C8051F340 USB Fn hacking
/************************************************************************************
* C8051F340 USB Fn hacking
* 说明:
* 简单跟踪一下这个C8051F340 USB的使用。
*
* 2017-4-1 深圳 南山平山村 曾剑锋
***********************************************************************************/ void main(void)
{
System_Init (); --------------------+
USB0_Init (); |
EA = ; |
|
while () { |
Key_Scan(); | ------------------------------------+
Key_Handle(); | ------------------------------------*-+
} | | |
} | | |
| | |
void System_Init (void) <------------+ | |
{ | |
PCA0MD &= ~0x40; // Disable Watchdog timer | |
Sysclk_Init (); -------+ // initialize system clock | |
Port_Init (); | // configure cross bar -----------+ | |
Timer_Init (); | // configure timer -----------*-+ | |
} | | | | |
| | | | |
void Sysclk_Init (void) <-----+ | | | |
{ | | | |
#ifdef _USB_LOW_SPEED_ | | | |
| | | |
OSCICN |= 0x03; // Configure internal oscillator for | | | |
// its maximum frequency and enable | | | |
// missing clock detector | | | |
| | | |
CLKSEL = SYS_EXT_OSC; // Select System clock | | | |
CLKSEL |= USB_INT_OSC_DIV_2; // Select USB clock | | | |
#else | | | |
OSCICN |= 0x03; // Configure internal oscillator for | | | |
// its maximum frequency and enable | | | |
// missing clock detector | | | |
| | | |
CLKMUL = 0x00; // Select internal oscillator as | | | |
// input to clock multiplier | | | |
| | | |
CLKMUL |= 0x80; // Enable clock multiplier | | | |
CLKMUL |= 0xC0; // Initialize the clock multiplier | | | |
Delay(); // Delay for clock multiplier to begin | | | |
| | | |
while(!(CLKMUL & 0x20)); // Wait for multiplier to lock | | | |
CLKSEL = SYS_INT_OSC; // Select system clock | | | |
CLKSEL |= USB_4X_CLOCK; // Select USB clock | | | |
#endif /* _USB_LOW_SPEED_ */ | | | |
} | | | |
| | | |
void Port_Init(void) <------------------------------------------+ | | |
{ | | |
P0MDOUT = 0xFF; | | |
P0SKIP = 0xFF; | | |
P2MDIN = 0xFF; // Port 2 pin 5 set as analog input | | |
P2SKIP = 0xFF; // Port 2 pin 5 skipped by crossbar | | |
| | |
XBR1 = 0x40; // Enable Crossbar | | |
| | |
DebugLEDOFF; // ¹Ø±Õµ÷Êﵮ | | |
} | | |
| | |
void Timer_Init (void) | | |
{ | | |
TMR2CN = 0x00; // Stop Timer2; Clear TF2; | | |
| | |
CKCON &= ~0xF0; // Timer2 clocked based on T2XCLK; | | |
TMR2L = 0x7F; // Timer/Counter 2 Low | | |
TMR2H = 0xFF; // Timer/Counter 2 High | | |
TMR2RLL = 0xEF; // Timer/Counter 2 Reload Low | | |
TMR2RLH = 0xD8; // Timer/Counter 2 Reload High | | |
| | |
ET2 = ; // Enable Timer2 interrupts | | |
TR2 = ; // Start Timer2 | | |
} | | |
| | |
void USB0_Init (void) <-------------------------------------------------+ | |
{ | |
| |
// #define POLL_WRITE_BYTE(addr, data) while(USB0ADR & 0x80); \ | |
// WRITE_BYTE(addr, data); | |
POLL_WRITE_BYTE (POWER, 0x08); // Force Asynchronous USB Reset ---+ | |
POLL_WRITE_BYTE (IN1IE, 0x07); // Enable Endpoint 0-1 in interrupts | | |
POLL_WRITE_BYTE (OUT1IE,0x07); // Enable Endpoint 0-1 out interrupts | | |
