I have a chinese charge controller reporting data to a windows software via a serial cable.
I have managed to sniff the COM port and successfully isolated the data being sent by the software to request the controller to transmit sensor data.
The data being returned by the controller is a single line:
(for example)
..p...............!............ª.x
Somehow the damn thing is updating at least 4 numerical values in the software with that single line. Each second a line like that is returned, but I'm very confused because the data shown in the app is sometimes the same but the serial data received to represent such data is different. As if it was encrypted somehow (which is stupid).
Here is an example of 10 different lines being reported back from the controller. These are received one each second.
..p€...........................ª.Ï
..p...................!........ª.w
..p€...........................ª.Ï
..p............................ª.O
..p............................ª.Q
..p............................ª.P
Funny thing is each one of those 6 lines is representing EXACTLY the same data values on the receiving software (measuring voltage and amps).
The windows software is a very crappy VB.6 exe which i was able to decompile, but it seems to rely heavy on p-code, PCOMM.DLL, MXTOOL and other crap.
To anybody with serial expertise:
is this controller encrypting its sensor data?
if so, what technique should i use to figure out how it is encrypting its 4 values?
Finally, do you suggest any serial apps or decompilers that will aid in this?
Pedro
Are you sure you are using the correct baudrate to read in the data?
Are you using the correct parity and data bits and stop bits ?
Do you have any documentation of the device?
Do you know what the data should look like?
Does the data consist of normal ascii characters or is it some chinese script?
Related
First, I want to apologize. I am complete noob in this area and many of my thoughts are probably misleading.
I need to verify that a user of my app is on a specific place in order to be authirized to perform an action. I want to use NFC for this purpose. The user have to put his smartphone by a NFC tag in order to be authorized to perform the action. Easy but I need it to be reasonably hackerproof. It means that the NFC tag must be impossible to clone without physical damage to the plastics around the NFC chip. It also means that the NFC chip must not contain only static data. The NFC chip must contain an app, that can receive some data (cryptographic challenge) and signs them using secure built-in private key (which must be unreadable through NFC interface). When the user wants to perform the action, he will ask server for the challenge, then he lets the chip to sign it, and then he sends the signed challenge back to the server which will verify the signature using known public key. This should be achievable using NFC JavaCard. But do these NFC JavaCards actually exist? I wasn't able to find a company which would be able to produce such NFC tags for me. When I try to explain my requirements to a NFC tags producer he looks like he has never heard of NFC JavaCards. I have tried about 10 producers without luck.
Can a commonly available chip meet my requirements? I mean a chip from the Mifare familly. I suspect that Mifare DESfire might be able to meet my requirements, but I am not sure.
Feel free to respond with an advertisement, because relevant advertisement is exactly what I look for :)
I try to collect some useful facts:
NFC is a very broad term, just finding that on both sides does not ensure interoperability.
Any ISO 14443 (one of the NFC flavours) compliant smart card with crypto functionality should be usable. Note, that a card with native OS may be a viable alternative to a JavaCard, since the functionality to sign a random number is pretty standard.
Any smart phone sporting a NFC chip can address such a card in principle. Unfortunately this is strongly dependent on the OS of the smart phone, for Android the relevant class to use is IsoDep, which gives you the APDU interface. After triggering the "card enters field" event, then the app receives a handle, via which further communication can take place.
Real smart cards can't be cloned, since you are not able to dump them; especially keys can't be read.
Now some things to consider:
Your approach looks unusual, which might become a problem. (To have a portable card somehow fixed to a wall, just to get the location; so you know where somebody is, but not who? While I don't consider cloning to be an issue, you somehow must ensure destruction in case of a theft attempt, which may collide with the distance topic below.)
I don't see, where the server comes into play. If not involved in the authorized action, provision of a random number is not sufficient reason.
Asymmetric key operations have a comparatively high power consumption, and this power has to be supplied via the electric field. This severely limits the distance between card and phone and may even require direct touch. While a power supply of its own would solve the issue in principle, it is not what ISO-14443 was designed for.
Yes JavaCards do exist.
https://github.com/OpenJavaCard/openjavacard-ndef is a project makes these JavaCards to output standard NDEF messages (thought note issue 4 in that there example uses the wrong APDU but that is easily changed)
This project also give a number of cards it is fully working and tested for
ACS ACOSJ - fully working
NXP JCOP J3D040/J3D081/J2E145 etc - fully working
Both ACS and Cardlogic do cards (just google the model numbers)
e.g.
https://www.acs.com.hk/en/products/405/acosj-java-card-combi/
https://www.smartcardfocus.com/shop/ilp/id~707/j3a081-80k/p/index.shtml
The answer a was looking for is not a chip which runs a custom code. Although this might be possible it is definitely not the best way to achieve the target.
