### Install KillerBee Source: https://github.com/riverloopsec/killerbee/blob/develop/README.md Installs the KillerBee framework using Python's standard setup.py script after all dependencies have been met. ```bash python setup.py install ``` -------------------------------- ### Build and Install Firmware with DFU-Programmer Source: https://github.com/riverloopsec/killerbee/blob/develop/firmware/README.md Compile and flash the firmware using the dfu-programmer utility after the DFU bootloader has been installed. ```bash cd firmware/src/kb-rzusbstick/gcc/RZUSBSTICK make make install-with-dfu-programmer ``` -------------------------------- ### Build and Install Firmware with DFU-AVRDUDE Source: https://github.com/riverloopsec/killerbee/blob/develop/firmware/README.md Compile and flash the firmware using avrdude after the DFU bootloader has been installed. ```bash cd firmware/src/kb-rzusbstick/gcc/RZUSBSTICK make make install-with-dfu-avrdude ``` -------------------------------- ### Install Ubuntu Dependencies Source: https://github.com/riverloopsec/killerbee/blob/develop/README.md Installs necessary system packages on Ubuntu for KillerBee, including Python USB, crypto, and serial support, along with development headers. ```bash # apt-get install python-usb python-crypto python-serial python-dev libgcrypt-dev ``` -------------------------------- ### Install DFU Bootloader with AVRDUDE Source: https://github.com/riverloopsec/killerbee/blob/develop/firmware/README.md Use this command to install the DFU bootloader, enabling future firmware updates via USB. ```bash cd firmware/src/kb-rzusbstick/gcc/RZUSBSTICK-DFU make install-with-avrdude ``` -------------------------------- ### Install gcrypt Development Package Source: https://github.com/riverloopsec/killerbee/blob/develop/FAQ.md If gcrypt.h is missing during installation, install the gcrypt development package. This ensures that the necessary cryptographic headers are available for compilation. ```bash sudo apt-get install -y libgcrypt-dev ``` -------------------------------- ### Bluetooth Connection Setup Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFET-pysrc.html Initializes a Bluetooth connection and sets a timeout for operations. ```python sock.connect((btaddr,port)); sock.settimeout(10); #IMPORTANT Must be patient. # Instead, just return and hope for the best. return; ``` -------------------------------- ### Register and Setup Operations Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFETatmel128.GoodFETatmel128rfa1-class.html Methods for peeking at registers and setting up the GoodFET for AVR application. ```APIDOC ## peek(self, reg, bytes=1) ### Description Read a Register. ### Method GET ### Endpoint /riverloopsec/killerbee/GoodFETatmel128rfa1/peek ### Parameters #### Path Parameters None #### Query Parameters - **reg** (string) - Required - The register to read. - **bytes** (integer) - Optional - The number of bytes to read. ### Request Example ```json { "reg": "STATUS_REG", "bytes": 2 } ``` ### Response #### Success Response (200) - **value** (string) - The value read from the register. #### Response Example ```json { "value": "0x1A2B" } ``` ## setup(self) ### Description Move the FET into the AVR application. ### Method POST ### Endpoint /riverloopsec/killerbee/GoodFETatmel128rfa1/setup ### Parameters None ### Request Example ```json {} ``` ### Response #### Success Response (200) - **status** (string) - Indicates successful setup. #### Response Example ```json { "status": "Device set up for AVR application" } ``` ``` -------------------------------- ### setup() Method Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFETCCSPI-pysrc.html Initializes the GoodFET device for CCSPI communication and configures the radio for ZigBee operation. ```APIDOC ## setup() ### Description Moves the FET into the CCSPI application and configures the radio for ZigBee communication, including setting promiscuous mode and disabling crypto. ### Method `setup()` ### Parameters None ### Request Body None ### Response None ### Example ```python fet.setup() ``` ``` -------------------------------- ### CCSPI Setup and Configuration Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFETCCSPI.GoodFETCCSPI-class.html Methods for initializing and configuring the KillerBee device for CCSPI communication. ```APIDOC ## POST /api/ccspi/setup ### Description Move the FET into the CCSPI application. ### Method POST ### Endpoint /api/ccspi/setup ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) - **status** (string) - Indicates successful setup. #### Response Example ```json { "status": "success" } ``` ``` ```APIDOC ## GET /api/ccspi/peek ### Description Read a CCSPI Register. For long registers, the result is flipped. ### Method GET ### Endpoint /api/ccspi/peek ### Parameters #### Path Parameters None #### Query Parameters - **reg** (integer) - Required - The register address to read. - **bytes** (integer) - Optional - The number of bytes to read (default is 2). ### Request Example None ### Response #### Success Response (200) - **value** (string) - The value read from the register. #### Response Example ```json { "value": "0x1234" } ``` ``` ```APIDOC ## GET /api/ccspi/status ### Description Read the status byte of the CCSPI