ainfosec / fissure Goto Github PK

The RF and reverse engineering framework for everyone. Follow and ★ to show your support!

Home Page: https://twitter.com/FissureRF

License: GNU General Public License v3.0

CMake 1.89% Python 85.77% C 4.66% C++ 5.26% Makefile 0.04% HTML 0.13% JavaScript 0.99% CSS 0.60% Shell 0.19% Dockerfile 0.01% Lua 0.40% MATLAB 0.06%

gnuradio protocols reverse-engineering rf sdr signals tools bladerf hackrf rtl-sdr

fissure's Introduction

FISSURE - The RF Framework

Frequency Independent SDR-based Signal Understanding and Reverse Engineering

FISSURE is an open-source RF and reverse engineering framework designed for all skill levels with hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability analysis, automation, and AI/ML. The framework was built to promote the rapid integration of software modules, radios, protocols, signal data, scripts, flow graphs, reference material, and third-party tools. FISSURE is a workflow enabler that keeps software in one location and allows teams to effortlessly get up to speed while sharing the same proven baseline configuration for specific Linux distributions.

The framework and tools included with FISSURE are designed to detect the presence of RF energy, understand the characteristics of a signal, collect and analyze samples, develop transmit and/or injection techniques, and craft custom payloads or messages. FISSURE contains a growing library of protocol and signal information to assist in identification, packet crafting, and fuzzing. Online archive capabilities exist to download signal files and build playlists to simulate traffic and test systems.

The friendly Python codebase and user interface allows beginners to quickly learn about popular tools and techniques involving RF and reverse engineering. Educators in cybersecurity and engineering can take advantage of the built-in material or utilize the framework to demonstrate their own real-world applications. Developers and researchers can use FISSURE for their daily tasks or to expose their cutting-edge solutions to a wider audience. As awareness and usage of FISSURE grows in the community, so will the extent of its capabilities and the breadth of the technology it encompasses.

Documentation

Capabilities

Signal Detector	IQ Manipulation	Signal Lookup	Pattern Recognition
Attacks	Fuzzing	Signal Playlists	Image Gallery
Packet Crafting	Scapy Integration	CRC Calculator	Logging
Dataset Builder	Online Archive	Third-Party Tools	Dark and Custom Themes

Videos

Install	Target Signal Identification	Protocol Discovery
Packet Crafter	IQ Data	Archive
Attack	Library	GRCon22

Hardware

The following is a list of "supported" hardware with varying levels of integration:

USRP: X3xx, B2xx, B20xmini, USRP2, N2xx, X410
HackRF
RTL2832U
802.11 Adapters
LimeSDR
bladeRF, bladeRF 2.0 micro
Open Sniffer
PlutoSDR

Getting Started

Supported

There are three branches within FISSURE to make file navigation easier and reduce code redundancy. Each branch codebase is dependent on the major version of Python and GNU Radio.

Python2_maint-3.7 branch: Python2, PyQt4, GNU Radio 3.7
Python3_maint-3.8 branch: Python3, PyQt5, GNU Radio 3.8
Python3_maint-3.10 branch: Python3, PyQt5, GNU Radio 3.10.

Operating System	FISSURE Branch
Ubuntu 18.04 (x64)	Python2_maint-3.7
Ubuntu 18.04.5 (x64)	Python2_maint-3.7
Ubuntu 18.04.6 (x64)	Python2_maint-3.7
Ubuntu 20.04.1 (x64)	Python3_maint-3.8
Ubuntu 20.04.4 (x64)	Python3_maint-3.8
Ubuntu 20.04.5 (x64)	Python3_maint-3.8
Ubuntu 20.04.6 (x64)	Python3_maint-3.8
KDE neon 5.25 (x64)	Python3_maint-3.8
Ubuntu 22.04.1 (x64)	Python3_maint-3.10
Ubuntu 22.04.2 (x64)	Python3_maint-3.10
Ubuntu 22.04.3 (x64)	Python3_maint-3.10
DragonOS FocalX (x86_64)	Python3_maint-3.10

In-Progress (beta)

These operating systems are still in beta status. They are under development and several features are known to be missing. Items in the installer might conflict with existing programs or fail to install until the status is removed.

