-
Notifications
You must be signed in to change notification settings - Fork 22
Home
Ehab Hussein edited this page Dec 28, 2019
·
7 revisions
Module libagfs
--------------
Variables
---------
stdout
Classes
-------
agfs
Ancestors (in MRO)
------------------
libagfs.agfs
builtins.object
Static methods
--------------
__init__(self)
Initialize self. See help(type(self)) for accurate signature.
MITMproxy(self, endpoint)
:param endpoint: the IN endpoint
:return: None
MITMproxyRQueues(self, ch, method, properties, body)
:param ch: rabbitMQ channel
:param method: methods
:param properties: properties
:param body: Payload
:return None
changeintf(self)
will allow you to change the interfaces you use with the device
clonedev(self)
This method does not need any parameters it only saves a backup of the device incase you need to share it or use it later.
saves the device information in the ./clones/ directory.
The best option is to allow Agfs to claim the interfaces prior to cloning it as we need to gather more info on the device
before we clone it.
This method returns nothing.
createdb(self, name)
create the sqlite table and columns for usblyzer dumps
:param name: this receives a name for the database name to be created
devWrite(self, endpoint, payload)
To use this with a method you would write make sure to run the startSniffReadThread(self,endpoint=None, pts=None, queue=None,channel=None)
method first so you can monitor responses
:param endpoint: endpoint address you want to write method
:param payload: the message to be sent to the devices
:return: None
devctrltrnsf(self, bmRequestType, bmRequest, wValue, wIndex, wLength)
Usually you'll find the parameters for this method in the vendor's data sheet.
https://www.beyondlogic.org/usbnutshell/usb6.shtml
:param bmRequestType: direction of the request
:param bmRequest: determines the request being made
:param wValue: parameters to be passed with the request
:param wIndex: parameters to be passed with the request
:param wLength: Number of bytes to transfer if there is a data phase
deviceInfo(self)
gets the complete info only for any usb connected to the host
deviceInterfaces(self)
get all interfaces and endpoints on the device
Thanks to the pyusb tutorial
findSelect(self)
find your device and select it
fuzzer(self)
To be implemented
hostwrite(self, payload)
use this when you want to send payloads to a device driver on the host
:param payload: the message to be sent to the host example: "0102AAFFCC"
start the pizeroRouter.py with argv[2] set to anything so we can send the host messages to a null Queue
inithostwrite(self)
initiates a connection to the queue to comminicate with the host
monInterfaceChng(self, ven, prod)
thread in charge of monitoring interfaces for changes
:param ven: receives the vendorID of the device
:param prod: receives the productID of the device
:return: None
rabbitmqfakeheartbeat(self, channel)
releasedev(self)
releases the device and re-attaches the kernel driver
replaymsgs(self, direction=None, sequence=None, message=None)
This method searches the USBLyzer parsed database and give you the option replay a message or all messages from host to device
:param direction: in or out
:param sequence: the sequence number you would like to select to reply
:param message: will allow you to send your selected message
searchmsgs(self)
This method allows you to search and select all messages for a pattern
this method does not return anything
setupGadgetFS(self)
setup variables for gadgetFS : Linux Only, on Raspberry Pi Zero best option
This method does not require any parameters.
calling this method creates a bash script file inside the directory ./gadgetscripts/ which can then be pushed
and executed on the pi Zero to emulate the device being tested.
This method returns nothing.
sniffdevice(self, endpoint, pts, queue, channel)
read the communication between the device to hosts
you can either choose set pts or queue but not both.s
:param endpoint: endpoint address you want to read from)
:param pts: if you want to read the device without queues and send output to a specific tty
:param queue: is you will use the queues for a full proxy between target and host
:param channel: rabbitmq channel
:return: None
startMITMusbWifi(self, endpoint=None)
:param endpoint: the OUT endpoint of the device most probably self.epin which is from the device to the PC
:return: None
startMonInterfaceChng(self)
This method Allows you to monitor a device ever 10 second incase it suddenly changes its configuration.
Like when switching and Android phone from MTP to PTP . you'll get a notification so you can check
your inferfaces and adapt to that change using changeintf() method
startSniffReadThread(self, endpoint=None, pts=None, queue=None, channel=None)
This is a thread to continuously read the replies from the device and dependent on what you pass to the method either pts or queue
:param endpoint: endpoint address you want to read from
:param pts: if you want to read the device without queues and send output to a specific tty
:param queue: is you will use the queues for a full proxy between target and host
:param channel: this is automatically passed if you use the self.startMITMusbWifi()
:return: None
stopMITMusbWifi(self)
stopMonInterfaceChang(self)
Stops the interface monitor thread
stopSniffing(self)
Kills the sniffing thread
stophostwrite(self)
usblyzerparse(self, dbname)
This method will parse your xml exported from usblyzer and then import them into a database
:param dbname: this parameter is used to create a sqlite database in the folder ./databases with the specified name passed.
this method returns nothing