL, bytes.fromhex(pairing_data)) TLog.trydo("Sending unlock command({})".format(self.UNLOCKCMD)) device.writeCharacteristic(self.UNLOCKHNDL, bytes.fromhex(self.UNLOCKCMD)) finally: device.disconnect()
def execute(self): """Execute the test.""" TLog.generic( "Writing data to i2c eeprom at address({}) using device({})". format(self.args.addr, self.args.url)) device = None try: start_address = self.args.addr if self.args.rfile: TLog.trydo("Reading data from the file ({})".format( self.args.rfile)) input_file = open(self.args.rfile, "r+b") data = input_file.read() input_file.close() elif self.args.data: data = bytes.fromhex(self.args.data) else: raise AttributeError( "Specify either --data or --rfile (but not both)") device = I2cEepromManager.get_flash_device(self.args.url, self.args.chip, address=self.slaveaddr) TLog.success("(chip size={} bytes)".format(len(device))) length_data = len(data) TLog.trydo("Writing {} byte(s) at start address {}".format( length_data, start_address)) if self.args.addr + length_data > len(device): raise IndexError("Length is out of range of the chip size") start_time = time() device.write(start_address, data) end_time = time() TLog.success( "wrote {} byte(s) of data from address {}. Time taken {} secs". format(len(data), start_address, round(end_time - start_time, 2))) except: # noqa: E722 self.result.exception() finally: I2cEepromManager.close(device)