Skip to content

Commit

Permalink
Merge pull request RogueMaster#57 from Ganapati/dev
Browse files Browse the repository at this point in the history
Add SubGhz Fuzzer
  • Loading branch information
xMasterX authored Sep 8, 2022
2 parents 6decd6f + 18891ad commit 7de9c95
Show file tree
Hide file tree
Showing 21 changed files with 1,534 additions and 7 deletions.
2 changes: 1 addition & 1 deletion applications/flipfrid/application.fam
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ App(
cdefines=["APP_FLIP_FRID"],
requires=["gui"],
stack_size=1 * 1024,
order=29,
order=13,
)
12 changes: 7 additions & 5 deletions applications/flipfrid/scene/flipfrid_scene_run_attack.c
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#include "flipfrid_scene_run_attack.h"
#include <gui/elements.h>

uint8_t counter = 0;
#define TIME_BETWEEN_CARDS 5
Expand Down Expand Up @@ -182,7 +183,7 @@ void flipfrid_scene_run_attack_on_draw(Canvas* canvas, FlipFridState* context) {
canvas_set_color(canvas, ColorBlack);

// Frame
canvas_draw_frame(canvas, 0, 0, 128, 64);
//canvas_draw_frame(canvas, 0, 0, 128, 64);

// Title
canvas_set_font(canvas, FontPrimary);
Expand All @@ -202,11 +203,12 @@ void flipfrid_scene_run_attack_on_draw(Canvas* canvas, FlipFridState* context) {
canvas_draw_str_aligned(canvas, 64, 24, AlignCenter, AlignTop, uid);

canvas_set_font(canvas, FontSecondary);
char start_stop_msg[20];
//char start_stop_msg[20];
if(context->is_attacking) {
snprintf(start_stop_msg, sizeof(start_stop_msg), " Press OK to stop ");
elements_button_center(canvas, "Stop");
//snprintf(start_stop_msg, sizeof(start_stop_msg), " Press OK to stop ");
} else {
snprintf(start_stop_msg, sizeof(start_stop_msg), " Press OK to start ");
elements_button_center(canvas, "Start");
}
canvas_draw_str_aligned(canvas, 64, 44, AlignCenter, AlignTop, start_stop_msg);
//canvas_draw_str_aligned(canvas, 64, 44, AlignCenter, AlignTop, start_stop_msg);
}
2 changes: 1 addition & 1 deletion applications/flipfrid/scene/flipfrid_scene_select_field.c
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ void flipfrid_scene_select_field_on_draw(Canvas* canvas, FlipFridState* context)
canvas_set_color(canvas, ColorBlack);

// Frame
canvas_draw_frame(canvas, 0, 0, 128, 64);
//canvas_draw_frame(canvas, 0, 0, 128, 64);

// Title
canvas_set_font(canvas, FontPrimary);
Expand Down
1 change: 1 addition & 0 deletions applications/meta/application.fam
Original file line number Diff line number Diff line change
Expand Up @@ -78,5 +78,6 @@ App(
"wifi_scanner",
"multi_converter",
"flipfrid",
"subbrute",
],
)
8 changes: 8 additions & 0 deletions applications/subbrute/LICENSE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
/*
* ----------------------------------------------------------------------------
* "THE BEER-WARE LICENSE" (Revision 42):
* @G4N4P4T1 wrote this file. As long as you retain this notice you
* can do whatever you want with this stuff. If we meet some day, and you think
* this stuff is worth it, you can buy me a beer in return.
* ----------------------------------------------------------------------------
*/
4 changes: 4 additions & 0 deletions applications/subbrute/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# FlipFrid

SubGhz Fuzzer
select your base message, the field to fuzz and let's get fuzzy !
10 changes: 10 additions & 0 deletions applications/subbrute/application.fam
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
App(
appid="subbrute",
name="SubGHz Bruteforcer",
apptype=FlipperAppType.PLUGIN,
entry_point="subbrute_start",
cdefines=["APP_SUB_BRUTE"],
requires=["gui","dialogs"],
stack_size=2 * 1024,
order=11,
)
198 changes: 198 additions & 0 deletions applications/subbrute/scene/subbrute_scene_entrypoint.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,198 @@
#include "subbrute_scene_entrypoint.h"
#include "../subbrute_utils.h"

string_t subbrute_menu_items[9];

void subbrute_scene_entrypoint_menu_callback(SubBruteState* context, uint32_t index) {
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");
string_set_str(context->protocol, "RAW");
context->repeat = 5;
context->te = 0;
context->attack = index;
switch(index) {
case SubBruteAttackLoadFile:
context->current_scene = SceneSelectFile;
break;
case SubBruteAttackCAME12bit433:
context->frequency = 433920000;
context->bit = 12;
string_set_str(context->protocol, "CAME");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");
if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
case SubBruteAttackCAME12bit868:
context->frequency = 868350000;
context->bit = 12;
string_set_str(context->protocol, "CAME");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");
if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
case SubBruteAttackChamberlain9bit315:
context->frequency = 315000000;
context->bit = 9;
string_set_str(context->protocol, "Cham_Code");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");