Operating System	FISSURE Branch
DragonOS Focal (x86_64)	Python3_maint-3.8
Parrot OS 5.2 (amd64)	Python3_maint-3.8
Kali 23.1 (x64)	Python3_maint-3.10
BackBox Linux 8 (amd64)	Python3_maint-3.10
Raspberry Pi OS (bookworm)	Python3_maint-3.10

Note: Certain software tools do not work for every OS. Refer to Known Conflicts and Third-Party Software

Installation

git clone https://github.com/ainfosec/FISSURE.git
cd FISSURE
git checkout <Python2_maint-3.7> or <Python3_maint-3.8> or <Python3_maint-3.10>
git submodule update --init
./install

This will install PyQt software dependencies required to launch the installation GUIs if they are not found. The git submodule command will download all missing GNU Radio out-of-tree modules from their repositories.

Next, select the option that best matches your operating system (should be detected automatically if your OS matches an option).

Python2_maint-3.7	Python3_maint-3.8	Python3_maint-3.10

It is recommended to install FISSURE on a clean operating system to avoid conflicts with existing software. The items listed under the "Minimum Install" category are what is required to launch the FISSURE Dashboard without errors. Software programs outside the minimum install are optional and can be installed as needed. Select all the recommended checkboxes (Default button) to avoid errors while operating the various tools within FISSURE. Items unchecked by default may not install properly or could possibly conflict with existing programs (please suggest fixes!). There will be multiple prompts throughout the installation, mostly asking for elevated permissions and user names. This information is primarily for installing third-party tools, refer to installation instructions provided by the maintainer for details.

If an item contains a "Verify" section at the end, the installer will run the command that follows and highlight the checkbox item green or red depending on if any errors are produced by the command. Checked items without a "Verify" section will remain black following the installation.

To avoid installation and permission errors, download FISSURE to a user owned directory such as Home. Run the install script and the fissure command without using sudo. Many of the third-party tools will be downloaded to and installed from the ~/Installed_by_FISSURE directory.

The FISSURE installer is helpful for staging computers or installing select software programs of interest. The code can be quickly modified to allow for custom software installs. The size estimates for the programs are before and after readings from a full install. The sizes for each program are not exact as some dependencies are installed in previously checked items. The sizes may also change over time as programs get updated.

Usage

Open a terminal and enter:

fissure

The intended method for launching FISSURE is through the terminal without sudo. The terminal provides important status and feedback for some operations. Refer to the FISSURE documentation for more details.

Lessons

FISSURE comes with several helpful guides to become familiar with different technologies and techniques. Many include steps for using various tools that are integrated into FISSURE. We aim to improve the quality and add new content over time.

Roadmap

Phase I

Phase II

Phase III

Improve operational performance
Expand to other platforms
Insert customization for different RF environments and applications
Offer professional training

Concurrent

FISSURE Challenge

The annual "FISSURE Challenge" capture-the-flag contest to showcase new additions to FISSURE is held in December each year. Past challenges are archived and can be solved all year round! Gain hands-on experience and view solutions at: FISSURE Challenge.

Contributing

Suggestions for improving FISSURE are strongly encouraged. Leave a comment in the Discussions page or in the Discord Server if you have any thoughts regarding the following:

New feature suggestions and design changes
Software tools with installation steps
New lessons or additional material for existing lessons
RF protocols of interest
More hardware and SDR types for integration
IQ analysis scripts in Python
Installation corrections and improvements

Contributions to improve FISSURE are crucial to expediting its development. Any contributions you make are greatly appreciated. If you wish to contribute through code development, please fork the repo and create a pull request:

Fork the project
Create your feature branch (git checkout -b feature/AmazingFeature)
Commit your changes (git commit -m 'Add some AmazingFeature')
Push to the branch (git push origin feature/AmazingFeature)
Open a pull request

Creating Issues to bring attention to bugs is also welcomed.

Need more specific ideas? There are a lot of topics we have yet to investigate. Check out our running list of potential to-do items. Any help is appreciated. Pick an easy one and write that you contributed to FISSURE in your resume/CV.

Are you a student or looking to learn more about RF and programming or an organization looking to expose students to the world of open source? Reach out today and refer to the 2023 Project Idea List.

Collaborating

Contact Assured Information Security, Inc. (AIS) Business Development to propose and formalize any FISSURE collaboration opportunities–whether that is through dedicating time towards integrating your software, having the talented people at AIS develop solutions for your technical challenges, or integrating FISSURE into other platforms/applications.

License

GPL-3.0

For license details, see LICENSE file.