POLL_WRITE_BYTE (CMIE, 0x07); // Enable Reset, Resume, and Suspend | | |
// interrupts | | |
USB0XCN = 0xE0; // Enable transceiver; select full speed | | |
POLL_WRITE_BYTE (CLKREC,0x89); // Enable clock recovery, single-step | | |
// mode disabled | | |
| | |
EIE1 |= 0x02; // Enable USB0 Interrupts | | |
| | |
// Enable USB0 by clearing the USB | | |
POLL_WRITE_BYTE (POWER, 0x01); // Inhibit Bit and enable suspend | | |
// detection | | |
| | |
} | | |
| | |
#define POLL_WRITE_BYTE(addr, data) while(USB0ADR & 0x80); \ <------------+ | |
WRITE_BYTE(addr, data); -----+ | |
| | |
#define WRITE_BYTE(addr, data) USB0ADR = (addr); USB0DAT = data <----+ | |
| | |
sfr USB0DAT = 0x97; // USB0 Data Register <----+ | |
| |
void Key_Scan(void) { <------------------------------------------------+ |
static unsigned char AllKeyBk; |
unsigned char AllKey = ; |
unsigned char i = ; |
|
if(b_ScanKey) { // 定时器中每过10ms会对这个变量置1一次 |
b_ScanKey = ; |
AllKey = P2; |
AllKey >>= ; |
if(AllKey != 0x3F) { // 有键按下 |
if(AllKeyBk != AllKey) { |
LongKeyCnt = ; // 有新的按键按下,重新去抖 |
} |
AllKeyBk = AllKey; |
LongKeyCnt++; |
if(LongKeyCnt > ) { // 20ms 去抖 |
key_status[KEYALL] = KEY_DOWN; |
for( i = ; i < ; i++) { |
// 判断每一个按键的状态 |
if( (AllKey & 0x01) == ) { |
key_status[i] = KEY_DOWN; |
} else { |
key_status[i] = KEY_UP; |
} |
AllKey >>= ; |
} |
} |
} else { |
key_status[KEYALL] = KEY_UP; |
LongKeyCnt = ; // 当按键抬起来之后这里会置零 |
for( i = ; i < ; i++) { |
key_status[i] = KEY_UP; |
} |
} |
} |
} |
|
void Key_Handle(void) <-----------------------------------------------------+
{
static unsigned char key_status_bk[] = {KEY_UP};
unsigned char i;
unsigned char cnt_i; cnt_i = ;
if(key_status[KEYF1] == KEY_DOWN) {
if(key_status[KEYF1] != key_status_bk[KEYF1]) {
IN_PACKET[cnt_i] = KB_F1;
DebugLEDON;
cnt_i++;
}
} else if(key_status[KEYF1] == KEY_UP) {
if(key_status[KEYF1] != key_status_bk[KEYF1]) { // 按键状态发生改变,只发送一次数据
DebugLEDOFF;
}
}
if(key_status[KEYF2] == KEY_DOWN) {
if(key_status[KEYF2] != key_status_bk[KEYF2]) {
IN_PACKET[cnt_i] = KB_F2;
DebugLEDON;
cnt_i++;
}
} else if(key_status[KEYF2] == KEY_UP) {
if(key_status[KEYF2] != key_status_bk[KEYF2]) { // 按键状态发生改变,只发送一次数据
DebugLEDOFF;
}
}
if(key_status[KEYF3] == KEY_DOWN) {
if(key_status[KEYF3] != key_status_bk[KEYF3]) {
IN_PACKET[cnt_i] = KB_F3;
DebugLEDON;
cnt_i++;
}
} else if(key_status[KEYF3] == KEY_UP) {
if(key_status[KEYF3] != key_status_bk[KEYF3]) { // 按键状态发生改变,只发送一次数据
DebugLEDOFF;
}
}
if(key_status[KEYF4] == KEY_DOWN) {
if(key_status[KEYF4] != key_status_bk[KEYF4]) {
IN_PACKET[cnt_i] = KB_F4;
DebugLEDON;
cnt_i++;
}
} else if(key_status[KEYF4] == KEY_UP) {
if(key_status[KEYF4] != key_status_bk[KEYF4]) { // 按键状态发生改变,只发送一次数据
DebugLEDOFF;
}
}
if(key_status[KEYF5] == KEY_DOWN) {
if(key_status[KEYF5] != key_status_bk[KEYF5]) {
IN_PACKET[cnt_i] = KB_F5;
DebugLEDON;
cnt_i++;
}
} else if(key_status[KEYF5] == KEY_UP) {
if(key_status[KEYF5] != key_status_bk[KEYF5]) { // 按键状态发生改变,只发送一次数据
DebugLEDOFF;
}
}
