zigbee_inject
=============

Presentation
-------------
**zigbee_inject** allows to inject Zigbee frames. It allows to configure the target by channel, PanID and address (respectively the *CHANNEL*, *TARGET_PANID* and *TARGET* parameters), along with the execution time (*TIME* parameter) and the PCAP (*PCAP_FILE* parameter) from which to take the capture.

Compatible devices
------------------

 * `RZUSBStick Device <devices.html#rzusbstick-device>`_
 * `PCAP Files <devices.html#zigbee-pcap-files>`_

Input parameters
-----------------

+--------------+---------------+--------------------------+--------------------------+
| Name         | Default value | Possible values          | Description              |
+==============+===============+==========================+==========================+
| INTERFACE    | rzusbstick0   | rzusbstickX              | Interface to use         |
+--------------+---------------+--------------------------+--------------------------+
| TARGET_PANID |               | <hexadecimal, 2 bytes>   | Targeted PanID           |
+--------------+---------------+--------------------------+--------------------------+
| CHANNEL      | 13            | <integer>                | Targeted channel         |
+--------------+---------------+--------------------------+--------------------------+
| TARGET       |               | <ZigBee address>         | Targeted device          |
+--------------+---------------+--------------------------+--------------------------+
| TIME         | 20            | <integer>                | Execution time           |
+--------------+---------------+--------------------------+--------------------------+
| PCAP_FILE    |               | <file path>              | Capture file             |
+--------------+---------------+--------------------------+--------------------------+

Output parameters
------------------

This module doesn't provide any output parameters. 

Usage
------
Basic Usage
^^^^^^^^^^^^

To inject a packet stream from a file, for example /tmp/capture.pcap, type the following command:

::

	$ mirage zigbee_inject CHANNEL=12 TARGET_PANID=0x3332 PCAP_FILE=/tmp/capture.pcap
	[INFO] Module zigbee_inject loaded !
	[INFO] RZUSBStick: Killerbee firmware in use.
	[SUCCESS] PCAP file successfully loaded (DLT : 195) ! 
	[INFO] Extracting packet stream from PCAP ...
	[SUCCESS] Packet stream successfully extracted !
	[INFO] Injecting ...
	^C[INFO] Mirage process terminated !


Performing a replay attack
^^^^^^^^^^^^^^^^^^^^^^^^^^^

You can also easily perform a replay attack by combining this module with `zigbee_sniff <modules.zigbee_sniff.html>`_ :
::

	$ mirage "zigbee_sniff|zigbee_inject" zigbee_sniff1.CHANNEL1=12 zigbee_sniff1.TARGET_PANID=0x3332 zigbee_sniff1.PCAP_FILE=/tmp/zigbeereplay.pcap zigbee_sniff1.TIME=5
	[INFO] Module zigbee_sniff loaded !
	[INFO] Module zigbee_inject loaded !
	[INFO] RZUSBStick: Killerbee firmware in use.
	[SUCCESS] PCAP file successfully loaded (DLT : 195) ! 
	[PACKET] [ CH:12|RSSI:-55dBm|LKI:255/255|CRC:OK ] << Zigbee - Application Data Packet | srcAddr = 0x0000 | destAddr = 0xFFFF | destPanID = 0x3332 | data = 00000000000000fffe0000426f6e6a6f757212353d >>
	[PACKET] [ CH:12|RSSI:-55dBm|LKI:255/255|CRC:OK ] << Zigbee - Application Data Packet | srcAddr = 0x0000 | destAddr = 0xFFFF | destPanID = 0x3332 | data = 0000000000000000426f6e6a6f75722028626973297031bb >>
	[PACKET] [ CH:12|RSSI:-55dBm|LKI:255/255|CRC:OK ] << Zigbee - Application Data Packet | srcAddr = 0x0000 | destAddr = 0xFFFF | destPanID = 0x3332 | data = 00000000000000fffe0000426f6e6a6f7572128684 >>
	[INFO] Extracting packet stream from PCAP ...
	[SUCCESS] PCAP file successfully loaded (DLT : 195) ! 
	[SUCCESS] Packet stream successfully extracted !
	[INFO] Injecting ...
	[...]