Contact

Join the Discord Server: https://discord.gg/JZDs5sgxcG

Follow on Twitter/X: @FissureRF, @AinfoSec

Chris Poore - Assured Information Security, Inc. - [email protected]

Business Development - Assured Information Security, Inc. - [email protected]

Acknowledgments

Special thanks to Dr. Samuel Mantravadi and Joseph Reith for their contributions to this project.

Assured Information Security

Like working with signals, reverse engineering, or other realms in cybersecurity? Browse our current openings or join our talent community for future consideration.

If you have an interest in hacking, check out our Can You Hack It?® challenge and test your skills! Submit your score to show us what you’ve got. AIS has a national footprint with offices and remote employees across the U.S. We offer competitive pay and outstanding benefits. Join a team that is not only committed to the future of cyberspace, but to our employee’s success as well.

fissure's People

Contributors

Stargazers

Watchers

fissure's Issues

USRP2 support

It would be nice if the USRP2 were to be supported out of the box.

There isn't really any technical reason the project shouldn't support the USRP2 as a device - even if some more of the uhd options were exposed to the end-user it would just work.

For instance, it would already help a great deal if i could simply set a device string like "addr=192.168.1.200,name,serial=2908,type=usrp2,uhd"

Moreover, I'm not sure why specifying the daughterboard is needed -it should be possible to probe the RX/TX capabilities from the device. There are many more daughterboards than the ones listed.

(in production boards) https://www.ettus.com/product-categories/rf-daughterboards/
(older boards) https://kb.ettus.com/Category:Legacy_Products

Sdr

Does it work on Kali?

Hello,
Do you think it will work on Kali?
Or is this planned?

Thanks

Fix tostring() error

Ubuntu 22.04

When this issue occurs

File "/home/landon/.local/lib/python3.10/site-packages/scapy/arch/linux.py", line 195, in get_alias_address
names = names.tostring()
AttributeError: 'array.array' object has no attribute 'tostring'

Replace

names = names.tostring()
->
names = names.tobytes()

in this file
/home/{username}/.local/lib/python3.10/site-packages/scapy/arch/linux.py

Fixed_threshold_b2x0.py does not work in 3.10 branch

Hi, I've found that fixed_threshold_b2x0.py is broken. It tries to import GrRangeWidget from gnuradio.qtgui but GrRangeWidget does not exist (that I can see) in qtgui. I'm not sure if this is a version or something odd in my environment but I've checked that I am running the correct version of GNU radio and the most recent version of FISSURE. Has anyone seen this or had problems calling GrRangeWidget from other device types?

Here is the error:
"
TSI: Starting TSI Detector...
Traceback (most recent call last):
File "/home/johndoe/FISSURE/Flow Graph Library/TSI Flow Graphs/fixed_threshold_b2x0.py", line 41, in
from gnuradio.qtgui import Range, GrRangeWidget
ImportError: cannot import name 'GrRangeWidget' from 'gnuradio.qtgui' (/usr/lib/python3/dist-packages/gnuradio/qtgui/init.py)
"

Ubuntu 22.04 Install Dependencies

In order to be able to follow the installation instructions on a somewhat fresh Ubuntu installation, I was required to install the following packages:

sudo apt install build-essential git cmake libsndfile1-dev libjack-jackd2-dev libfftw3-dev emacs libudev-dev
sudo apt install qtbase5-dev qt5-qmake qttools5-dev qttools5-dev-tools qtwebengine5-dev libqt5svg5-dev libqt5websockets5-dev

Note that the list might contain additional packages that are not required or already installed per default.
Consider adding the dependencies to the Ubuntu 22.04 installation instructions.

Launch Wireshark crashes - Python3_maint-3.8

Encountered error where PD > Sniffer > Launch Wireshark will crash.

Error:

Traceback (most recent call last):
  File "/home/sognefeste/Documents/TOOLS/FISSURE/dashboard.py", line 12067, in _slotPD_SnifferWireshark80211Clicked
    wireshark_cmd = str(stdout.replace('\n',''))
TypeError: a bytes-like object is required, not 'str'
Aborted (core dumped)

Environment:

- ➜  ~ python --version
Python 3.8.12

➜  ~ lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 20.04.4 LTS
Release:	20.04
Codename:	focal

Fissure: 
Python3_maint-3.8

Does it work on Kali?

Hello,
Do you think it will work on Kali?
Or is this planned?

Thanks

FISSURE install on newly created Ubuntu 22.04 on WSL on Windows 10

installation on newly created Ubuntu 22.04 on WSL on Windows 10

can anyone help?

