Skip to content

Releases: geo-tp/ESP32-Bus-Pirate

v1.1

29 Sep 19:13
@geo-tp geo-tp
v1.1
1296e36

Choose a tag to compare

View all tags
v1.1 Latest
Latest

Changelog

I2C

  • sniff
    🔹 More readable data, improvements.

DIO

  • pulldown <pin>
    🔹 Active pulldown resistor on given pin

SUBGHZ

  • load
    🔹 Fixes and improvements.
  • listen
    🔹 RSSI to audio mapping (using I2S configured output or internal speaker if any)
  • replay
    🔹 Fixes and improvement.

STANDALONE TERMINAL MODE (New)

Use arrows up/down to scroll and esc to scroll down line by line. Use tab for command history.

standalonemode_s

MISC

Assets 11
Loading

v1.0

19 Sep 18:42
@geo-tp geo-tp
v1.0
80a55ae

Choose a tag to compare

View all tags
v1.0

Changelog

INFRARED

WIFI

SUBGHZ

RF24 (New mode)

  • scan
    🔹 Search best active channel.
  • sniff
    🔹 Sniff raw frames.
  • sweep
    🔹 Analyze channels activity.
  • jam
    🔹 Jam selected channels group.
  • setchannel
    🔹 Set operating channel.
  • config
    🔹 Configure NRF24 settings.

LittleFS (Storage / Import & Export)

image

New Device Supported

  • M5Cardputer ADV
image

Misc / Notes

Contributors

AndreiVladescu
Loading

v0.9

06 Sep 18:16
@geo-tp geo-tp
v0.9
6cf293a

Choose a tag to compare

View all tags
v0.9

Changelog

SUBGHZ (New mode)

scan
🔹 Search best frequencies.

sniff
🔹 Raw frame sniffing.

sweep
🔹 Analyze frequency band.

decode
🔹 Receive and decode frames.

replay
🔹 Record and replay frames.

jam
🔹 Jam selected frequencies.

bruteforce
🔹 Bruteforce 12-bit keys.

trace
🔹 Observe RX signal trace.

setfrequency
🔹 Set operating frequency.

config
🔹 Configure CC1101 settings.

RFID (New mode)

read
🔹 Read RFID tag data.

write
🔹 Write UID/Block to tag.

clone
🔹 Clone Mifare UID.

erase
🔹 Erase RFID tag.

config
🔹 Configure PN532 settings.

Webflasher (NEW)

🔹 Easily flash the firmware with a web browser: https://geo-tp.github.io/ESP32-Bus-Pirate/webflasher/

Python Scripting (NEW)

🔹 Easily automate hardware tasks, dump, log: https://github.com/geo-tp/ESP32-Bus-Pirate-Scripts

Loading

v0.8

31 Aug 19:56
@geo-tp geo-tp
v0.8
0c12da8

Choose a tag to compare

View all tags
v0.8

Changelog

1WIRE

eeprom
🔹 EEPROM operations for 1-Wire chips (DS2431, DS2433, DS28).

DIO

servo <pin> <angle>
🔹 Sets the angle of a servo motor connected to the specified pin.

pulse <pin> <us>
🔹 Sends a pulse on the given pin with configurable duration (microseconds).

WIFI / ETHERNET

telnet <host> [port]
🔹 Opens a Telnet session to the target host (default port 23).

modbus <host> [port]
🔹 Performs Modbus TCP operations on the specified host.

http analyze <url>
🔹 Prints an analysis report of the given URL.

lookup mac|ip <addr>
🔹 Looks up information about a MAC or IP address (vendor, geolocation, etc.).

New Supported Device

  • Seeed Studio XIAO ESP32S3
    xiaos3
Loading

v0.7

23 Aug 14:26
@geo-tp geo-tp
v0.7
8066e66

Choose a tag to compare

View all tags
v0.7

Changelog

2WIRE

sniff
🔹 Opens a passive 2-WIRE sniffer to view traffic in real time.

USB

keyboard
🔹 Starts a USB HID keyboard bridge so you can type from the device into the host.

mouse jiggle [ms]
🔹 Randomly moves the mouse to keep the host awake, optional period in milliseconds.

BLUETOOTH

keyboard
🔹 Starts a BLE HID keyboard bridge for wireless typing.

mouse jiggle [ms]
🔹 Randomly moves the mouse over BLE, optional period in milliseconds.

WIFI

connect
🔹 Connects to a Wi-Fi network; now retrieves saved credentials when available.

ap spam
🔹 Spam random access point.

discovery
🔹 Discovers devices on the local network. Thanks to @AndreiVladescu

nmap <h> [-p ports]
🔹 Scans the specified host for open ports, with optional port range selection (new features added). Thanks to @AndreiVladescu

http get <url>
🔹 Performs an HTTP(S) GET request and prints the response (headers + Json body if any).

