Fix huge delay on Transmit Signal.

This commit is contained in:
Derek Jamison 2023-09-02 19:42:39 -05:00
parent be6e4ba9ed
commit d99a059a01
6 changed files with 22 additions and 12 deletions

View File

@ -1,6 +1,6 @@
# Rolling Flaws # Rolling Flaws
Rolling Flaws by [@CodeAllNight](https://twitter.com/codeallnight). Rolling Flaws (version 1.3) by [@CodeAllNight](https://twitter.com/codeallnight).
[YouTube demo](https://youtu.be/gMnGuDC9EQo?si=4HLZpkC4XWhh97uQ) of using Rolling Flaws application. The video shows how to use the application to simulate a receiver that has a Replay attack flaw, Pairing FZ to a receiver, Cloning sequence attack, Future attack, Rollback attack & KGB attack. The Rolling Flaws application also supports things like "ENC00" attack & window-next attacks, which are described in scenarios below but was not in video. Rolljam is discussed in document, but discouraged to test since it is [illegal to jam signals](https://www.fcc.gov/general/jammer-enforcement) in the US. If you have additional ideas, please let me know! [YouTube demo](https://youtu.be/gMnGuDC9EQo?si=4HLZpkC4XWhh97uQ) of using Rolling Flaws application. The video shows how to use the application to simulate a receiver that has a Replay attack flaw, Pairing FZ to a receiver, Cloning sequence attack, Future attack, Rollback attack & KGB attack. The Rolling Flaws application also supports things like "ENC00" attack & window-next attacks, which are described in scenarios below but was not in video. Rolljam is discussed in document, but discouraged to test since it is [illegal to jam signals](https://www.fcc.gov/general/jammer-enforcement) in the US. If you have additional ideas, please let me know!

Binary file not shown.

Before

Width:  |  Height:  |  Size: 2.1 KiB

After

Width:  |  Height:  |  Size: 2.1 KiB

View File

@ -0,0 +1,11 @@
# changelog
This file contains all changelogs for latest releases, from 1.3 onward.
## v1.3
### Added
Added this change log file.
### Fixed
In some firmware, the retry count on KeeLoq was 100 transmissions, which is too much. Now it stops transmitting after 1 second (or the end of the transmissions) whichever comes first.

View File

@ -1,6 +1,6 @@
# Rolling Flaws # Rolling Flaws
Rolling Flaws (version 1.2) by [@CodeAllNight](https://twitter.com/codeallnight). Rolling Flaws (version 1.3) by [@CodeAllNight](https://twitter.com/codeallnight).
[YouTube demo](https://youtu.be/gMnGuDC9EQo?si=4HLZpkC4XWhh97uQ) of using Rolling Flaws application. The video shows how to use the application to simulate a receiver that has a Replay attack flaw, Pairing FZ to a receiver, Cloning sequence attack, Future attack, Rollback attack & KGB attack. The Rolling Flaws application also supports things like "ENC00" attack & window-next attacks, which are described in scenarios below but was not in video. Rolljam is discussed in document, but discouraged to test since it is [illegal to jam signals](https://www.fcc.gov/general/jammer-enforcement) in the US. If you have additional ideas, please let me know! [YouTube demo](https://youtu.be/gMnGuDC9EQo?si=4HLZpkC4XWhh97uQ) of using Rolling Flaws application. The video shows how to use the application to simulate a receiver that has a Replay attack flaw, Pairing FZ to a receiver, Cloning sequence attack, Future attack, Rollback attack & KGB attack. The Rolling Flaws application also supports things like "ENC00" attack & window-next attacks, which are described in scenarios below but was not in video. Rolljam is discussed in document, but discouraged to test since it is [illegal to jam signals](https://www.fcc.gov/general/jammer-enforcement) in the US. If you have additional ideas, please let me know!

View File

@ -1,7 +1,7 @@
#pragma once #pragma once
#define ROLLING_FLAWS_ABOUT_TEXT \ #define ROLLING_FLAWS_ABOUT_TEXT \
"Rolling code receiver\n version 1.2\n" \ "Rolling code receiver\n version 1.3\n" \
"---\n" \ "---\n" \
"Practice rolling code attacks without risking a desync!\n" \ "Practice rolling code attacks without risking a desync!\n" \
"This app is for educational\n" \ "This app is for educational\n" \

View File

@ -60,14 +60,11 @@ static void send_keeloq(
preset->data = NULL; preset->data = NULL;
preset->data_size = 0; preset->data_size = 0;
SubGhzProtocolEncoderBase* encoder = subghz_transmitter_get_protocol_instance(transmitter);
// sadly, in some firmware this has a Repeat of 100, which is too much for our purposes.
subghz_protocol_keeloq_create_data( subghz_protocol_keeloq_create_data(
subghz_transmitter_get_protocol_instance(transmitter), encoder, flipper_format, serial, btn, cnt, name_sysmem, preset);
flipper_format,
serial,
btn,
cnt,
name_sysmem,
preset);
// Fill out the SubGhzProtocolDecoderPrinceton (which includes SubGhzBlockGeneric data) in our transmitter based on parsing flipper_format. // Fill out the SubGhzProtocolDecoderPrinceton (which includes SubGhzBlockGeneric data) in our transmitter based on parsing flipper_format.
// initance->encoder.upload[] gets filled out with duration and level information (You can think of this as the RAW data). // initance->encoder.upload[] gets filled out with duration and level information (You can think of this as the RAW data).
@ -92,8 +89,10 @@ static void send_keeloq(
// Start transmitting (keeps the DMA buffer filled with the encoder.upload[] data) // Start transmitting (keeps the DMA buffer filled with the encoder.upload[] data)
if(subghz_devices_start_async_tx(device, subghz_transmitter_yield, transmitter)) { if(subghz_devices_start_async_tx(device, subghz_transmitter_yield, transmitter)) {
// Wait for the transmission to complete. int max_counter = 10;
while(!(subghz_devices_is_async_complete_tx(device))) {
// Wait for the transmission to complete, or counter to expire (1 second).
while(max_counter-- && !(subghz_devices_is_async_complete_tx(device))) {
furi_delay_ms(100); furi_delay_ms(100);
} }