Thanks
Peter

eterd@DESKTOP-MGMJK4K:~/FISSURE$ ./install
Ubuntu 22.04 detected
./install: line 55: qmake: command not found
No Qt5 found.
Qt5 is required to open the installer. Do you want to proceed? [y]/n: y
[sudo] password for peterd:
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package python3-pyqt5 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Unable to locate package qtcreator
E: Unable to locate package qtbase5-dev
E: Unable to locate package qtchooser
E: Unable to locate package qt5-qmake
E: Unable to locate package qtbase5-dev-tools
E: Package 'python3-pyqt5' has no installation candidate
Traceback (most recent call last):
File "/home/peterd/FISSURE/Installer/installer", line 2, in
from PyQt5 import QtCore, QtGui, uic, QtWidgets
ModuleNotFoundError: No module named 'PyQt5'
peterd@DESKTOP-MGMJK4K:~/FISSURE$ pwd
/home/peterd/FISSURE

Way to install on Debian 10

Hello,

Is there a way to install Fissure on Debian 10 ?

Thanks

Any interest in setting up a Discord Server to track and share operational topics related to running FISSURE?

would be great to establish community interaction using discord and share experiences and insights from using FISSURE - I can set up a server if wanted - or glad to join if someone else does! :)

ADS-B Demod Flow Graphs

Expected Behavior

Modes S Demod flow graphs compile and produce a stream of bits for incoming ADS-B messages that get sent to the ZMQ port for the PD circular buffer when the flow graph is launched from within FISSURE.

Current Behavior

The Mode-S Demod flow graphs in the Python3-maint8 branch are incomplete and the blocks needed to transfer ADS-B message data are missing.

Steps to Reproduce

Open any Mode S Demod flow graph from within the PD Flow Graphs folder using GNU Radio Companion
Observe the incomplete flow graph
Try to load and launch the PD flow graph from within the FISSURE PD tab.

Context

The Python3-maint8 branch contains the mhostetter version of gr-adsb and does not appear to have the blocks required to transfer bits without a little extra modification. The Python2 branch used the forked branch of gr-adsb by wnagele which had the ADSB Decoder block connected to a Message Source which fed into a ZMQ PUB Sink. The 3.8 version of the wnagele repo may not exist.

Solutions will focus on either porting wnagele to 3.8/3.10, modifying mhostetter, or finding a different way to manipulate the messages from the existing mhostetter output.

HackRF keeps receiving (Python2 branch)

Expected Behavior

Upon completing a receive flow graph (Inspection, Record, Attack) using the HackRF the RX light turns off and the flow graph ends. The threads in fg_executor.py complete when the flow graph is over following the .wait() calls.

Current Behavior

HackRF flow graphs with a head block or GUI keep the resources busy on the HackRF even after collecting enough samples or closing the GUI. The RX light remains on and overruns are still printed to the terminal. This only impacts the Python2 branch and a similar issue was observed with the PlutoSDR (but likely has a different cause). Running a new flow graph will stop all previous flow graphs of the same type but it will stay running.

Steps to Reproduce

Click the IQ hardware button and select HackRF
Click the Record button in the IQ Data tab
Observe the light on the HackRF

Context

This may have to do with the osmocom source block and the version of gr-osmosdr as discussed here: greatscottgadgets/hackrf#354

Potential solutions include installing a different version of gr-osmosdr or adding a "Force Stop" button to the Dashboard. The Stop button for the Inspection flow graphs could detect when a HackRF is selected and trigger the necessary commands.

Version Information

gr-osmosdr 0.1.4-14build1
GNU Radio 3.7.11

error gr::sync_block on TSI (Ubuntu 22.04 + HackRF)

I'm trying to use FISSURE for the first time, I installed it on Ubuntu 22.04 and followed instructions, all seemed correctly installed, however when I tried to use TSI together with my hackrf, it won't show anything and output this error on the shell:

TSI: Starting TSI Detector...

Exception in thread Thread-1 (runWidebandThread):

Traceback (most recent call last):

File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner

self.run()

File "/usr/lib/python3.10/threading.py", line 953, in run

self._target(*self._args, **self._kwargs)

File "/home/xxx/FISSURE/tsi_component.py", line 385, in runWidebandThread

loadedmod, class_name = self.overwriteFlowGraphVariables(flow_graph_filename, variable_names, variable_values)

File "/home/xxx/FISSURE/tsi_component.py", line 198, in overwriteFlowGraphVariables

loadedmod = __import__(flow_graph_filename)  # Don't need to reload() because the original never changes

File "/home/xxx/FISSURE/Flow Graph Library/TSI Flow Graphs/wideband_hackrf.py", line 23, in

import gnuradio.ainfosec as ainfosec

File "/usr/local/lib/python3.10/dist-packages/gnuradio/ainfosec/init.py", line 18, in

from .ainfosec_python import *

ImportError: generic_type: type "wideband_detector1" referenced unknown base type "gr::sync_block"

Do you have any hints?

