From 506d95099f5998c4e7c037dc6c1a377324bc86c0 Mon Sep 17 00:00:00 2001
From: Bjørn Mork <bjorn@mork.no>
Date: Sat, 11 May 2019 15:52:29 +0200
Subject: WiP: running arbitrary commands is working
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Bjørn Mork <bjorn@mork.no>
---
 dcs8000lh-configure.py | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/dcs8000lh-configure.py b/dcs8000lh-configure.py
index 636a0ad..58dd478 100755
--- a/dcs8000lh-configure.py
+++ b/dcs8000lh-configure.py
@@ -3,16 +3,15 @@
 import sys
 import hashlib
 import base64
-from bluepy.btle import UUID, Peripheral
-
-dev_name_uuid = UUID(0x2A00)
+from bluepy.btle import Peripheral
 
 class BleCam(object):
-    def __init__(self, address, pincode):
+    def __init__(self, address, pincode, command=None):
         self.pincode = pincode
+        self.command = command
         self.periph = Peripheral(address)
-        #print(self.periph)
         self.ipcamservice()
+        self.name = self.periph.getCharacteristics(uuid=0x2a00)[0].read().decode() # wellknown name characteristic
         self.dumpchars()
         self.experiment()
 
@@ -23,12 +22,10 @@ class BleCam(object):
         except BTLEEException:
             print("no IPCam service found for %s" % periph.address)
 
-
     def dumpchars(self):
         handles = self.service.getCharacteristics()
-        print("dumping %s" % handles)
         for h in handles:
-            print("%s - Properties=%s Handle=%#06x " % (h.uuid, h.propertiesToString(), h.getHandle()))
+            print("%s - Handle=%#06x (%s)" % (h.uuid, h.getHandle(), h.propertiesToString()))
 
     def experiment(self):
         auth = self.service.getCharacteristics(0xa001)[0]
@@ -36,23 +33,27 @@ class BleCam(object):
         for t in tmp:
             if t.startswith("C="):
                 self.challenge=t.split("=",2)[1]
-        print("challenge is %s" % self.challenge)
-        name = self.periph.getCharacteristics(uuid=dev_name_uuid)[0].read().decode() # "DCS-8000LH-CC73"
-        hashit = name + self.pincode + self.challenge
-        print("will hash %s" % hashit)
+        hashit = self.name + self.pincode + self.challenge
         self.key = base64.b64encode(hashlib.md5(hashit.encode()).digest())[:16]
-        print ("key is %s" % self.key)
         try:
             auth.write("M=0;K=".encode() + self.key, True)
         except:
             print("write failed")
         print("ip config is %s" % self.service.getCharacteristics(0xa104)[0].read())
-
+        if self.command != None:
+            run = "P=" + self.pincode + ";N=" + self.pincode + "&&(" + self.command + ")&"
+            try:
+                self.service.getCharacteristics(0xa201)[0].write(run.encode(), True)
+            except:
+                print("write failed")
         
 if __name__ == '__main__':
     if len(sys.argv) < 3:
         print("Usage: {} <addr> <pincode>".format(sys.argv[0]))
         sys.exit(1)
+    if len(sys.argv) > 3:
+        BleCam(sys.argv[1], sys.argv[2], sys.argv[3])
+    else:
+        BleCam(sys.argv[1], sys.argv[2])
 
-    BleCam(sys.argv[1], sys.argv[2])
 print("Done.")
-- 
cgit v1.2.3