if(key_status[KEYF6] == KEY_DOWN) {
if(key_status[KEYF6] != key_status_bk[KEYF6]) {
IN_PACKET[cnt_i] = KB_F6;
DebugLEDON;
cnt_i++;
}
} else if(key_status[KEYF6] == KEY_UP) {
if(key_status[KEYF6] != key_status_bk[KEYF6]) { // 按键状态发生改变,只发送一次数据
DebugLEDOFF;
}
}
if(key_status[KEYALL] == KEY_DOWN){
if(key_status[KEYALL] != key_status_bk[KEYALL]) {
SendPacket ();
}
} else if(key_status[KEYALL] == KEY_UP){
for(i = ; i < ; i++) {
IN_PACKET[i] = ; -------+
} |
if(key_status[KEYALL] != key_status_bk[KEYALL]) { -------*-+
SendPacket (); | |
} | |
} | |
| |
for(i = ; i < ; i++) { | |
key_status_bk[i] = key_status[i]; | |
} | |
} | |
| |
unsigned char IN_PACKET[] ={,,,,,,,}; <-------+ |
|
unsigned char key_status[] = {KEY_UP}; <---------+ void Timer2_ISR (void) interrupt // 10ms
{
static unsigned Timer2_Cnt = ; Timer2_Cnt++;
b_ScanKey = ; // for key count if( (Timer2_Cnt%) == ) {
} if( Timer2_Cnt == )
Timer2_Cnt = ; TF2H = ; // Clear Timer2 interrupt flag
} //-----------------------------------------------------------------------------
// Usb_ISR
//-----------------------------------------------------------------------------
//
// Called after any USB type interrupt, this handler determines which type
// of interrupt occurred, and calls the specific routine to handle it.
//
//-----------------------------------------------------------------------------
void Usb_ISR (void) interrupt // USB中断入口
{ unsigned char bCommon, bIn, bOut;
POLL_READ_BYTE (CMINT, bCommon); // USB0公共中断寄存器 ------+
POLL_READ_BYTE (IN1INT, bIn); // USB0输入端点中断寄存器 |
POLL_READ_BYTE (OUT1INT, bOut); // USB0输出端点中断寄存器 |
{ |
if (bCommon & rbRSUINT) { // 恢复-> 没有实质的动作 |
Usb_Resume (); ------------*-+
} | |
if (bCommon & rbRSTINT) { // 复位 | |
Usb_Reset (); ------------*-*-+
} | | |
if (bCommon & rbSUSINT) { // 挂起 | | |
Usb_Suspend (); ------------*-*-*---+
} | | | |
if (bIn & rbEP0) { // 端点0中断处理 | | | |
Handle_Control (); ------------*-*-*---*-----+
} | | | | |
if (bIn & rbIN1) { // 端点1输入中断处理 | | | | |
Handle_In1 (); ------------*-*-*---*-+ |
} | | | | | |
if (bOut & rbOUT1) { // 端点1输出中断处理 | | | | | |
Handle_Out1 (); ------------*-*-*---*-*-+ |
} | | | | | | |
} | | | | | | |
} | | | | | | |
| | | | | | |
#define POLL_READ_BYTE(addr, target) while(USB0ADR & 0x80); \ <-----+ | | | | | |
READ_BYTE(addr, target); -------+ | | | | | |
| | | | | | |
#define READ_BYTE(addr, target) USB0ADR = (0x80 | addr); \ <------+ | | | | | |
while (USB0ADR & 0x80); target = USB0DAT | | | | | |
| | | | | |
void Usb_Resume(void) <------------------------------+ | | | | |
{ | | | | |
volatile int k; | | | | |
| | | | |
k++; | | | | |
| | | | |
// Add code for resume | | | | |
} | | | | |
| | | | |
void Usb_Reset (void) <--------------------------------+ | | | |
{ | | | |
USB0_STATE = DEV_DEFAULT; // Set device state to default | | | |
| | | |
POLL_WRITE_BYTE (POWER, 0x01); // Clear usb inhibit bit to enable USB | | | |
// suspend detection | | | |
| | | |
EP_STATUS[] = EP_IDLE; // Set default Endpoint Status | | | |
