Christina Quast | 69d1f90 | 2015-04-03 11:41:23 +0200 | [diff] [blame] | 1 | import usb.core |
| 2 | import usb.util |
Christina Quast | fb91bb7 | 2015-04-18 13:31:42 +0200 | [diff] [blame] | 3 | import array |
Christina Quast | 69d1f90 | 2015-04-03 11:41:23 +0200 | [diff] [blame] | 4 | |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 5 | from ccid_raw import SmartcardConnection |
Christina Quast | 158c1dd | 2015-04-17 20:19:29 +0200 | [diff] [blame] | 6 | from smartcard_emulator import SmartCardEmulator |
Christina Quast | 425717d | 2015-05-14 17:20:55 +0200 | [diff] [blame] | 7 | from gsmtap import gsmtap_send_apdu |
Christina Quast | 95270b1 | 2015-04-04 19:59:03 +0200 | [diff] [blame] | 8 | |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 9 | from contextlib import closing |
| 10 | |
Christina Quast | f2e53f0 | 2015-04-11 08:42:38 +0200 | [diff] [blame] | 11 | from util import HEX |
Christina Quast | 9547e9f | 2015-04-14 22:18:30 +0200 | [diff] [blame] | 12 | from constants import * |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 13 | from apdu_split import Apdu_splitter, apdu_states |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 14 | |
Christina Quast | ad6f4d3 | 2015-06-24 15:44:36 +0200 | [diff] [blame] | 15 | from replace import replace |
| 16 | |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 17 | def pattern_match(inpt): |
| 18 | print("Matching inpt", inpt) |
Christina Quast | 94ddb91 | 2015-04-11 12:29:41 +0200 | [diff] [blame] | 19 | if (inpt == ATR_SYSMOCOM1) or (inpt == ATR_STRANGE_SIM): |
| 20 | print("ATR: ", inpt) |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 21 | return NEW_ATR |
| 22 | elif (inpt == CMD_SEL_FILE): |
Christina Quast | 94ddb91 | 2015-04-11 12:29:41 +0200 | [diff] [blame] | 23 | print("CMD_SEL_FILE:", inpt) |
| 24 | return CMD_SEL_ROOT |
| 25 | elif (inpt == CMD_GET_DATA): |
| 26 | print("CMD_DATA:", inpt) |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 27 | return CMD_SEL_ROOT |
| 28 | else: |
| 29 | return inpt |
Christina Quast | 69d1f90 | 2015-04-03 11:41:23 +0200 | [diff] [blame] | 30 | |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 31 | def poll_ep(dev, ep): |
| 32 | try: |
Christina Quast | 3a47a4f | 2015-04-11 18:16:14 +0200 | [diff] [blame] | 33 | return dev.read(ep, 64, 10) |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 34 | except usb.core.USBError as e: |
| 35 | if e.errno != ERR_TIMEOUT: |
| 36 | raise |
| 37 | return None |
Christina Quast | 69d1f90 | 2015-04-03 11:41:23 +0200 | [diff] [blame] | 38 | |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 39 | def write_phone(dev, resp): |
Christina Quast | f2e53f0 | 2015-04-11 08:42:38 +0200 | [diff] [blame] | 40 | print("WR: ", HEX(resp)) |
Christina Quast | 3a47a4f | 2015-04-11 18:16:14 +0200 | [diff] [blame] | 41 | dev.write(PHONE_WR, resp, 10) |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 42 | |
Christina Quast | 020e5d6 | 2015-05-14 18:11:23 +0200 | [diff] [blame] | 43 | def do_mitm(dev, sim_emul=True): |
Christina Quast | 158c1dd | 2015-04-17 20:19:29 +0200 | [diff] [blame] | 44 | if sim_emul == True: |
| 45 | my_class = SmartCardEmulator |
| 46 | else: |
| 47 | my_class = SmartcardConnection |
| 48 | with closing(my_class()) as sm_con: |
Christina Quast | 6f664a3 | 2015-04-06 19:08:04 +0200 | [diff] [blame] | 49 | atr = sm_con.getATR() |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 50 | |
| 51 | apdus = [] |
| 52 | apdu = Apdu_splitter() |