interface. ### Method GET ### Endpoint /api/ccspi/status ### Parameters #### Path Parameters None #### Query Parameters None ### Request Example None ### Response #### Success Response (200) - **status_byte** (string) - The status byte value. #### Response Example ```json { "status_byte": "0x01" } ``` ``` -------------------------------- ### Get All Capabilities in KBCapabilities Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.kbutils-pysrc.html Retrieves all capabilities stored for the device. ```python def getlist(self): return self._capabilities ``` -------------------------------- ### Method: run Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.zbwardrive.capture.CaptureThread-class.html Starts the execution of the capture thread. ```APIDOC ## run(self) ### Description Executes the main loop for the capture thread, overriding the threading.Thread.run method. ``` -------------------------------- ### Setup Radio Communication Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFETatmel128-pysrc.html Initializes the radio communication by calling the RF_setup method. ```python self.[RF_setup](# "killerbee.GoodFETatmel128.GoodFETatmel128rfa1.RF_setup")() ``` -------------------------------- ### GoodFETatmel128rfa1 RF Setup Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFETatmel128-pysrc.html Initializes the RF module of the GoodFETatmel128rfa1 device. ```APIDOC ## RF_setup ### Description Initializes the radio frequency module. ### Method This is a method within the GoodFETatmel128rfa1 class. ### Endpoint N/A (Class Method) ### Parameters None ### Request Example ```python goodfet_instance.RF_setup() ``` ### Response None ``` -------------------------------- ### Get KillerBee Instance Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee-pysrc.html Returns an instance of a KillerBee device, set up on the specified channel. Includes error handling for device creation and channel setting. ```python import struct import glob from warnings import warn from pcapdump import * from daintree import * from pcapdlt import * from kbutils import * #provides serial, usb, USBVER from zigbeedecode import * #would like to import only within killerbee class from dot154decode import * #would like to import only within killerbee class from config import * #to get DEV_* variables # Utility Functions def getKillerBee(channel): ''' Returns an instance of a KillerBee device, setup on the given channel. Error handling for KillerBee creation and setting of the channel is wrapped and will raise an Exception(). @return: A KillerBee instance initialized to the given channel. ''' kb = KillerBee() if kb is None: raise Exception("Failed to create a KillerBee instance.") try: kb.set_channel(channel) except Exception, e: raise Exception('Error: Failed to set channel to %d' % channel, e) return kb ``` -------------------------------- ### Initialize and Stream GPS Data Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.zbwardrive.testGPS-pysrc.html Initializes a GPS session, polls for data, and starts streaming it. This is the setup for continuous GPS data acquisition. ```python import [gps](# "killerbee.openear.gps killerbee.openear.gps.gps'.gps killerbee.zbwardrive.gps killerbee.zbwardrive.gps.gps'.gps"), os, time [session](# "killerbee.openear.gps.session killerbee.openear.scanner.session killerbee.zbwardrive.testGPS.session") = [gps](# "killerbee.openear.gps killerbee.openear.gps.gps'.gps killerbee.zbwardrive.gps killerbee.zbwardrive.gps.gps'.gps").[gps](# "killerbee.openear.gps killerbee.openear.gps.gps'.gps killerbee.zbwardrive.gps killerbee.zbwardrive.gps.gps'.gps")() [session](# "killerbee.openear.gps.session killerbee.openear.scanner.session killerbee.zbwardrive.testGPS.session").[poll](# "killerbee.openear.gps.gps'.gps.poll killerbee.zbwardrive.gps.gps'.gps.poll")() [session](# "killerbee.openear.gps.session killerbee.openear.scanner.session killerbee.zbwardrive.testGPS.session").[stream](# "killerbee.openear.gps.client.gpsjson.stream killerbee.openear.gps.gps'.gps.stream killerbee.zbwardrive.gps.client.gpsjson.stream killerbee.zbwardrive.gps.gps'.gps.stream")() ``` -------------------------------- ### RZUSBSTICK Device Setup Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_rzusbstick-pysrc.html Handles the low-level USB configuration for the RZUSBSTICK, supporting both pyUSB 1.x and legacy 0.x versions. ```APIDOC ## RZUSBSTICK.__handle_open ### Description Opens the device identified by the instance and populates the internal handle. It automatically detects the USB version to apply the correct configuration sequence. ### Method Internal Method ### Parameters None ### Response - **None** (None) - Populates self.handle on success; raises Exception if the device cannot be opened. ``` -------------------------------- ### Start Zigbee Capture Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.openear.capture-pysrc.html Initiates a pcap and online database capture for Zigbee traffic on a specified channel and device. Requires setup of signal handlers and threading events. ```python def startCapture(dev, capChan): timeLabel = datetime.now().strftime('%Y%m%d-%H%M') print 'Cap%s: Launching a capture on channel %s.' % (dev, capChan) fname = 'zb_c%s_%s.pcap' % (capChan, timeLabel) #fname is -w equiv signal.signal(signal.SIGINT, interrupt) trigger = threading.Event() triggers.append(trigger) CaptureThread(capChan, dev, fname, trigger).start() ``` -------------------------------- ### KillerBee Get Instance Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/identifier-index.html Get an instance of the KillerBee object. ```APIDOC ## GET /api/killerbee/instance ### Description Retrieves an instance of the KillerBee object, which can be used to interact with KillerBee devices. ### Method GET ### Endpoint /api/killerbee/instance ### Response #### Success Response (200) - **killerbee_instance** (object) - An object representing the KillerBee instance. #### Response Example ```json { "killerbee_instance": {} } ``` ``` -------------------------------- ### Initialize GPS Client Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.openear.gps.gps'-pysrc.html Initializes the GPS client with a specified mode. This method is part of the GPS client's setup process. ```python if mode: self.[stream](# "killerbee.openear.gps.client.gpsjson.stream killerbee.openear.gps.gps'.gps.stream killerbee.zbwardrive.gps.client.gpsjson.stream killerbee.zbwardrive.gps.gps'.gps.stream")(mode) ``` -------------------------------- ### Install Python Development Package Source: https://github.com/riverloopsec/killerbee/blob/develop/FAQ.md If Python.h is missing during installation, install the Python development package using your system's package manager. This is a common fix for compilation errors. ```bash sudo apt-get install -y python-dev ``` -------------------------------- ### FREAKDUINO Instance Methods Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_freakduino.FREAKDUINO-class.html Provides documentation for various instance methods of the FREAKDUINO class. ```APIDOC ## FREAKDUINO.close ### Description Closes the serial port. ### Method close ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.check_capability ### Description Checks for a specific capability. ### Method check_capability ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.get_capabilities ### Description Retrieves the capabilities of the device. ### Method get_capabilities ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.__set_capabilities ### Description Sets the capability information for Freakdruino device based on the currently loaded sketch. ### Method __set_capabilities ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) List #### Response Example None ``` ```APIDOC ## FREAKDUINO.get_dev_info ### Description Returns device information in a list identifying the device. ### Method get_dev_info ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) List #### Response Example None ``` ```APIDOC ## FREAKDUINO.__send_cmd ### Description Sends a command. ### Method __send_cmd ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.__serial_cmd ### Description Sends a command over the self.conn serial connection. ### Method __serial_cmd ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **cmdstr** (string) - Required - The command string. - **arg** (any) - Optional - The argument for the command. ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.eeprom_dump ### Description Dumps the EEPROM contents. ### Method eeprom_dump ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.sniffer_on ### Description Turns the sniffer on such that pnext() will start returning observed data. ### Method sniffer_on ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters - **channel** (int) - Optional - The radio channel to sniff on. #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.sniffer_off ### Description Turns the sniffer off, freeing the hardware for other functions. ### Method sniffer_off ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.set_channel ### Description Sets the radio interface to the specified channel (limited to 2.4 GHz channels 11-26). ### Method set_channel ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **channel** (int) - Required - The radio channel to set. ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.inject ### Description Injects the specified packet contents. ### Method inject ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **packet** (string) - Required - The packet data to inject. - **channel** (int) - Optional - The radio channel to inject on. - **count** (int) - Optional - The number of times to inject the packet (default: 1). - **delay** (int) - Optional - The delay between injections in milliseconds (default: 0). ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.pnext ### Description Returns packet data as a string, else None. ### Method pnext ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **timeout** (int) - Optional - The timeout in milliseconds (default: 100). ### Request Example None ### Response #### Success Response (200) string or None #### Response Example None ``` ```APIDOC ## FREAKDUINO.pnext_rec ### Description Retrieves received packet data. ### Method pnext_rec ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **timeout** (int) - Optional - The timeout in milliseconds (default: 100). ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.getCaptureDateTime ### Description Gets the capture date and time for the given data. ### Method getCaptureDateTime ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **data** (any) - Required - The data for which to get the capture date and time. ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.processLocationUpdate ### Description Takes a location string passed from the device and updates the driver's internal state of last received location. ### Method processLocationUpdate ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **ldata** (string) - Required - The location data string. ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.ping ### Description Not yet implemented. ### Method ping ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **da** (any) - Required. - **panid** (any) - Required. - **sa** (any) - Required. - **channel** (int) - Optional. ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.jammer_on ### Description Not yet implemented. ### Method jammer_on ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **channel** (int) - Optional. ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` ```APIDOC ## FREAKDUINO.jammer_off ### Description Not yet implemented. ### Method jammer_off ### Endpoint N/A ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **channel** (int) - Optional. ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` -------------------------------- ### Start Capture Thread Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.openear.scanner-pysrc.html Starts the packet capture thread. This is a simple method call to initiate data collection. ```python t.start() ``` -------------------------------- ### startCapture Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.zbwardrive.capture-pysrc.html Initiates a pcap and online database capture on a specified channel using an available device. ```APIDOC ## startCapture ### Description Initiates a pcap and online database capture on a specified channel. It checks for available devices and launches a capture thread. ### Parameters #### Request Body - **zbdb** (object) - Required - The database instance to log capture data. - **channel** (int) - Required - The channel to perform the capture on. - **dblog** (bool) - Optional - Whether to log to the database (default: False). - **gps** (bool) - Optional - Whether to include GPS data (default: False). ``` -------------------------------- ### Initialize ApiMote Device Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_apimote-pysrc.html Instantiates the KillerBee class for the ApiMote platform. Sets environment variables for GoodFET, initializes the serial connection, and sets capabilities. Requires the serial device identifier and optionally the revision number. ```python def __init__(self, dev, revision=DEFAULT_REVISION): ''' Instantiates the KillerBee class for the ApiMote platform running GoodFET firmware. @type dev: String @param dev: Serial device identifier (ex /dev/ttyUSB0) @type revision: Integer @param revision: The revision number for the ApiMote, which is used by the called GoodFET libraries to properly communicate with and configure the hardware. @return: None @rtype: None ''' self._channel = None self.handle = None self.dev = dev self.__revision_num = revision # Set enviroment variables for GoodFET code to use os.environ["platform"] = "apimote%d".format(self.__revision_num) os.environ["board"] = "apimote%d".format(self.__revision_num) self.handle = GoodFETCCSPI() self.handle.serInit(port=self.dev) self.handle.setup() # TODO can we verify here the revision number that was sent is correct? self.__stream_open = False self.capabilities = KBCapabilities() self.__set_capabilities() ``` -------------------------------- ### TelosB I2C Start Condition Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFET-pysrc.html Initiates an I2C start condition for the TelosB platform. This involves setting the SDA and SCL pins in a specific sequence. ```python def telosI2CStart(self): self.[telosSetSDA](# "killerbee.GoodFET.GoodFET.telosSetSDA")(1) self.[telosSetSCL](# "killerbee.GoodFET.GoodFET.telosSetSCL")(1) self.[telosSetSDA](# "killerbee.GoodFET.GoodFET.telosSetSDA")(0) ``` -------------------------------- ### Install macOS Dependencies Source: https://github.com/riverloopsec/killerbee/blob/develop/README.md Installs required system libraries and Python packages on macOS for KillerBee. Includes libusb, libgcrypt, and Python libraries pyusb and scapy. ```bash # brew install libusb libgcrypt # pip3 install pyusb scapy ``` -------------------------------- ### KillerBee.__init__ Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee-pysrc.html Constructor for the KillerBee class to instantiate a new device interface. ```APIDOC ## KillerBee.