EP_STATUS[] = EP_HALT; | | | |
EP_STATUS[] = EP_HALT; | | | |
} | | | |
| | | |
void Usb_Suspend (void) <----------------------------------------------+ | | |
{ | | |
volatile int k; | | |
k++; | | |
} | | |
| | |
void Handle_In1 () <------------------------------------------------+ | |
{ | |
EP_STATUS[] = EP_IDLE; | |
} | |
| |
void Handle_Out1 () <--------------------------------------------------+ |
{ |
|
unsigned char Count = ; |
unsigned char ControlReg; |
|
POLL_WRITE_BYTE (INDEX, ); // Set index to endpoint 2 registers |
POLL_READ_BYTE (EOUTCSR1, ControlReg); |
|
if (EP_STATUS[] == EP_HALT) // If endpoint is halted, send a stall |
{ |
POLL_WRITE_BYTE (EOUTCSR1, rbOutSDSTL); |
} |
|
else // Otherwise read received packet |
// from host |
{ |
if (ControlReg & rbOutSTSTL) // Clear sent stall bit if last |
// packet was a stall |
{ |
POLL_WRITE_BYTE (EOUTCSR1, rbOutCLRDT); |
} |
|
Setup_OUT_BUFFER (); // configure buffer to save |
// received data |
Fifo_Read(FIFO_EP1, OUT_BUFFER.Length, OUT_BUFFER.Ptr); |
|
// process data according to received Report ID. |
// In systems with Report Descriptors that do not define report IDs, |
// the host will still format OUT packets with a prefix byte |
// of '0x00'. |
|
ReportHandler_OUT (OUT_BUFFER.Ptr[]); |
|
POLL_WRITE_BYTE (EOUTCSR1, ); // Clear Out Packet ready bit |
} |
} |
|
//----------------------------------------------------------------------------- |
// Handle_Control |
//----------------------------------------------------------------------------- |
// |
// Return Value : None |
// Parameters : None |
// |
// - Decode Incoming SETUP requests |
// - Load data packets on fifo while in transmit mode |
// |
//----------------------------------------------------------------------------- |
|
void Handle_Control (void) <--------------------------------------+
{
unsigned char ControlReg; // Temporary storage for EP control register POLL_WRITE_BYTE (INDEX, ); // ¶ËµãË÷ÒýÖÁ ¶Ëµã0
POLL_READ_BYTE (E0CSR, ControlReg); // Read control register if (EP_STATUS[] == EP_ADDRESS) // Handle Status Phase of Set Address
// command
{
POLL_WRITE_BYTE (FADDR, SETUP.wValue.c[LSB]);
EP_STATUS[] = EP_IDLE;
} if (ControlReg & rbSTSTL) // If last packet was a sent stall,
{ // reset STSTL bit and return EP0
// to idle state
POLL_WRITE_BYTE (E0CSR, );
EP_STATUS[] = EP_IDLE;
return;
} if (ControlReg & rbSUEND) // If last SETUP transaction was
{ // ended prematurely then set
POLL_WRITE_BYTE (E0CSR, rbDATAEND);
// Serviced SETUP End bit and return EP0
POLL_WRITE_BYTE (E0CSR, rbSSUEND);
EP_STATUS[] = EP_IDLE; // to idle state
} if (EP_STATUS[] == EP_IDLE) // If Endpoint 0 is in idle mode
{
if (ControlReg & rbOPRDY) // Make sure that EP 0 has an Out Packet
{ // ready from host although if EP0
// is idle, this should always be the case
/*
typedef struct
{
// typedef union {unsigned int i; unsigned char c[2];} WORD; unsigned char bmRequestType; // Request recipient, type, and dir.