Can't install (KDE Neon)

hello !

I'm on KDE Neon (based on Ubuntu 20.04 Focal) and when trying to install
./install

This branch is for Ubuntu 20.04 and 22.04 only. Switch to a different FISSURE branch before installing!

thx.

Current GNURadio Version Support

Will you be porting this to the current version of GNURadio (3.10)?

Distinguish between Multiple HackRFs

Expected Behavior

Assign the HackRF ID to distinguish between multiple HackRFs. Assign the values using the hardware buttons for the components, pass it to the attacks and other flow graphs, ignore it or use something like hackrf=0 if the ID is not specified.

Current Behavior

No way to distinguish multiple HackRFs other than unplugging or the automatic assignment for one that is not running.

Steps to Reproduce

Click hardware button
Select HackRF
Nothing to choose

Context

Discussed in #6

^{Originally posted by joereith August 19, 2022}

Distinguish between multiple hackrf devices (serial?)

I think this would be a nice feature to have seeing as the open source releasing of FISSURE is going to draw a lot of attention. Once people start to use it they will most likely be connecting all sorts of SDR's and giving FISSURE a spin. This will allow the easy visual separation of hackrf's by serial number to be able to assign individually to individual components. Having a list or dropdown box containing each detected hackrf in the GUI will ensure people are selecting the proper hackrf.

Python3-3.10 Hardcoded Log Files

In PR#39 I mentioned hard coded file names. Specifically in the Log tab of the GUI. After reading more code it became clear that the Log section does not have direct access to the logger being used, meaning some more intricate method is likely needed to make it work properly, and wanted to raise this issue in case somebody has a better idea of how to fix it.

There appear to be a few instances of hardcoded logging file names event.log in the code, dashboard.pyL#647, L#1777, L#1808, and L#7178. This log file can be changed in the file handler in logging.yaml, and if it is changed, it would break all these functions, as that file would no longer exist, or at least not be being used for logging. Ideally this would dynamically handle the changes, allowing for the changing of the log file to work properly.

In my mind, something like this could be added to the fissure_server to dynamically give the file names of the log files in use to any requester. Then corresponding changes in the dashboard to handle this, like only getting a single item from the returned list if there was more than a single file being logged to. But not sure if that is the best option at how to resolve the issue.

    def get_logging_files(self) -> list:
        """Gets all the current files the logger is logging to and returns them as a list

        Returns:
            list: List of all the files the logger is logging to
        """
        # A list that will end up getting returned
        return_list = []
        # Get each of the logging handlers
        for handler in logger.handlers:
            # Only file handlers have the baseFilename attribute
            if hasattr(handler, 'baseFilename'):
                # So if it has that attribute, add the file to the list
                return_list.append(handler.baseFilename)

        # Return the list of files
        return return_list

I think this issue also effects the Pyhton3-3.8 branch as well, and a similar fix of dynamically getting the logging file name should also work there too.

Fissure wont start after successful install

Excited to try the tools but sadly the main fissure application wont run from the UI or Command Line after a seemingly successful install. Running latest Ubuntu and a very recent install apart from GNURadio and RFCat

Uninstalling

Hi,

Is there a way to uninstall FISSURE? I see there is the "installer" program but not an accompanying "uninstaller" program. Does the installer have an "uninstall" option that must be used?

ainfosec / fissure Goto Github PK

fissure's Introduction

FISSURE - The RF Framework

Documentation

Capabilities

Videos

Hardware

Getting Started

Lessons

Roadmap

Phase I

Phase II

Phase III

Concurrent

FISSURE Challenge

Contributing

Collaborating

License

Contact

Acknowledgments

Assured Information Security

fissure's People

Contributors

Stargazers

Watchers

Forkers

fissure's Issues

Expected Behavior

Current Behavior

Steps to Reproduce

Context

Expected Behavior

Current Behavior

Steps to Reproduce

Context

Version Information

Expected Behavior

Current Behavior

Steps to Reproduce

Context

Discussed in #6

Recommend Projects

Recommend Topics

Recommend Org