__init__(device=None, datasource=None, gps=None) ### Description Instantiates the KillerBee class for hardware interaction. ### Parameters #### Request Body - **device** (String) - Optional - Device identifier (USB vendor:product, serial node, or IP address). - **datasource** (String) - Optional - Known datasource type for logging. - **gps** (String) - Optional - Serial device identifier for an attached GPS unit. ``` -------------------------------- ### startCapture Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.openear.capture-module.html Initiates a capture process on a specified device and channel. ```APIDOC ## startCapture ### Description Starts the capture process on the provided device and channel. ### Parameters - **dev** (object) - Required - The device to perform the capture on. - **capChan** (int) - Required - The channel to capture data from. ``` -------------------------------- ### APIMOTE Class Initialization Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_apimote-pysrc.html Initializes the APIMOTE class, setting up the connection to the ApiMote hardware via a serial device and configuring GoodFET libraries. ```APIDOC ## APIMOTE Class ### Description Instantiates the KillerBee class for the ApiMote platform running GoodFET firmware. ### Method __init__ ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example ```python apimote_instance = APIMOTE(dev='/dev/ttyUSB0', revision=2) ``` ### Response #### Success Response (200) None (initialization) #### Response Example None ``` -------------------------------- ### GET /api/sniffer_channel Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_wislab-pysrc.html Retrieves the current channel the sniffer is operating on. ```APIDOC ## GET /api/sniffer_channel ### Description Retrieves the current channel the sniffer is operating on. This information is parsed from the sniffer's status response. ### Method GET ### Endpoint /api/sniffer_channel ### Response #### Success Response (200) - **channel** (integer) - The current operating channel of the sniffer. #### Response Example { "channel": 11 } ``` -------------------------------- ### ZigBeeAPSPacketParser - __init__ Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.zigbeedecode-pysrc.html Initializes the ZigBeeAPSPacketParser class. ```APIDOC ## ZigBeeAPSPacketParser.__init__ ### Description Instantiates the ZigBeeAPSPacketParser class. ### Method `__init__(self)` ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ``` -------------------------------- ### GET /api/dev_info Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_zigduino-pysrc.html Retrieves basic information about the Zigduino device. ```APIDOC ## GET /api/dev_info ### Description Returns device information in a list identifying the device. ### Method GET ### Endpoint /api/dev_info ### Response #### Success Response (200) - **device_id** (string) - Identifier for the device. - **device_type** (string) - Type of the device, e.g., "Zigduino". - **extra_info** (string) - Additional information, usually empty. #### Response Example { "device_id": "some_id", "device_type": "Zigduino", "extra_info": "" } ``` -------------------------------- ### Initialize GoodFET Client Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFET-pysrc.html Factory function to instantiate specific GoodFET device classes based on the provided target name. ```python def getClient(name="GoodFET"): import GoodFET, GoodFETCC, GoodFETAVR, GoodFETSPI, GoodFETMSP430, GoodFETNRF, GoodFETCCSPI; if(name=="GoodFET" or name=="monitor"): return GoodFET.GoodFET(); elif name=="cc" or name=="cc51": return GoodFETCC.GoodFETCC(); elif name=="cc2420" or name=="ccspi": return GoodFETCCSPI.GoodFETCCSPI(); elif name=="avr": return GoodFETAVR.GoodFETAVR(); elif name=="spi": return GoodFETSPI.GoodFETSPI(); elif name=="msp430": return GoodFETMSP430.GoodFETMSP430(); elif name=="nrf": return GoodFETNRF.GoodFETNRF(); print "Unsupported target: %s" % name; sys.exit(0); ``` -------------------------------- ### Initialize TELOSB Class Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_telosb-pysrc.html The constructor sets up the serial device, initializes the GoodFET interface, and configures device capabilities. ```python def __init__(self, dev): ''' Instantiates the KillerBee class for our TelosB/TmoteSky running GoodFET firmware. @type dev: String @param dev: Serial device identifier (ex /dev/ttyUSB0) @return: None @rtype: None ''' self._channel = None self.handle = None self.dev = dev os.environ["board"] = "telosb" #set enviroment variable for GoodFET code to use self.handle = GoodFETCCSPI() self.handle.serInit(port=self.dev) self.handle.setup() self.__stream_open = False self.capabilities = KBCapabilities() self.__set_capabilities() ``` -------------------------------- ### GET /get_dev_info Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_telosb-pysrc.html Retrieves information identifying the connected device. ```APIDOC ## GET /get_dev_info ### Description Returns a list of strings identifying the device. ### Method GET ### Endpoint /get_dev_info ### Response #### Success Response (200) - **device_info** (List) - A list of 3 strings identifying the device. ``` -------------------------------- ### startCapture Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/toc-killerbee.openear.capture-module.html Initiates the packet capture process. ```APIDOC ## startCapture ### Description Starts the capture process within the KillerBee framework. ### Method Function Call ### Endpoint killerbee.openear.capture.startCapture ``` -------------------------------- ### GET get_dev_info Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_freakduino-pysrc.html Retrieves identification information for the Freakduino device. ```APIDOC ## GET get_dev_info ### Description Returns a list of 3 strings identifying the device. ### Response #### Success Response (200) - **device_info** (List) - List of 3 strings identifying the device. ``` -------------------------------- ### sniffer_on Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_rzusbstick-pysrc.html Turns the sniffer on to start returning observed data. ```APIDOC ## sniffer_on ### Description Turns the sniffer on such that pnext() will start returning observed data. Will set the command mode to Air Capture if it is not already set. ### Parameters #### Request Body - **channel** (Integer) - Optional - Sets the channel ``` -------------------------------- ### APIMOTE Initialization Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_apimote.APIMOTE-class.html Instantiates the KillerBee class for the ApiMote platform running GoodFET firmware. ```APIDOC ## APIMOTE.