unsigned char bRequest; // Specific standard request number
WORD wValue; // varies according to request
WORD wIndex; // varies according to request
WORD wLength; // Number of bytes to transfer
} setup_buffer; // End of SETUP Packet Type
*/
Fifo_Read (FIFO_EP0, , (unsigned char *)&SETUP);
// Get SETUP Packet off of Fifo, it is currently Big-Endian
// Compiler Specific - these next three statements swap the bytes of the
// SETUP packet words to Big Endian so they can be compared to other 16-bit
// values elsewhere properly
SETUP.wValue.i = SETUP.wValue.c[MSB] + *SETUP.wValue.c[LSB];
SETUP.wIndex.i = SETUP.wIndex.c[MSB] + *SETUP.wIndex.c[LSB];
SETUP.wLength.i = SETUP.wLength.c[MSB] + *SETUP.wLength.c[LSB]; // Intercept HID class-specific requests
if( (SETUP.bmRequestType & ~0x80) == DSC_HID) {
switch (SETUP.bRequest) {
case GET_REPORT:
Get_Report (); ----------------------------------+
break; |
case SET_REPORT: |
Set_Report (); |
break; |
case GET_IDLE: |
Get_Idle (); |
break; |
case SET_IDLE: |
Set_Idle (); |
break; |
case GET_PROTOCOL: |
Get_Protocol (); |
break; |
case SET_PROTOCOL: |
Set_Protocol (); |
break; |
default: |
Force_Stall (); // Send stall to host if invalid |
break; // request |
} |
} else |
|
switch (SETUP.bRequest) // Call correct subroutine to handle |
{ // each kind of standard request |
case GET_STATUS: |
Get_Status (); |
break; |
case CLEAR_FEATURE: |
Clear_Feature (); |
break; |
case SET_FEATURE: |
Set_Feature (); |
break; |
case SET_ADDRESS: |
Set_Address (); |
break; |
case GET_DESCRIPTOR: |
Get_Descriptor (); |
break; |
case GET_CONFIGURATION: |
Get_Configuration (); |
break; |
case SET_CONFIGURATION: |
Set_Configuration (); |
break; |
case GET_INTERFACE: |
Get_Interface (); |
break; |
case SET_INTERFACE: |
Set_Interface (); |
break; |
default: |
Force_Stall (); // Send stall to host if invalid request|
break; |
} |
} |
} |
|
if (EP_STATUS[] == EP_TX) // See if endpoint should transmit |
{ |
if (!(ControlReg & rbINPRDY) ) // Don't overwrite last packet |
{ |
// Read control register |
POLL_READ_BYTE (E0CSR, ControlReg); |
|
// Check to see if SETUP End or Out Packet received, if so do not put |
// any new data on FIFO |
if ((!(ControlReg & rbSUEND)) || (!(ControlReg & rbOPRDY))) |
{ |
// Add In Packet ready flag to E0CSR bitmask |
ControlReg = rbINPRDY; |
if (DATASIZE >= EP0_PACKET_SIZE) |
{ |
// Break Data into multiple packets if larger than Max Packet |
Fifo_Write_InterruptServiceRoutine (FIFO_EP0, EP0_PACKET_SIZE, |
(unsigned char*)DATAPTR); |
// Advance data pointer |
DATAPTR += EP0_PACKET_SIZE; |
// Decrement data size |
DATASIZE -= EP0_PACKET_SIZE; |
// Increment data sent counter |
DATASENT += EP0_PACKET_SIZE; |
} |
else |
{ |
// If data is less than Max Packet size or zero |
Fifo_Write_InterruptServiceRoutine (FIFO_EP0, DATASIZE, |
(unsigned char*)DATAPTR); |
ControlReg |= rbDATAEND;// Add Data End bit to bitmask |
EP_STATUS[] = EP_IDLE; // Return EP 0 to idle state |
} |
if (DATASENT == SETUP.wLength.i) |
{ |
// This case exists when the host requests an even multiple of |
// your endpoint zero max packet size, and you need to exit |
// transmit mode without sending a zero length packet |
ControlReg |= rbDATAEND;// Add Data End bit to mask |
EP_STATUS[] = EP_IDLE; // Return EP 0 to idle state |
} |
// Write mask to E0CSR |
POLL_WRITE_BYTE(E0CSR, ControlReg); |
} |
} |
} |
|