if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
case SubBruteAttackChamberlain9bit390:
context->frequency = 390000000;
context->bit = 9;
string_set_str(context->protocol, "Cham_Code");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");

if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
case SubBruteAttackLinear10bit300:
context->frequency = 300000000;
context->bit = 10;
string_set_str(context->protocol, "Linear");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");
if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
case SubBruteAttackLinear10bit310:
context->frequency = 310000000;
context->bit = 10;
string_set_str(context->protocol, "Linear");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");
if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
case SubBruteAttackNICE12bit433:
context->frequency = 433920000;
context->bit = 12;
string_set_str(context->protocol, "Nice FLO");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");
if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
case SubBruteAttackNICE12bit868:
context->frequency = 868350000;
context->bit = 12;
string_set_str(context->protocol, "Nice FLO");
string_set_str(context->preset, "FuriHalSubGhzPresetOok650Async");
if(!subbrute_is_frequency_allowed(context)) {
return;
}
context->current_scene = SceneAttack;
break;
default:
break;
}
}

void subbrute_scene_entrypoint_on_enter(SubBruteState* context) {
// Clear the previous payload
context->menu_index = 0;
for(uint32_t i = 0; i < 9; i++) {
string_init(subbrute_menu_items[i]);
}

string_set(subbrute_menu_items[0], "BF existing dump");
string_set(subbrute_menu_items[1], "CAME 12bit 433mhz");
string_set(subbrute_menu_items[2], "CAME 12bit 868mhz");
string_set(subbrute_menu_items[3], "Chamberlain 9bit 315mhz");
string_set(subbrute_menu_items[4], "Chamberlain 9bit 390mhz");
string_set(subbrute_menu_items[5], "Linear 10bit 300mhz");
string_set(subbrute_menu_items[6], "Linear 10bit 310mhz");
string_set(subbrute_menu_items[7], "NICE 12bit 433mhz");
string_set(subbrute_menu_items[8], "NICE 12bit 868mhz");
}

void subbrute_scene_entrypoint_on_exit(SubBruteState* context) {
UNUSED(context);
for(uint32_t i = 0; i < 9; i++) {
string_clear(subbrute_menu_items[i]);
}
}

void subbrute_scene_entrypoint_on_tick(SubBruteState* context) {
UNUSED(context);
}

void subbrute_scene_entrypoint_on_event(SubBruteEvent event, SubBruteState* context) {
if(event.evt_type == EventTypeKey) {
if(event.input_type == InputTypeShort) {
switch(event.key) {
case InputKeyDown:
if(context->menu_index < SubBruteAttackNICE12bit868) {
context->menu_index++;
}
break;
case InputKeyUp:
if(context->menu_index > SubBruteAttackLoadFile) {
context->menu_index--;
}
break;
case InputKeyLeft:
case InputKeyRight:
break;
case InputKeyOk:
subbrute_scene_entrypoint_menu_callback(context, context->menu_index);
break;
case InputKeyBack:
context->is_running = false;
break;
}
}
}
}

void subbrute_scene_entrypoint_on_draw(Canvas* canvas, SubBruteState* context) {
canvas_clear(canvas);
canvas_set_color(canvas, ColorBlack);

// Title
canvas_set_font(canvas, FontPrimary);
canvas_draw_str_aligned(canvas, 64, 6, AlignCenter, AlignTop, "SubGHz Fuzzer");

if(context->menu_index > SubBruteAttackLoadFile) {
canvas_set_font(canvas, FontSecondary);
canvas_draw_str_aligned(
canvas,
64,
24,
AlignCenter,
AlignTop,
string_get_cstr(subbrute_menu_items[context->menu_index - 1]));
}

canvas_set_font(canvas, FontPrimary);
canvas_draw_str_aligned(
canvas,
64,
36,
AlignCenter,
AlignTop,
string_get_cstr(subbrute_menu_items[context->menu_index]));

if(context->menu_index < SubBruteAttackNICE12bit868) {
canvas_set_font(canvas, FontSecondary);
canvas_draw_str_aligned(
canvas,
64,
48,
AlignCenter,
AlignTop,
string_get_cstr(subbrute_menu_items[context->menu_index + 1]));
}
}
8 changes: 8 additions & 0 deletions applications/subbrute/scene/subbrute_scene_entrypoint.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#pragma once
#include "../subbrute.h"

void subbrute_scene_entrypoint_on_enter(SubBruteState* context);
void subbrute_scene_entrypoint_on_exit(SubBruteState* context);
void subbrute_scene_entrypoint_on_tick(SubBruteState* context);
void subbrute_scene_entrypoint_on_event(SubBruteEvent event, SubBruteState* context);
void subbrute_scene_entrypoint_on_draw(Canvas* canvas, SubBruteState* context);
Loading

0 comments on commit 7de9c95

Please sign in to comment.