__init__ ### Description Instantiates the KillerBee class for the ApiMote platform running GoodFET firmware. ### Method Constructor ### Endpoint N/A (Class constructor) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ### Parameters * **`dev`** (String) - Serial device identifier (ex /dev/ttyUSB0) * **`revision`** (Integer) - The revision number for the ApiMote, which is used by the called GoodFET libraries to properly communicate with and configure the hardware. ``` -------------------------------- ### POST sniffer_on Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_freakduino-pysrc.html Turns the sniffer on to start capturing data. ```APIDOC ## POST sniffer_on ### Description Turns the sniffer on such that pnext() will start returning observed data. Sets the command mode to Air Capture if not already set. ### Parameters #### Query Parameters - **channel** (Integer) - Optional - Sets the channel for the sniffer. ``` -------------------------------- ### Search and Initialize USB Devices Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee-pysrc.html Handles USB device discovery and driver selection based on vendor and product IDs. ```python if self.driver is None: if device is None: result = kbutils.search_usb(None) if result != None: if USBVER == 0: (self.__bus, self.dev) = result elif USBVER == 1: #TODO remove self.__bus attribute, not needed in 1.x as all info in self.dev self.dev = result # Recognize if device is provided in the USB format (like a 012:456 string): elif ":" in device: result = kbutils.search_usb(device) if result == None: raise KBInterfaceError("Did not find a USB device matching %s." % device) else: if USBVER == 0: (self.__bus, self.dev) = result elif USBVER == 1: #TODO remove self.__bus attribute, not needed in 1.x as all info in self.dev self.dev = result if self.dev is not None: if self.__device_is(RZ_USB_VEND_ID, RZ_USB_PROD_ID): from dev_rzusbstick import RZUSBSTICK self.driver = RZUSBSTICK(self.dev, self.__bus) elif self.__device_is(ZN_USB_VEND_ID, ZN_USB_PROD_ID): raise KBInterfaceError("Zena firmware not yet implemented.") else: raise KBInterfaceError("KillerBee doesn't know how to interact with USB device vendor=%04x, product=%04x.".format(self.dev.idVendor, self.dev.idProduct)) ``` -------------------------------- ### GET settings.cgi Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_wislab-pysrc.html Configures the radio interface channel and modulation settings. ```APIDOC ## GET settings.cgi ### Description Sets the radio interface to a specific channel and modulation. ### Method GET ### Endpoint settings.cgi ### Query Parameters - **chn** (Integer) - Required - The channel number to set. - **modul** (String) - Required - The modulation type corresponding to the channel. - **rxsens** (Integer) - Required - Receiver sensitivity setting (default 0). ### Request Example settings.cgi?chn=6&modul=c&rxsens=0 ``` -------------------------------- ### GET /api/dev_info Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_wislab-pysrc.html Retrieves essential information about the connected WISLAB device. ```APIDOC ## GET /api/dev_info ### Description Returns device information in a list identifying the device. ### Method GET ### Endpoint /api/dev_info ### Response #### Success Response (200) - **device_id** (string) - The unique identifier for the device. - **device_name** (string) - The name or model of the device, including its version. - **mac_address** (string) - The MAC address of the device. #### Response Example { "device_id": "", "device_name": "Wislab Sniffer v", "mac_address": "" } ``` -------------------------------- ### Device Discovery - show_dev() and devlist() Source: https://context7.com/riverloopsec/killerbee/llms.txt Functions to enumerate and display available KillerBee-compatible devices connected to the system. ```APIDOC ## Device Discovery - show_dev() and devlist() ### Description Functions to enumerate and display available KillerBee-compatible devices connected to the system. ### Method `show_dev()` `devlist(gps=None, include=None)` ### Parameters #### Query Parameters (for devlist) - **gps** (str) - Optional - Path to a GPS device to exclude from enumeration. - **include** (list of str) - Optional - List of IP addresses to include as sniffers. ### Request Example ```python from killerbee import show_dev, devlist # Print formatted list of devices to stdout show_dev() # Output: # Dev Product String Serial Number # /dev/ttyUSB0 GoodFET Api-Mote v2 # Get device list as data for programmatic use devices = devlist() for dev in devices: device_path = dev[0] # e.g., "/dev/ttyUSB0" or "1:5" product_name = dev[1] # e.g., "GoodFET Api-Mote v2" serial_num = dev[2] # Serial number or empty string print(f"Found: {product_name} at {device_path}") # Exclude a GPS device from enumeration devices = devlist(gps="/dev/ttyUSB1") # Include additional IP-based sniffers devices = devlist(include=["192.168.1.100"]) ``` ### Response #### Success Response (200) - **show_dev()**: Prints to stdout. - **devlist()**: Returns a list of tuples, where each tuple contains (device_path, product_name, serial_number). #### Response Example ```python # Example output from devlist() [ ("/dev/ttyUSB0", "GoodFET Api-Mote v2", "") ] ``` ``` -------------------------------- ### get_serial_ports Function Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.kbutils-module.html Private function to get available serial ports. ```APIDOC ## get_serial_ports Function ### Description Private function to get available serial ports. ### Method N/A (Function definition) ### Endpoint N/A ### Parameters #### Query Parameters - **include** (None) - Optional - Filter for specific serial ports. ### Request Body N/A ### Response N/A ### Example N/A ``` -------------------------------- ### KillerBee Channel Management Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee-pysrc.html Methods for getting and setting the radio channel. ```APIDOC ## GET /api/channel ### Description Gets the current radio channel that was last set on the device. ### Method GET ### Endpoint /api/channel ### Parameters None ### Request Example None ### Response #### Success Response (200) - **channel** (integer) - The current radio channel. #### Response Example { "channel": 11 } ``` ```APIDOC ## PUT /api/channel ### Description Sets the radio interface to the specified channel. Currently, support is limited to 2.4 GHz channels 11 - 26. ### Method PUT ### Endpoint /api/channel ### Parameters #### Request Body - **channel** (integer) - Required - The channel to set. ### Request Example { "channel": 15 } ### Response #### Success Response (200) - **status** (string) - Indicates the channel has been set. #### Response Example { "status": "channel_set" } ``` ```APIDOC ## GET /api/channel/valid/{channel_number} ### Description Checks if the provided channel number is valid based on the sniffer's capabilities. ### Method GET ### Endpoint /api/channel/valid/{channel_number} ### Parameters #### Path Parameters - **channel_number** (integer) - Required - The channel number to validate. ### Request Example None ### Response #### Success Response (200) - **is_valid** (boolean) - True if the channel is valid, False otherwise. #### Response Example { "is_valid": true } ``` -------------------------------- ### Initiate a Capture Session Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.zbwardrive.capture-pysrc.html The startCapture function initializes a pcap and database capture on a specified channel using an available device. Ensure no active capture is already running on the target channel before invocation. ```python def startCapture(zbdb, channel, dblog=False, gps=False): ''' Before calling, you should have already ensured the channel or the channel which the key is associated with does not already have an active capture occuring. ''' nextDev = zbdb.get_devices_nextFree() #TODO if device not availabe, wait till one opens up, and then occupy it. if nothing opens within 10 seconds, say you don't have a device available capChan = channel key = "CH%d" % channel if nextDev == None: print 'Cap%s: No free device to use for capture.' % key return None print 'Cap%s: Launching a capture on channel %s.' % (key, capChan) signal.signal(signal.SIGINT, interrupt) trigger = threading.Event() triggers.append(trigger) CaptureThread(capChan, nextDev, trigger, dblog=dblog, gps=gps).start() zbdb.update_devices_start_capture(nextDev, capChan) ``` -------------------------------- ### Execute OpenOCD Flashing Source: https://github.com/riverloopsec/killerbee/blob/develop/firmware/README.md Run the OpenOCD process using the specified configuration file. ```bash openocd -f openocd_bp.cfg ``` -------------------------------- ### GET /api/sniffer_status Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_wislab-pysrc.html Checks the current operational status of the sniffer (running or stopped). ```APIDOC ## GET /api/sniffer_status ### Description Checks the current operational status of the sniffer. This is necessary because the firmware only accepts toggle commands for sniffer on/off. ### Method GET ### Endpoint /api/sniffer_status ### Response #### Success Response (200) - **is_running** (boolean) - True if the sniffer is currently running, False otherwise. #### Response Example { "is_running": true } ``` -------------------------------- ### Get RSSI Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.GoodFETCCSPI-pysrc.html Retrieves the received signal strength indicator from the radio register. ```python def RF_getrssi(self): """Returns the received signal strength, with a weird offset.""" rssival=self.peek(0x13)&0xFF; #raw RSSI register return rssival^0x80; ``` -------------------------------- ### Initialize