if (EP_STATUS[] == EP_RX) // See if endpoint should transmit |
{ |
// Read control register |
POLL_READ_BYTE (E0CSR, ControlReg); |
if (ControlReg & rbOPRDY) // Verify packet was received |
{ |
ControlReg = rbSOPRDY; |
if (DATASIZE >= EP0_PACKET_SIZE) |
{ |
Fifo_Read(FIFO_EP0, EP0_PACKET_SIZE, (unsigned char*)DATAPTR); |
// Advance data pointer |
DATAPTR += EP0_PACKET_SIZE; |
// Decrement data size |
DATASIZE -= EP0_PACKET_SIZE; |
// Increment data sent counter |
DATASENT += EP0_PACKET_SIZE; |
} |
else |
{ |
// read bytes from FIFO |
Fifo_Read (FIFO_EP0, DATASIZE, (unsigned char*) DATAPTR); |
|
ControlReg |= rbDATAEND; // signal end of data |
EP_STATUS[] = EP_IDLE; // set Endpoint to IDLE |
} |
if (DATASENT == SETUP.wLength.i) |
{ |
ControlReg |= rbDATAEND; |
EP_STATUS[] = EP_IDLE; |
} |
// if EP_RX mode was entered through a SET_REPORT request, |
// call the ReportHandler_OUT function and pass the Report |
// ID, which is the first by the of DATAPTR's buffer |
if ( (EP_STATUS[] == EP_IDLE) && (SETUP.bRequest == SET_REPORT) ) |
{ |
ReportHandler_OUT (*DATAPTR); |
} |
|
if (EP_STATUS[] != EP_STALL) POLL_WRITE_BYTE (E0CSR, ControlReg); |
} |
} |
|
} |
|
//----------------------------------------------------------------------------- |
// |
// Return Value - None |
// Parameters - None |
// |
// Description: Sends a given report type to the host. |
// |
//----------------------------------------------------------------------------- |
void Get_Report (void) <------------------------------+
{
// call appropriate handler to prepare buffer
ReportHandler_IN_ISR(SETUP.wValue.c[LSB]); --------------------+
// set DATAPTR to buffer used inside Control Endpoint |
DATAPTR = IN_BUFFER.Ptr; |
DATASIZE = IN_BUFFER.Length; |
|
if (EP_STATUS[] != EP_STALL) |
{ |
// Set serviced SETUP Packet |
POLL_WRITE_BYTE (E0CSR, rbSOPRDY); |
EP_STATUS[] = EP_TX; // Endpoint 0 in transmit mode |
DATASENT = ; // Reset DATASENT counter |
} |
} |
|
void ReportHandler_IN_ISR(unsigned char R_ID) <--------------------+
{
unsigned char index; index = ; while(index <= IN_VECTORTABLESize)
{
// check to see if Report ID passed into function
// matches the Report ID for this entry in the Vector Table
if(IN_VECTORTABLE[index].ReportID == R_ID) ---------------------------+
{ |
IN_VECTORTABLE[index].hdlr(); |
break; |
} |
|
// if Report IDs didn't match, increment the index pointer |
index++; |
} |
|
} |
|
// **************************************************************************** |
// Link all Report Handler functions to corresponding Report IDs |
// **************************************************************************** |
|
const VectorTableEntry code IN_VECTORTABLE[IN_VECTORTABLESize] = <-----------+
{
// FORMAT: Report ID, Report Handler
, IN_Report ------+
}; |
|
void IN_Report(void){ <---------------------------+ // save left mouse button stat to bit 0 of first data byte
// IN_PACKET[2] = MOUSE_BUTTON1;
// IN_PACKET[3] = MOUSE_BUTTON2;
IN_BUFFER.Ptr = IN_PACKET; ---------+
IN_BUFFER.Length = ; |
|
} |
|
unsigned char IN_PACKET[] ={,,,,,,,}; <--------+
C8051F340 USB Fn hacking的更多相关文章
- VC++ 6.0 C8051F340 USB 通信 CAN 数据解析
// HelloWorld.cpp : Defines the entry point for the console application. // /*********************** ...
- VC++ 6.0 C8051F340 USB PC侧通信 Demo
// HelloWorld.cpp : Defines the entry point for the console application. // /*********************** ...