I was looking for a solution that enables strong authentication using NFC data. There might be multiple chips that offers this, but probably the most available chip is NTAG 424 DNA TT. It works like this:
The chip has a memory, which is not readable through NFC. Private key is stored there.
The chip has a read counter. It increments everytime the data are read through NFC.
The chip can generate an AES-128 signature of string UID (chip serial number) + counter using the private key in the inaccessible part of the memory.
The chip can dynamicaly inject the data above into a URL that is stored in the readable memory.
So the solution will be like (I am waiting for delivery of NFC tags right now, so I don't know for sure yet):
Read the tag UID (serial number) and the actual counter value (should be 0 on an unused tag)
Generate the key-pair
Load private key to the chip
Load some data (URL, eg: https://my.app/) to the chip
Store UID, public-key, last-counter on the server
Configure the chip to inject UID, counter, signature to the URL stored on the chip
When a client reads the data, they should contain required variables, eg: https://my.app/?counter=1&uid=ff:ff:ff:ff&signature=xyz. Then on the server:
Fetch stored info (public-key, last-counter) using uid as a primary key
verifies the signature
verifies the counter that must be > last-counter
stores counter as the last-counter
successfully authorized
Is anyone able to hack this without reading the hidden memory of the chip which would require physical tampering with the chip?
I am currently implementing a web app with the goal of keeping track of the location of all the packages in a company I am working for. Our plan is to have a barcode for each package and scan that barcode at the different sectors of the company, indicating where they are. The problem is that I have no idea where to start. I've done some research on Google but haven't found much. My main questions are:
How do barcodes work in the first place?
How do you program with barcodes? Is there a specific language I should use? Do I have to buy anything?
How do you read barcodes and enter them in your program and how do you generate them in the first place?
Any hints on how I should proceed with my implementation?
I look forward to hearing back from you as I need to implement this as soon as possible.
This is a pretty broad question, but I'll do my best to answer:
How do barcodes work in the first place?
Essentially, for this type of project, you can think of the barcodes you're going to be implementing as merely serial numbers. If you really want to know how barcodes work, Wikipedia has a pretty good write up - but essentially, at this level, just think of them as a serial number, encoded in such a way that a machine can read it.
In your web app, you'd be taking a number (say, 42) that has no meaning on its own, and associating with a package and a location.
How do you program with barcodes? Is there a specific language I should use? Do I have to buy anything?
You don't really "program" with barcodes per se... Again, it's just a machine readable implementation of some kind of information. In terms of "specific language", just build your web app as you already are, and add, say, an extra integer field. The integer doesn't mean anything on it's own - it's just going to be what's printed in the barcode. In this use case, you don't even have to have a barcode per se - you could just write it on the box! The usefulness of barcodes comes in speed and accuracy of data entry - you'd be having a computer device scan the barcode and type it in instead of a human.
How do you read barcodes and enter them in your program and how do you generate them in the first place?
It doesn't sound like you're at the point where you're doing any kind of machine vision or anything, so the most common entry method would be to buy a basic USB barcode scanner, like a Symbol LS2208. Use the manual that comes with it (or you can download the manual) to configure it as a keyboard emulation device - that way, your user would just select a field in the web app, scan, and the scanner would type out whatever was stored in the barcode (in the example above, the number 42).
As far as generating, depending on your volume, you have lots of options. For low volumes, you can find a generator online and print them out onto Avery label-type sheets using an inkjet or laser printer. You could also find a barcode font and print right from, say, Word, onto a label sheet. For higher volumes, you could purchase specialized software and use a label printer, or you can even write this yourself. Personally, I have a Zebra LP2844 with a network interface, and I wrote some custom PHP to send commands in the printer's native language (EPL2) over a socket to print onto roll labels.
EDIT: You'd probably want to use either Code128 or Code39. These are two different "symbologies" (types of barcode) that are appropriate for what it sounds like you're doing. They're 1-dimensional (like UPC codes and not like QR codes), so a cheap reader can decode them, and they're pretty flexible and VERY common.
Any hints on how I should proceed with my implementation?
Just think of barcodes, the way that it sounds like you want to use them, as arbitrary serial numbers that don't mean anything on their own. For example, doing this sort of box tracking in a previous warehouse environment, we printed THOUSANDS of unique serial numbered barcode labels. Those labels didn't have ANY value until they were attached to a box and a picker started to put stuff into that box. They were just numbers. Just remember to keep them unique.
I'm pretty much a noob. I've been wondering how mobile barcode readers worked. I've seen several apps on the market that would let you scan a barcode, and then show you corresponding product data.
I was wondering where the product data typically comes from. Is it usually from a built-in database, or do apps tend to connect to a server to access a database?
Thanks for any and all assistance!
