grg/checkm8_tool
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added some more functionality to payload installation

Browse Source
This commit is contained in:
Gregor Haas
2019-12-10 19:01:02 -05:00
parent 16cf301e80
commit 1ea372da10
7 changed files with 142 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
checkm8_remote/src/command.c
View File

@@ -3,7 +3,7 @@
#include "libusb.h"
void dfu_send_data(struct libusb_device_bundle *bundle, unsigned char *data, long data_len)
void dfu_send_data(struct pwned_device *dev, unsigned char *data, long data_len)
{
long index = 0, amount;
while(index < data_len)
@@ -11,7 +11,7 @@ void dfu_send_data(struct libusb_device_bundle *bundle, unsigned char *data, lon
if(data_len - index >= LIBUSB_MAX_PACKET_SIZE) amount = LIBUSB_MAX_PACKET_SIZE;
else amount = data_len - index;
libusb_control_transfer(bundle->handle, 0x21, 1, 0, 0, &data[index], amount, 5000);
libusb_control_transfer(dev->bundle->handle, 0x21, 1, 0, 0, &data[index], amount, 5000);
index += amount;
}
}
@@ -20,27 +20,27 @@ static unsigned char nullbuf[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
int command(struct pwned_device *dev, void *data, long data_len, void *response, long response_len)
{
struct libusb_device_bundle bundle;
int ret = get_device_bundle(&bundle);
int ret = get_device_bundle(dev);
if(IS_CHECKM8_FAIL(ret))
{
return ret;
}
dfu_send_data(&bundle, nullbuf, 16);
libusb_control_transfer(bundle.handle, 0x21, 1, 0, 0, NULL, 0, 100);
libusb_control_transfer(bundle.handle, 0xA1, 3, 0, 0, NULL, 0, 100);
libusb_control_transfer(bundle.handle, 0xA1, 3, 0, 0, NULL, 6, 100);
dfu_send_data(&bundle, (unsigned char *) data, data_len);
dfu_send_data(dev, nullbuf, 16);
libusb_control_transfer(dev->bundle->handle, 0x21, 1, 0, 0, NULL, 0, 100);
libusb_control_transfer(dev->bundle->handle, 0xA1, 3, 0, 0, NULL, 0, 100);
libusb_control_transfer(dev->bundle->handle, 0xA1, 3, 0, 0, NULL, 6, 100);
dfu_send_data(dev, (unsigned char *) data, data_len);
if(response_len == 0)
{
libusb_control_transfer(bundle.handle, 0xA1, 2, 0xFFFF, 0, response, response_len + 1, 100);
libusb_control_transfer(dev->bundle->handle, 0xA1, 2, 0xFFFF, 0, response, response_len + 1, 100);
}
else
{
libusb_control_transfer(bundle.handle, 0xA1, 2, 0xFFFF, 0, response, response_len, 100);
libusb_control_transfer(dev->bundle->handle, 0xA1, 2, 0xFFFF, 0, response, response_len, 100);
}
release_device_bundle(dev);
return CHECKM8_SUCCESS;
}