Code covered by the BSD License  

Highlights from
Thar ABPR-20 RS232 communication via handheld emulation

Thar ABPR-20 RS232 communication via handheld emulation



20 May 2013 (Updated )

Controls and reads from a Thar ABPR-20, by emulating the handheld controller.

function password = tharbprobjhack(serialObject)
% THARBPROBJHACK is a pedestrian brute force password hack of the Thar BPR.
% password = tharbprobjhack(serialObject) systematically works through the
% password breaking.  Returns the password when done.

% error handling
error(nargchk(1, 1, nargin))

% checks the input
if ~isserial(serialObject) || ~isrunning(serialObject)
    % errors
    error('Must supply a valid serial object.')

% opens a file to write the screen to
logFileID = fopen('thar_hack.txt.', 'wt');

% checks it opened OK
if logFileID == -1
    % errors
    error('Could not create a file for logging successfully.')

% loop round the maximum number of times
%for m = 0:9999
for m = 78:9999
    % displays a message
    disp(['Attempting password hack: ', num2str(m), '...', char(13)])
    % press F1 to get to the calibration screen, then type in the password
    % and finish
    tharbprobjcomm('write', serialObject, [char(17), num2str(m), char(13)])
    % check the screen
    output = tharbprobjcomm('readnoflush', serialObject);
    % displays it
    disp(['Screen:', char(13)])
    % displays the output
    for mm = 1:4
        % displays a line
        % writes the line to file
        fprintf(logFileID, '%s\n', output{mm});
    % and another two carriage returns
    disp(char([13, 13]))
    % if the screen does not say "Incorrect" on the second line AND it isn't
    % just the main menu
    if numel(output{2}) >= 6 && ~strcmp(output{2}(1:6), 'Incorr') && ~strcmp(output{2}(1:6), 'F1=Zer')
        % display the new password!
        disp([char(13), 'The password is: ', num2str(m)])
        % we've found it!
        password = m;
        % leave the loop
        % leave a short pause before trying again

Contact us