- C8051F340之USB简介
背景 需求为实现一个键盘产品,于是将C8051F340作为主控制器.本篇记录C8051F340的USB控制器相关知识点,阅读本篇文章需要读者具有最基本的USB相关知识. 正文 C8051F340结构 ...
- Qt 获取usb设备信息 hacking
/************************************************************************** * Qt 获取usb设备信息 hacking * ...
- USB Keyboard Recorder
catalogue . 引言 . Device Class Definition for Human Interface Devices (HID) . USB HID Report Descript ...
- 狗汪汪玩转无线电 -- GPS Hacking
狗汪汪玩转无线电 -- GPS Hacking Kevin2600 · 2015/12/09 10:12 0x00 序 GPS Hacking 在过去几年的安全会议上一直都是很受关注的议题. 但往往因 ...
- GnuRadio Hacking②:使用SDR嗅探北欧芯片无线键盘鼠标数据包
0×00 前言 上半年的时候安全公司Bastille Networks(巴士底狱)安全研究员发现大多数无线鼠标和接收器之间的通信信号是不加密的,黑客可对一两百米范围内存在漏洞的无线键鼠进行嗅探甚至劫持 ...
- GSM Hacking Part② :使用SDR捕获GSM网络数据并解密
0×00 在文章第一部分 GSM Hacking Part① :使用SDR扫描嗅探GSM网络 搭建了嗅探GSM流量的环境,在第二部中,我们来讨论如何捕获发短信以及通话过程中的流量,从捕获到的数据中解密 ...
- 移动安全初探:窃取微信聊天记录、Hacking Android with Metasploit
在这篇文章中我们将讨论如何获取安卓.苹果设备中的微信聊天记录,并演示如何利用后门通过Metasploit对安卓设备进行控制.文章比较基础.可动手性强,有设备的童鞋不妨边阅读文章边操作,希望能激发大家对 ...
随机推荐
- 一个用 C# 实现操作 XML 文件的公共类代码
using System; using System.IO; using System.Data; using System.Xml; using System.Xml.XPath; namespac ...
- Python之函数总结
一,函数的定义与调用 定义:def 关键词开头,空格之后接函数名称和圆括号(),最后还有一个":". def 是固定的,不能变,必须是连续的def三个字母,不能分开 def 函数名 ...
- Django Rest Framework(一)
一.什么是RESTful REST与技术无关,代表一种软件架构风格,REST是Representational State Transfer的简称,中文翻译为“表征状态转移”. REST从资源的角度审 ...
- POJ - 2464 Brownie Points II 【树状数组 + 离散化】【好题】
题目链接 http://poj.org/problem?id=2464 题意 在一个二维坐标系上 给出一些点 Stan 先画一条过一点的水平线 Odd 再画一条 过Stan那条水平线上的任一点的垂直线 ...
- 如何选择合适的Linux系统进行桌面程序开发?
32 or 64 ? 众所周知,64位的Windows系统可以近乎完美地运行32位的应用程序,微软出于商业考虑做了这样一个兼容层.而Linux系统则划分的很清楚,默认情况下64位的Linux系统无法运 ...
- 基于SSM的单点登陆02
pom文件 <?xml version="1.0" encoding="UTF-8"?> <project xmlns="http: ...
- linux创建指定大小的文件
一.生成文件大小和实际占空间大小一样的文件 dd if=/dev/zero of=50M.file bs=1M count=50 dd if=/dev/zero of=20G.file bs=1G c ...
- windows简单使用etcd
一.下载安装选择版本 https://github.com/coreos/etcd/releases 二.解压 三.首先开启etcd 1.进入在etcd解压的目录中 2.etcd.exe 没有erro ...
- ResourceBundle和properties 读取配置文件区别
java.util.ResourceBundle 和java.util.properties 读取配置文件区别 这两个类都是读取properties格式的文件的,而Properties同时还能用来写文 ...
- SYN blood攻击
SYN Flood (SYN洪水) 是种典型的DoS (Denial of Service,拒绝服务) 攻击.效果就是服务器TCP连接资源耗尽,停止响应正常的TCP连接请求. 说到原理,还得从TCP如 ...