| 53 | |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 54 | while True: |
| 55 | cmd = poll_ep(dev, PHONE_INT) |
| 56 | if cmd is not None: |
Christina Quast | f2e53f0 | 2015-04-11 08:42:38 +0200 | [diff] [blame] | 57 | print("Int line ", HEX(cmd)) |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 58 | assert cmd[0] == ord('R') |
Christina Quast | 6f664a3 | 2015-04-06 19:08:04 +0200 | [diff] [blame] | 59 | # FIXME: restart card anyways? |
| 60 | # sm_con.reset_card() |
Christina Quast | f2e53f0 | 2015-04-11 08:42:38 +0200 | [diff] [blame] | 61 | print("Write atr: ", HEX(atr)) |
Christina Quast | 46a9367 | 2015-04-21 23:00:52 +0200 | [diff] [blame] | 62 | write_phone(dev, replace(atr)) |
Christina Quast | fb91bb7 | 2015-04-18 13:31:42 +0200 | [diff] [blame] | 63 | apdus = [] |
| 64 | apdu = Apdu_splitter() |
Christina Quast | 69d1f90 | 2015-04-03 11:41:23 +0200 | [diff] [blame] | 65 | |
Christina Quast | 88c7fa1 | 2015-04-06 00:35:03 +0200 | [diff] [blame] | 66 | cmd = poll_ep(dev, PHONE_RD) |
| 67 | if cmd is not None: |
Christina Quast | f2e53f0 | 2015-04-11 08:42:38 +0200 | [diff] [blame] | 68 | print("RD: ", HEX(cmd)) |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 69 | for c in cmd: |
Christina Quast | fb91bb7 | 2015-04-18 13:31:42 +0200 | [diff] [blame] | 70 | if apdu.state == apdu_states.APDU_S_FIN: |
| 71 | apdus.append(apdu) |
Christina Quast | 425717d | 2015-05-14 17:20:55 +0200 | [diff] [blame] | 72 | gsmtap_send_apdu(apdu.buf) |
Christina Quast | fb91bb7 | 2015-04-18 13:31:42 +0200 | [diff] [blame] | 73 | apdu = Apdu_splitter() |
| 74 | |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 75 | apdu.split(c) |
Christina Quast | 08ea861 | 2015-05-03 16:34:32 +0200 | [diff] [blame] | 76 | if apdu.state == apdu_states.APDU_S_FIN and apdu.pts_buf == [0xff, 0x00, 0xff]: |
Christina Quast | b6e005c | 2015-05-04 15:28:03 +0200 | [diff] [blame] | 77 | #sim_data = sm_con.send_receive_cmd(apdu.pts_buf) |
| 78 | #write_phone(dev, replace(array('B', sim_data))) |
| 79 | write_phone(dev, replace(array('B', apdu.pts_buf))) |
Christina Quast | 08ea861 | 2015-05-03 16:34:32 +0200 | [diff] [blame] | 80 | continue; |
Christina Quast | fb91bb7 | 2015-04-18 13:31:42 +0200 | [diff] [blame] | 81 | |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 82 | if apdu.state == apdu_states.APDU_S_SW1: |
Christina Quast | fb91bb7 | 2015-04-18 13:31:42 +0200 | [diff] [blame] | 83 | if apdu.data is not None and len(apdu.data) == 0: |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 84 | # FIXME: implement other ACK types |
Christina Quast | 46a9367 | 2015-04-21 23:00:52 +0200 | [diff] [blame] | 85 | write_phone(dev, replace(array('B', [apdu.ins]))) |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 86 | apdu.split(apdu.ins) |
| 87 | else: |
| 88 | sim_data = sm_con.send_receive_cmd(apdu.buf) |
Christina Quast | 46a9367 | 2015-04-21 23:00:52 +0200 | [diff] [blame] | 89 | write_phone(dev, replace(sim_data)) |
Christina Quast | 5384061 | 2015-04-16 11:10:59 +0200 | [diff] [blame] | 90 | for c in sim_data: |
| 91 | apdu.split(c) |
Christina Quast | ca0ebfd | 2015-06-19 13:29:14 +0200 | [diff] [blame] | 92 | if apdu.state == apdu_states.APDU_S_SEND_DATA: |
| 93 | sim_data = sm_con.send_receive_cmd(replace(apdu.buf)) |
| 94 | #sim_data.insert(0, apdu.ins) |
| 95 | write_phone(dev, replace(sim_data)) |
| 96 | #apdu.state = apdu_states.APDU_S_SW1 |
| 97 | for c in sim_data: |
| 98 | apdu.split(c) |