Crash_Override/esp32_bluetooth_classic_sniffer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
esp32_bluetooth_classic_sni.../libs/scapy/contrib/homepluggp.py

243 lines
10 KiB
Python
Raw Normal View History

initial commit todo: add documentation & wireshark dissector
2021-08-31 11:51:03 +00:00
#! /usr/bin/env python
# This file is part of Scapy
# Scapy is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# any later version.
#
# Scapy is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Scapy. If not, see <http://www.gnu.org/licenses/>.
# scapy.contrib.description = HomePlugGP Layer
# scapy.contrib.status = loads
from __future__ import absolute_import
from scapy.packet import Packet, bind_layers
from scapy.fields import ByteEnumField, ByteField, FieldLenField, \
MACField, PacketListField, ShortField, \
StrFixedLenField, XIntField, PacketField \
# This layer extends HomePlug AV one
from scapy.contrib.homeplugav import HomePlugAV, QualcommTypeList
# Copyright (C) HomePlugGP Layer for Scapy by FlUxIuS (Sebastien Dudek)
# As HomePlug GreenPHY is a subset of HomePlug AV, that is why we use
# HomePlugAV layer as a base here.
HomePlugGPTypes = {0x6008: "CM_SET_KEY_REQ",
0x6009: "CM_SET_KEY_CNF",
0x6064: "CM_SLAC_PARM_REQ",
0x6065: "CM_SLAC_PARM_CNF",
0x606e: "CM_ATTEN_CHAR_IN",
0x606a: "CM_START_ATTEN_CHAR_IND",
0x606f: "CM_ATTEN_CHAR_RSP",
0x6076: "CM_MNBC_SOUND_IND",
0x607c: "CM_SLAC_MATCH_REQ",
0x607d: "CM_SLAC_MATCH_CNF",
0x6086: "CM_ATTENUATION_CHARACTERISTICS_MME"}
QualcommTypeList.update(HomePlugGPTypes)
HPGP_codes = {0x0: "Success"}
KeyType_list = {0x01: "NMK (AES-128)"}
######################################################################
# SLAC operations
######################################################################
class CM_SLAC_PARM_REQ(Packet):
name = "CM_SLAC_PARM_REQ"
fields_desc = [ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
StrFixedLenField("RunID", b"\x00" * 8, 8)]
class CM_SLAC_PARM_CNF(Packet):
name = "CM_SLAC_PARM_CNF"
fields_desc = [MACField("MSoundTargetMAC", "00:00:00:00:00:00"),
ByteField("NumberMSounds", 0x0),
ByteField("TimeOut", 0x0),
ByteField("ResponseType", 0x0),
MACField("ForwardingSTA", "00:00:00:00:00:00"),
ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
StrFixedLenField("RunID", b"\x00" * 8, 8)]
class HPGP_GROUP(Packet):
name = "HPGP_GROUP"
fields_desc = [ByteField("group", 0x0)]
def extract_padding(self, p):
return "", p
class VS_ATTENUATION_CHARACTERISTICS_MME(Packet):
name = "VS_ATTENUATION_CHARACTERISTICS_MME"
fields_desc = [MACField("EVMACAddress", "00:00:00:00:00:00"),
FieldLenField("NumberOfGroups", None,
count_of="Groups", fmt="B"),
ByteField("NumberOfCarrierPerGroupe", 0),
StrFixedLenField("Reserved", b"\x00" * 7, 7),
PacketListField("Groups", "", HPGP_GROUP,
length_from=lambda pkt: pkt.NumberOfGroups)]
class CM_ATTENUATION_CHARACTERISTICS_MME(Packet):
name = "CM_ATTENUATION_CHARACTERISTICS_MME"
fields_desc = [MACField("EVMACAddress", "00:00:00:00:00:00"),
FieldLenField("NumberOfGroups", None, count_of="Groups",
fmt="B"),
ByteField("NumberOfCarrierPerGroupe", 0),
PacketListField("Groups", "", HPGP_GROUP,
length_from=lambda pkt: pkt.NumberOfGroups)]
class CM_ATTEN_CHAR_IND(Packet):
name = "CM_ATTEN_CHAR_IND"
fields_desc = [ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
MACField("SourceAdress", "00:00:00:00:00:00"),
StrFixedLenField("RunID", b"\x00" * 8, 8),
StrFixedLenField("SourceID", b"\x00" * 17, 17),
StrFixedLenField("ResponseID", b"\x00" * 17, 17),
ByteField("NumberOfSounds", 0x0),
FieldLenField("NumberOfGroups", None, count_of="Groups",
fmt="B"),
PacketListField("Groups", "", HPGP_GROUP,
length_from=lambda pkt: pkt.NumberOfGroups)]
class CM_ATTEN_CHAR_RSP(Packet):
name = "CM_ATTEN_CHAR_RSP"
fields_desc = [ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