Barcode readers/scanners work by using some sort of standard format to communicate data to the device 'reading' the code. There are typically two types of 'barcodes' used today:
The standard Barcode - often referred to as a UPS code
And the QR code - popular for cell-phone apps.
From a developer's standpoint, both work the same way:
A device 'reads' the code, the code is interpreted to represent a set of numbers (typical of the standard Barcode), or numbers and characters (QR code).
The interpreted code is used to seek the related data in a database somewhere - A UPC code would have a database of items referenced with a number (just like the number you would read at the bottom of a UPC label), and a QR code frequently references a URL that can be opened in any web browser.
The information from a barcode comes from the referenced data that the barcode points to - so you don't have to carry around a database of information anytime you want to scan a code - you just have to be able to connect to that source of information.
Hope this helps.
I'm hoping to connect two USB barcode scanners to a single computer, allowing two people to scan ticket barcodes simultaneously. If both people scan at the same time, however, the input from STDIN will get messy.
Is there a way to set up different STDIN streams, each tied to a specific USB port? The console script is in Ruby, though pointers in any language would be much appreciated.
Try connecting 2 USB barcode scanners first and test if what you are afraid of happens. I suspect all barcode digits are sent in a single burst while interrupts from other keyboard-like devices are on hold - so you won't get two barcodes "interlaced" together.
It's impossible to have more than one stdin, not literally. Other options will depend based on the OS you are on - on linux maybe the drivers provide you different character devices for different scanners. On Windows i believe you will have to learn talking the USB HID protocol... best if you don't have to do any of that.
To answer your question directly, there is no way to have more than one STDIN. You're best bet would be to read the data from a file (I would think you should have a character device or something for this scanner)
What if you use a Mutex to synchronize them so only one scan can be processed at a time?
Here's a tutorial on working with threads in Ruby
http://ruby-doc.org/docs/ProgrammingRuby/html/tut_threads.html
Many USB devices contain a unique serial number (which is actually a Unicode string) which the host can use in conjunction with the 16-bit vendor and product ID numbers to uniquely identify the device.
I'm trying to figure out how to write a Windows application that would be able to display a list of all USB human interface devices attached to the system. The list would have one row for each HID, including system keyboards. There would be columns in the list for the vendor ID, product ID, and serial number.
I can get a list of USB HIDs by calling SetupDiGetClassDevs with the GUID returned by HidD_GetHidGuid and looping through the result by repeatedly calling SetupDiEnumDeviceInterfaces. I can then call SetupDiGetDeviceInterfaceDetail to get the path to each device, which I can open with CreateFile, so long as I am careful to request neither read nor write permission, which would be denied for a system keyboard. From there I can get the vendor and product ID numbers by invoking HidD_GetAttributes.
What I'm having trouble figuring out is how to retrieve the serial number string. When I search for solutions to this problem, I find a lot of information about how to get serial numbers for USB mass storage devices, but nothing that looks like it might apply to any other type of USB device. I would be happy to discover either a generic method or a HID-specific method of retrieving the serial number string.
I have a feeling that the Win32 port of libusb could manage this without too much trouble, but unfortunately I need a solution that depends only on libraries that come with Windows, such as the setupapi and hid DLLs that contain the functions mentioned above.
Any suggestions would be very much appreciated!
It turns out that HID.dll defines a function called HidD_GetSerialNumberString that does exactly what I want, given the handle I got from CreateFile as described above. Just tried it out and it works great. There are also HidD_GetManufacturerString and HidD_GetProductString functions to retrieve the other string descriptors referred to in the device descriptor, and even a HidD_GetIndexedString to get an arbitrary string descriptor given its index (presumably because the HID descriptor is allowed to contain string descriptor indices). I feel pretty silly now -- the answer was right there under my nose this whole time.
Thank you all for taking the time to read and answer my question! I'm going to go ahead and accept Alphaneo's answer since it sounds quite promising, and in fact I was waiting for the DDK to download when I stumbled across this answer.
Have you tried the USBVIew source code that comes along with the DDK. The USBView tool displays serial number for any USB device, and the source is shipped with the DDK.
Have you tried searching for the documentation of the HID definition of input records, output records and features records for Hid keyboards. This should show you the list of "things" you can get out/in of a keyboard through HID.
Also, I know it is possible to enumerate the HID record definition by software. I did something similar about 1 year ago, but I cannot remember the details at the top of my head. Doing so would allow you to see what the keyboard USB class is publishing as a standard interface.
I hope it can get you a few pointers to find out what you are looking for. Sorry I could not be more precise!
I recommend this book USB Complete. Chapter 4 Enumeration: How the Host Learns about Devices has the information you need.
This page has many links to information and for you links to libraries and utilities you can use.
you can use GetVolumeInformation for getting the serial number of any hardware attached.