ETHERNET (NEW MODE)

connect
🔹 Connects via DHCP on the wired interface.

status
🔹 Shows Ethernet link status and network details (MAC, IP, gateway, DNS).

ping <host>
🔹 Sends ICMP echo requests to test reachability and latency.

discovery
🔹 Discovers devices on the local wired network.

ssh <h> <u> <p> [p]
🔹 Opens an interactive SSH session to the target host.

nc <host> <port>
🔹 Opens a netcat-like TCP client session for raw socket testing.

nmap <h> [-p ports]
🔹 Scans the specified host for open ports, with optional port range selection.

http get <url>
🔹 Performs an HTTP(S) GET request and prints the response (headers + Json body if any).

reset
🔹 Hardware reset the wired W5500 interface.

config
🔹 Configures Ethernet settings for W5500.

Contributors

AndreiVladescu
Loading

v0.6

17 Aug 01:03
@geo-tp geo-tp
v0.6
85a9c4e

Choose a tag to compare

View all tags
v0.6

Changelog

GENERAL

system
🔹 Opens a system shell to display information about the device (version, hardware info, memory usage, NVS, filesystem).

UART

at
🔹 Opens an interactive AT commands shell with input assistance and built-in help for common AT operations.

SPI

eeprom
🔹 Finalized implementation. Opens an interactive SPI EEPROM shell (probe, analyze, dump, read, write, erase).

INFRARED

replay [count]
🔹 Records and replays IR frames, with an optional repeat count or infinitely until ENTER is pressed.

WIFI

connect [ssid] [password]
🔹 Fixed to work with ssid with spaces in the name. Now also works with no args provided, just use connect to scan, select the network, type the password and connect.

probe
🔹 Searches for internet access on accessible open Wi-Fi networks by attempting connections and validating access with HTTP requests.

nmap <host> [-p ports]
🔹 Scans the specified host for open ports, with optional port range selection. Thanks to @AndreiVladescu

Contributors

AndreiVladescu
Loading

v0.5

08 Aug 22:59
@geo-tp geo-tp
v0.5
b48ee31

Choose a tag to compare

View all tags
v0.5

Changelog

1WIRE

ibutton
🔹 Opens an interactive iButton shell for reading, writing, and copying IDs between tags (RW1990).

I2C

identify <addr>
🔹 Identifies an I2C device based on its address.
monitor <addr> [ms]
🔹 Continuously monitors an I2C device’s registers for changes, with an optional polling interval.
eeprom [addr]
🔹 Opens an interactive I2C 24X series EEPROM shell (probe, read, write, analyze, dump, erase).

SPI

flash
🔹 Opens an interactive SPI Flash shell (probe, analyze, extract strings, read, write, erase).
eeprom
🔹 Opens an interactive SPI 25X EEPROM shell (probe, read, write, erase, dump).

2WIRE

smartcard
🔹 Opens an interactive smartcard shell for SLE44XX cards (probe, get/set PSC, dump, unlock, protect, read, write).

3WIRE

eeprom
🔹 Opens an interactive 3WIRE EEPROM shell for 93CX series (probe, read, write, dump, erase)..

DIO

measure <pin> [ms]
🔹 Measures the signal frequency on the specified pin, with an optional sampling interval.

INFRARED

remote
🔹 Opens a universal remote shell with common commands (on, mute, volume control, channel control, etc.).

BLUETOOTH

scan|sniff
🔹Fix crash using theses commands for the M5Stick

WIFI

nc <host> <port>
🔹 Opens a netcat session to the specified host and port. Thanks to @AndreiVladescu

JTAG

scan jtag
🔹 Fix for JTAG scan

Contributors

AndreiVladescu
Loading

v0.4

02 Aug 14:51
@geo-tp geo-tp
v0.4
db87b63

Choose a tag to compare

View all tags
v0.4

Changelog

1WIRE

copy ibutton

🔹 Copies the ID of an iButton tag to another one (RW1990)

I2C

recover

🔹 Attempts to release stuck I2C lines and restore bus functionality.

SPI

sdcard

🔹 Opens an interactive SD card shell (read, write, delete files, etc.).

2WIRE

smartcard psc [get]

🔹 Reads the current PSC (PIN Code) from the smartcard.

smartcard psc set

🔹 Sets a new PSC (PIN Code) to secure access to the card.

smartcard unlock

🔹 Unlocks the smartcard using the stored PSC.

smartcard write

🔹 Writes data to the smartcard’s main memory.

smartcard protect

🔹 Permanently protects main memory from further writes.

DIO

analog <pin>

🔹 Reads the analog voltage level on the specified pin.

