BLACK MASK

Thursday, May 10, 2018

pizza coming out!

// Xilinx SDK includes
#include "xparameters.h"
#include
#include
#include "xtmrctr.h"
#include "xio.h"
#include
// WARP includes
#include "wlan_mac_low.h"
#include "w3_userio.h"
#include "radio_controller.h"
#include "wlan_mac_ipc_util.h"
#include "wlan_mac_802_11_defs.h"
#include "wlan_mac_misc_util.h"
#include "wlan_phy_util.h"
#include "wlan_mac_jamming.h"
#include "wlan_exp.h"
#include "math.h"
/*************************** Constant Definitions ****************************/
#define WARPNET_TYPE_80211_LOW WARPNET_TYPE_80211_LOW_JAMMING
#define NUM_LEDS 4
// Wifi channel, where the jammer should operate on
#define WIFI_CHANNEL 14
// Packet buffer used to hold the jamming frame
#define TX_PKT_BUF_JAM 7
/*********************** Global Variable Definitions *************************/
/*************************** Variable Definitions ****************************/
static u8 eeprom_addr[6];
static u8 jamming;
static u8 showmacs;
volatile u8 red_led_index;
volatile u8 green_led_index;
/**************************** Struct Definitions *****************************/
typedef struct{
u8 dsap;
u8 ssap;
u8 control_field;
u8 org_code[3];
u16 type;
} llc_header;
#define LLC_SNAP 0xAA
#define LLC_CNTRL_UNNUMBERED 0x03
static u8 OURMAC[6] = {0xDE,0xAD,0xBE,0xEF,0x01,0x01};
static u8 JAMMAC[6] = {0xDE,0xAD,0xBE,0xEF,0x11,0x11};
/******************************** Functions **********************************/
inline void set_tx_power(u8 tx_pkt_buf, s8 power) {
tx_frame_info* mpdu_info = (tx_frame_info*) (TX_PKT_BUF_TO_ADDR(tx_pkt_buf));
mpdu_info->params.phy.power = power; // dBm
}
inline void set_tx_ant_mode(u8 tx_pkt_buf, u8 antenna_mode) {
tx_frame_info* mpdu_info = (tx_frame_info*) (TX_PKT_BUF_TO_ADDR(tx_pkt_buf));
mpdu_info->params.phy.antenna_mode = antenna_mode;
}
int main(){
wlan_mac_hw_info* hw_info;
xil_printf("\f");
xil_printf("----- SEEMOO Reactive WiFi Jammer -------\n");
xil_printf("----- v0.1 ------------------------------\n");
xil_printf("----- wlan_mac_jamming ------------------\n");
xil_printf("Compiled %s %s\n\n", __DATE__, __TIME__);
xil_printf("Note: this UART is currently printing from CPU_LOW. To view prints from\n");
xil_printf("and interact with CPU_HIGH, raise the right-most User I/O DIP switch bit.\n");
xil_printf("This switch can be toggled live while the design is running.\n\n");
wlan_tx_config_ant_mode(TX_ANTMODE_SISO_ANTA);
red_led_index = 0;
green_led_index = 0;
userio_write_leds_green(USERIO_BASEADDR, (1<<green_led_index));
userio_write_leds_red(USERIO_BASEADDR, (1<<red_led_index));
wlan_mac_low_init(WARPNET_TYPE_80211_LOW);
hw_info = wlan_mac_low_get_hw_info();
memcpy(eeprom_addr,hw_info->hw_addr_wlan,6);
wlan_mac_low_set_frame_rx_callback((void*)frame_receive);
wlan_mac_low_set_frame_tx_callback((void*)frame_transmit);
wlan_mac_low_finish_init();
REG_SET_BITS(WLAN_MAC_REG_CONTROL, (WLAN_MAC_CTRL_MASK_CCA_IGNORE_PHY_CS | WLAN_MAC_CTRL_MASK_CCA_IGNORE_NAV));
// Set the WiFi channel
if(radio_controller_setCenterFrequency(RC_BASEADDR, (RC_ALL_RF), RC_24GHZ, wlan_mac_low_wlan_chan_to_rc_chan(WIFI_CHANNEL)) >= 0) {
xil_printf("WiFi Channel set to %d\n", WIFI_CHANNEL);
} else {
xil_printf("ERR: Setting the WiFi channel resulted in an error\n");
}
xil_printf("Initialization Finished\n");
while(1){
//Poll PHY RX start
wlan_mac_low_poll_frame_rx();
//Should check and handle push button events
//push_button_checker();
}
return 0;
}
/**
* @brief Checks which push button is pressed and calls functions to handle this event
*/
inline void push_button_checker() {
if(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_D){
//xil_printf("FRAME PREPARE");
mac_header_80211* header = (mac_header_80211*)(TX_PKT_BUF_TO_ADDR(0)+PHY_TX_PKT_BUF_PHY_HDR_SIZE+sizeof(tx_frame_info));