MACField("SourceAdress", "00:00:00:00:00:00"),
StrFixedLenField("RunID", b"\x00" * 8, 8),
StrFixedLenField("SourceID", b"\x00" * 17, 17),
StrFixedLenField("ResponseID", b"\x00" * 17, 17),
ByteEnumField("Result", 0x0, HPGP_codes)]
class SLAC_varfield(Packet):
name = "SLAC_varfield"
fields_desc = [StrFixedLenField("EVID", b"\x00" * 17, 17),
MACField("EVMAC", "00:00:00:00:00:00"),
StrFixedLenField("EVSEID", b"\x00" * 17, 17),
MACField("EVSEMAC", "00:00:00:00:00:00"),
StrFixedLenField("RunID", b"\x00" * 8, 8),
StrFixedLenField("RSVD", b"\x00" * 8, 8)]
class CM_SLAC_MATCH_REQ(Packet):
name = "CM_SLAC_MATCH_REQ"
fields_desc = [ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
FieldLenField("MatchVariableFieldLen", None,
count_of="VariableField", fmt="H"),
PacketField("VariableField",
SLAC_varfield(),
SLAC_varfield)]
class SLAC_varfield_cnf(Packet):
name = "SLAC_varfield"
fields_desc = [StrFixedLenField("EVID", b"\x00" * 17, 17),
MACField("EVMAC", "00:00:00:00:00:00"),
StrFixedLenField("EVSEID", b"\x00" * 17, 17),
MACField("EVSEMAC", "00:00:00:00:00:00"),
StrFixedLenField("RunID", b"\x00" * 8, 8),
StrFixedLenField("RSVD", b"\x00" * 8, 8),
StrFixedLenField("NetworkID", b"\x00" * 7, 7),
ByteField("Reserved", 0x0),
StrFixedLenField("NMK", b"\x00" * 16, 16)]
class CM_SLAC_MATCH_CNF(Packet):
name = "CM_SLAC_MATCH_CNF"
fields_desc = [ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
FieldLenField("MatchVariableFieldLen", None,
count_of="VariableField", fmt="H"),
PacketField("VariableField",
SLAC_varfield_cnf(),
SLAC_varfield_cnf)]
class CM_START_ATTEN_CHAR_IND(Packet):
name = "CM_START_ATTEN_CHAR_IND"
fields_desc = [ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
ByteField("NumberOfSounds", 0x0),
ByteField("TimeOut", 0x0),
ByteField("ResponseType", 0x0),
MACField("ForwardingSTA", "00:00:00:00:00:00"),
StrFixedLenField("RunID", b"\x00" * 8, 8)]
class CM_MNBC_SOUND_IND(Packet):
name = "CM_MNBC_SOUND_IND"
fields_desc = [ByteField("ApplicationType", 0x0),
ByteField("SecurityType", 0x0),
StrFixedLenField("SenderID", b"\x00" * 17, 17),
ByteField("Countdown", 0x0),
StrFixedLenField("RunID", b"\x00" * 8, 8),
StrFixedLenField("RSVD", b"\x00" * 8, 8),
StrFixedLenField("RandomValue", b"\x00" * 16, 16)]
######################################################################
# Set keys for GP
######################################################################
class CM_SET_KEY_REQ(Packet):
name = "CM_SET_KEY_REQ"
fields_desc = [ByteEnumField("KeyType", 0x0, KeyType_list),
XIntField("MyNonce", 0),
XIntField("YourNonce", 0),
ByteField("PID", 0),
ShortField("ProtoRunNumber", 0),
ByteField("ProtoMessNumber", 0),
ByteField("CCoCapability", 0),
StrFixedLenField("NetworkID", b"\x00" * 7, 7),
ByteField("NewEncKeySelect", 0),
StrFixedLenField("NewKey", b"\x00" * 16, 16)]
class CM_SET_KEY_CNF(Packet):
name = "CM_SET_KEY_CNF"
fields_desc = [ByteEnumField("Result", 0x0, HPGP_codes),
XIntField("MyNonce", 0),
XIntField("YourNonce", 0),
ByteField("PID", 0),
ShortField("ProtoRunNumber", 0),
ByteField("ProtoMessNumber", 0),
ByteField("CCoCapability", 0)]
# END #
bind_layers(HomePlugAV, VS_ATTENUATION_CHARACTERISTICS_MME, HPtype=0xA14E)
bind_layers(HomePlugAV, CM_SLAC_PARM_REQ, HPtype=0x6064)
bind_layers(HomePlugAV, CM_SLAC_PARM_CNF, HPtype=0x6065)
bind_layers(HomePlugAV, CM_START_ATTEN_CHAR_IND, HPtype=0x606a)
bind_layers(HomePlugAV, CM_ATTEN_CHAR_IND, HPtype=0x606e)
bind_layers(HomePlugAV, CM_ATTEN_CHAR_RSP, HPtype=0x606f)
bind_layers(HomePlugAV, CM_MNBC_SOUND_IND, HPtype=0x6076)
bind_layers(HomePlugAV, CM_SLAC_MATCH_REQ, HPtype=0x607c)
bind_layers(HomePlugAV, CM_SLAC_MATCH_CNF, HPtype=0x607d)
bind_layers(HomePlugAV, CM_SET_KEY_REQ, HPtype=0x6008)
bind_layers(HomePlugAV, CM_SET_KEY_CNF, HPtype=0x6009)
bind_layers(HomePlugAV, CM_ATTENUATION_CHARACTERISTICS_MME, HPtype=0x6086)
Reference in a new issue Copy permalink