WIFI

deauth <ssid>

🔹 Sends deauthentication frames to disconnect clients from a selected access point. Thanks to @AndreiVladescu

CAN

sniff

🔹 Continuously prints all received CAN frames.

send [id]

🔹 Sends a CAN frame with the specified identifier.

receive [id]

🔹 Captures and displays CAN frames matching the specified identifier.

status

🔹 Displays the current state and statistics of the CAN controller.

config

🔹 Configures CAN MCP2515 module and speed.

Devices Support

🔹 Add support for the S3 Dev Kit

s3-devkit

T-Embeds

🔹 Add a wifi scan and setup on screen with the encoder.

Contributors

AndreiVladescu
Loading

v0.3

25 Jul 15:18
@geo-tp geo-tp
v0.3
8d037ff

Choose a tag to compare

View all tags
v0.3

Changelog

I2C

slave <addr>

🔹 Emluates an I2C slave device at given address.

dump <addr>

🔹 Reads all registers from the given device address.

glitch <addr>

🔹 Sends a crafted sequence to disrupt or provoke faulty I2C behavior.

flood <addr>

🔹 Continuously sends traffic to overload or saturate the target device.

2WIRE

smartcard probe

🔹 Detects and decodes the ATR of a smartcard.

smartcard security

🔹 Displays the smartcard's security memory layout.

smartcard dump

🔹 Dumps the full content of the smartcard.

config

🔹 Configures 2-Wire or smartcard communication parameters.

LED

scan

🔹 Tries to auto-detect the connected LED type.

fill <color>

🔹 Fills all LEDs with the specified color.

set <index> <color>

🔹 Sets a specific LED to a given color.

blink

🔹 Blinks all LEDs simultaneously.

rainbow

🔹 Displays a flowing rainbow animation.

chase

🔹 Activates a chasing light effect.

cycle

🔹 Cycles through a series of colors.

wave

🔹 Plays a wave animation across LEDs.

reset [num led]

🔹 Turns off all LEDs or the specified LED.

setprotocol

🔹 Selects the active LED protocol (WS2812, APA102, etc.).

config

🔹 Configures LED settings (brightness, count, etc.).

WIFI

ssh <host> <user> <pass> [port]

🔹 Opens an SSH session with the specified credentials.

JTAG

scan swd

🔹 Scans available pins for SWD devices.

scan jtag

🔹 Scans available pins for JTAG devices.

config

🔹 Configures the JTAG/SWD scan and interface settings.

Device Support

🔹 Add support for M5STACK StampS3
stamps3

🔹 Add support for M5STACK AtomS3 Lite
atom

🔹 Add support for LILYGO T-embed S3
tembed

🔹 Add support for LILYGO T-embed S3 CC1101
tembedcc1101

Loading

v0.2

18 Jul 02:00
@geo-tp geo-tp
v0.2
5b19e3b

Choose a tag to compare

View all tags
v0.2

Changelog

General

  • logic <pin>
    🔹 Starts a logic analyzer on the specified pin to track signal changes.
    """

1-WIRE

  • temp
    🔹 Reads temperature from a compatible 1-Wire sensor (e.g., DS18B20).

UART

  • spam <text> <ms>
    🔹 Sends the specified text repeatedly every <ms> milliseconds.

  • xmodem <send|recv> <path>
    🔹 Transfers a file using the XMODEM protocol.
    🔸 send: send a file.
    🔸 recv: receive a file.

SPI

  • slave
    🔹 Emulates an SPI slave device to receive data from a master.

  • flash probe
    🔹 Identifies the connected SPI flash chip (JEDEC command 0x9F).

  • flash analyze [addr]
    🔹 Analyzes flash content starting at the given address, detects known format signatures (ELF, PNG, etc.).

  • flash strings [len]
    🔹 Extracts readable strings from flash memory up to the specified length.

  • flash search <str>
    🔹 Searches for a specific string in flash memory.

  • flash read <addr> <len>
    🔹 Reads raw bytes from flash memory at the specified address.

  • flash write <addr> <data>
    🔹 Writes raw data to flash at the given address.

  • flash erase
    🔹 Erases the entire flash memory.

DIO

  • toggle <pin> <ms>
    🔹 Periodically toggles the state of the pin every <ms> milliseconds.

I2S

  • play <freq> [ms]
    🔹 Plays a sine wave at the given frequency for the specified duration.

  • record
    🔹 Continuously captures audio input from an I2S microphone.

  • test <speaker|mic>
    🔹 Runs a basic test on a connected I2S speaker or microphone.

  • reset
    🔹 Resets the I2S interface to default settings.

  • config
    🔹 Configures I2S parameters like frequency, format, and more.

Loading