header->frame_control_1 = MAC_FRAME_CTRL1_SUBTYPE_DATA;
header->frame_control_2 = MAC_FRAME_CTRL2_FLAG_FROM_DS;
header->duration_id = 0;
header->sequence_control = 0;
//header->address_1 = OURMAC;
memcpy(header->address_1, OURMAC, 6);
memcpy(header->address_2, OURMAC, 6);
memcpy(header->address_3, OURMAC, 6);
set_tx_power(0,TX_POWER_MAX_DBM);
set_tx_ant_mode(0,TX_ANTMODE_SISO_ANTA);
frame_transmit(0,WLAN_PHY_RATE_BPSK12,(u16) 1000,NULL);
xil_printf("FRAME SENT");
while(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_D){
//do nothing
}
}
if(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_U){
xil_printf(".");
while(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_U){
//do nothing
}
}
}
/**
* @brief Handles reception of a wireless packet
*
* This function is called after a good SIGNAL field is detected by either PHY (OFDM or DSSS)
* It is the responsibility of this function to wait until a sufficient number of bytes have been received
* before it can start to process those bytes. When this function is called the eventual checksum status is
* unknown. In NOMAC, this function doesn't need to do any kind of filtering or operations like transmitting
* an acknowledgment.
*
* @param u8 rx_pkt_buf
* -Index of the Rx packet buffer containing the newly recevied packet
* @param u8 rate
* -Index of PHY rate at which pcaket was received
* @param u16 length
* -Number of bytes received by the PHY, including MAC header and FCS
* @return
* - always returns 0 in NOMAC implementation
*/
u32 frame_receive(u8 rx_pkt_buf, u8 rate, u16 length){
//This function is called after a good SIGNAL field is detected by either PHY (OFDM or DSSS)
//It is the responsibility of this function to wait until a sufficient number of bytes have been received
// before it can start to process those bytes. When this function is called the eventual checksum status is
// unknown. The packet contents can be provisionally processed (e.g. prepare an ACK for fast transmission),
// but post-reception actions must be conditioned on the eventual FCS status (good or bad).
//
// Note: The timing of this function is critical for correct operation of the 802.11 DCF. It is not
// safe to add large delays to this function (e.g. xil_printf or usleep)
mac_header_80211* header = (mac_header_80211*)(RX_PKT_BUF_TO_ADDR(rx_pkt_buf)+PHY_RX_PKT_BUF_PHY_HDR_SIZE+sizeof(rx_frame_info));
while(wlan_mac_get_last_byte()<=13+6){
//DO NOTHING
}
if(wlan_addr_eq(header->address_1,JAMMAC)){
mac_header_80211* header = (mac_header_80211*)(TX_PKT_BUF_TO_ADDR(0)+PHY_TX_PKT_BUF_PHY_HDR_SIZE+sizeof(tx_frame_info));
header->frame_control_1 = MAC_FRAME_CTRL1_SUBTYPE_DATA;
header->frame_control_2 = MAC_FRAME_CTRL2_FLAG_FROM_DS;
header->duration_id = 0;
header->sequence_control = 0;
//header->address_1 = OURMAC;
memcpy(header->address_1, OURMAC, 6);
memcpy(header->address_2, OURMAC, 6);
memcpy(header->address_3, OURMAC, 6);
set_tx_power(0,TX_POWER_MAX_DBM);
set_tx_ant_mode(0,TX_ANTMODE_SISO_ANTA);
frame_transmit(0,WLAN_PHY_RATE_BPSK12,(u16) 1000,NULL);
//xil_printf("Address: %x:%x:%x:%x:%x:%x \n",header->address_1[0],header->address_1[1],header->address_1[2],header->address_1[3],header->address_1[4],header->address_1[5]);
}
u32 state = wlan_mac_dcf_hw_rx_finish(); //Blocks until reception is complete
//xil_printf("Address: %x:%x:%x:%x:%x:%x \n",header->address_1[0],header->address_1[1],header->address_1[2],header->address_1[3],header->address_1[4],header->address_1[5]);
if(state == RX_MPDU_STATE_FCS_GOOD){
green_led_index = (green_led_index + 1) % NUM_LEDS;
userio_write_leds_green(USERIO_BASEADDR, (1<<green_led_index));
} else {
red_led_index = (red_led_index + 1) % NUM_LEDS;
userio_write_leds_red(USERIO_BASEADDR, (1<<red_led_index));
}
// Clear packet buffer for debugging reasons
bzero((void *)(RX_PKT_BUF_TO_ADDR(rx_pkt_buf)), 2048);