ZigBeeAPSPacketParser Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.zigbeedecode-pysrc.html Constructor for the ZigBeeAPSPacketParser class. ```python def __init__(self): ''' Instantiates the ZigBeeAPSPacketParser class. ''' return ``` -------------------------------- ### Get Device Information Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_freakduino-pysrc.html Returns a list containing device identification strings. ```python def get_dev_info(self): ''' Returns device information in a list identifying the device. @rtype: List @return: List of 3 strings identifying device. ''' return [self.dev, "Dartmouth Freakduino", ""] ``` -------------------------------- ### WISLAB Initialization Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_wislab-pysrc.html Initializes the KillerBee WISLAB class, setting up the UDP socket for receiving sniffed packets and verifying firmware compatibility. ```APIDOC ## WISLAB.__init__ ### Description Instantiates the KillerBee class for the Wislab Sniffer and binds the UDP socket for packet reception. ### Parameters #### Request Body - **dev** (String) - Required - IP address of the sniffer (e.g., 10.10.10.2) - **recvport** (Integer) - Optional - UDP port to listen for sniffed packets on - **recvip** (String) - Optional - IP address of the host to receive sniffed packets ``` -------------------------------- ### Initialize Zigduino Device Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_zigduino-pysrc.html The constructor initializes the serial connection and sets up the device capabilities for the Zigduino hardware. ```python def __init__(self, dev): ''' Instantiates the KillerBee class for Zigduino running GoodFET firmware. @type dev: String @param dev: Serial device identifier (ex /dev/ttyUSB0) @return: None @rtype: None ''' self._channel = None self.handle = None self.dev = dev self.handle = GoodFETatmel128rfa1() self.handle.serInit(port=self.dev) self.handle.setup() self.__stream_open = False self.capabilities = KBCapabilities() self.__set_capabilities() ``` -------------------------------- ### Initialize KillerBee Scapy Configuration Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.scapy_extensions-pysrc.html Sets up default configuration attributes for KillerBee channels and devices within the Scapy environment. ```python DEFAULT_KB_CHANNEL = 11 DEFAULT_KB_DEVICE = None from scapy.config import conf setattr(conf, 'killerbee_channel', DEFAULT_KB_CHANNEL) setattr(conf, 'killerbee_device', DEFAULT_KB_DEVICE) setattr(conf, 'killerbee_nkey', None) from scapy.base_classes import SetGen from scapy.packet import Gen,Raw import os import time from kbutils import randmac import logging log_killerbee = logging.getLogger('scapy.killerbee') ``` -------------------------------- ### GET /kbutils/isIpAddr Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.kbutils-pysrc.html Validates whether a given string is a valid IPv4 or IPv6 address. ```APIDOC ## GET /kbutils/isIpAddr ### Description Checks if the provided string conforms to valid IPv4 or IPv6 address standards. ### Parameters #### Query Parameters - **ip** (string) - Required - The address string to validate. ### Response #### Success Response (200) - **result** (boolean) - Returns True if the address is valid, False otherwise. ``` -------------------------------- ### FREAKDUINO Class Initialization Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_freakduino.FREAKDUINO-class.html Instantiates the KillerBee class for a sketch running on ChibiArduino on Freakduino hardware. ```APIDOC ## FREAKDUINO.__init__ (Constructor) ### Description Instantiates the KillerBee class for our sketch running on ChibiArduino on Freakduino hardware. ### Method __init__ ### Endpoint N/A (Class Constructor) ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body None ### Request Example None ### Response #### Success Response (200) None #### Response Example None ### Parameters: * **`serialpath`** (string) - Required - /dev/ttyUSB* type serial port identifier ``` -------------------------------- ### GET status.cgi Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.dev_wislab-pysrc.html Instructs the sniffer to stop capture by making a REST call to the device. ```APIDOC ## GET status.cgi ### Description Turns the sniffer off by sending a request to the device status interface. ### Method GET ### Endpoint status.cgi?p=2 ### Response #### Success Response (200) - **status** (boolean) - Indicates if the sniffer capture was successfully stopped. ``` -------------------------------- ### Killerbee Device Initialization Source: https://github.com/riverloopsec/killerbee/blob/develop/doc/killerbee.openear.gps.gps'-pysrc.html Initializes various Killerbee-compatible hardware devices. ```APIDOC ## Killerbee Device Initialization ### Description This section lists the constructors for various device classes within the Killerbee project, indicating the initialization of different hardware interfaces. ### Classes - `killerbee.dblog.DBReader.__init__` - `killerbee.dev_apimote.APIMOTE.__init__` - `killerbee.dev_freakduino.FREAKDUINO.__init__` - `killerbee.dev_rzusbstick.RZUSBSTICK.__init__` - `killerbee.dev_telosb.TELOSB.__init__` - `killerbee.dev_wislab.WISLAB.__init__` - `killerbee.dev_zigduino.ZIGDUINO.__init__` ```