// Set the OFDM and DSSS PHYs to use the same Rx pkt buffer
wlan_phy_rx_pkt_buf_ofdm(rx_pkt_buf);
wlan_phy_rx_pkt_buf_dsss(rx_pkt_buf);
//Unblock the PHY post-Rx (no harm calling this if the PHY isn't actually blocked)
wlan_mac_dcf_hw_unblock_rx_phy();
return 0;
}
/**
* @brief Handles transmission of a wireless packet
*
* This function is called to transmit a new packet via the PHY. While the code does utilize the wlan_mac_dcf_hw core,
* it bypasses any of the DCF-specific state in order to directly transmit the frame. This function should be called once per packet and will return
* immediately following that transmission. It will not perform any DCF-like retransmissions.
*
* This function is called once per IPC_MBOX_TX_MPDU_READY message from CPU High. The IPC_MBOX_TX_MPDU_DONE message will be sent
* back to CPU High when this function returns.
*
* @param u8 rx_pkt_buf
* -Index of the Tx packet buffer containing the packet to transmit
* @param u8 rate
* -Index of PHY rate at which packet will be transmitted
* @param u16 length
* -Number of bytes in packet, including MAC header and FCS
* @param wlan_mac_low_tx_details* low_tx_details
* -Pointer to array of metadata entries to be created for each PHY transmission of this packet (eventually leading to TX_LOW log entries)
* @return
* -Transmission result
*/
int frame_transmit(u8 pkt_buf, u8 rate, u16 length, wlan_mac_low_tx_details* low_tx_details) {
//This function manages the MAC_DCF_HW core.
u32 tx_status;
tx_frame_info* mpdu_info = (tx_frame_info*) (TX_PKT_BUF_TO_ADDR(pkt_buf));
u64 last_tx_timestamp;
int curr_tx_pow;
last_tx_timestamp = (u64)(mpdu_info->delay_accept) + (u64)(mpdu_info->timestamp_create);
//Write the SIGNAL field (interpreted by the PHY during Tx waveform generation)
wlan_phy_set_tx_signal(pkt_buf, rate, length);
unsigned char mpdu_tx_ant_mask = 0;
switch(mpdu_info->params.phy.antenna_mode) {
case TX_ANTMODE_SISO_ANTA:
mpdu_tx_ant_mask |= 0x1;
break;
case TX_ANTMODE_SISO_ANTB:
mpdu_tx_ant_mask |= 0x2;
break;
case TX_ANTMODE_SISO_ANTC:
mpdu_tx_ant_mask |= 0x4;
break;
case TX_ANTMODE_SISO_ANTD:
mpdu_tx_ant_mask |= 0x8;
break;
default:
mpdu_tx_ant_mask = 0x1;
break;
}
mpdu_info->num_tx = 1;
curr_tx_pow = wlan_mac_low_dbm_to_gain_target(mpdu_info->params.phy.power);
wlan_mac_MPDU_tx_params(pkt_buf, 0, 0, mpdu_tx_ant_mask);
//Set Tx Gains
wlan_mac_MPDU_tx_gains(curr_tx_pow,curr_tx_pow,curr_tx_pow,curr_tx_pow);
//Before we mess with any PHY state, we need to make sure it isn't actively
//transmitting. For example, it may be sending an ACK when we get to this part of the code
while(wlan_mac_get_status() & WLAN_MAC_STATUS_MASK_PHY_TX_ACTIVE){}
//Submit the MPDU for transmission - this starts the MAC hardware's MPDU Tx state machine
wlan_mac_MPDU_tx_start(1);
wlan_mac_MPDU_tx_start(0);
//Wait for the MPDU Tx to finish
do{
if(low_tx_details != NULL){
low_tx_details[0].phy_params.rate = mpdu_info->params.phy.rate;
low_tx_details[0].phy_params.power = mpdu_info->params.phy.power;
low_tx_details[0].phy_params.antenna_mode = mpdu_info->params.phy.antenna_mode;
low_tx_details[0].chan_num = wlan_mac_low_get_active_channel();
low_tx_details[0].num_slots = 0;
low_tx_details[0].cw = 0;
}
tx_status = wlan_mac_get_status();
if(tx_status & WLAN_MAC_STATUS_MASK_MPDU_TX_DONE) {
if(low_tx_details != NULL){
low_tx_details[0].tx_start_delta = (u32)(get_tx_start_timestamp() - last_tx_timestamp);
last_tx_timestamp = get_tx_start_timestamp();
}
switch(tx_status & WLAN_MAC_STATUS_MASK_MPDU_TX_RESULT){
case WLAN_MAC_STATUS_MPDU_TX_RESULT_SUCCESS:
return 0;
break;
}
}
} while(tx_status & WLAN_MAC_STATUS_MASK_MPDU_TX_PENDING);
return -1;
}

[C] jamming_lab - Pastebin.com

PASTEBIN.COM

BLACK MASK

Thursday, May 10, 2018

No comments:

Total Pageviews

Search Webcams:
by www.online-camera.de