bump to release 0.13.1

- hashing moved to XxHash for performance reason
- bump to release 0.13.0
- upgrade board to `Raspberry Pi RP2040 (3.4.1)`

.gitignore

@@ -50,3 +50,5 @@ modules.order
 Module.symvers
 Mkfile.old
 dkms.conf
+
+USBvalve_out

Dockerfile

@@ -0,0 +1,39 @@
+#
+# To Build:
+#       docker build -t usbvalve/arduino-cli .
+#
+# To Run:
+#       docker run --rm --name usbvalve -v $PWD:/mnt usbvalve/arduino-cli /mnt/USBvalve
+#
+
+FROM ubuntu:22.04
+WORKDIR /app
+
+# OS setup
+RUN apt-get update -y \ 
+    && apt-get install -y git wget python3 \
+    && apt-get autoremove -y \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# arduino-cli setup
+RUN cd /app \
+    && git clone --recursive https://github.com/arduino/arduino-cli.git \
+    && cd arduino-cli \
+    && ./install.sh \
+    && export PATH=$PATH:/app/arduino-cli/bin \
+    && arduino-cli  --additional-urls https://github.com/earlephilhower/arduino-pico/releases/download/global/package_rp2040_index.json core search 2040 \
+    && arduino-cli --additional-urls https://github.com/earlephilhower/arduino-pico/releases/download/global/package_rp2040_index.json core install rp2040:rp2040 \
+    && arduino-cli lib install "Adafruit TinyUSB Library" \
+    && arduino-cli lib install "ssd1306" \
+    && arduino-cli lib install "Pico PIO USB" \
+    && arduino-cli lib install "XxHash_arduino" \
+    && arduino-cli lib install "SSD1306Ascii"
+
+# Compilation setup
+RUN echo  "#!/bin/bash" > /app/entrypoint.sh \
+    && echo  "export PATH=\$PATH:/app/arduino-cli/bin" >> /app/entrypoint.sh \
+    && echo  "arduino-cli compile --fqbn rp2040:rp2040:rpipico --board-options \"usbstack=tinyusb\" --board-options \"freq=120\" --output-dir \"/mnt/USBvalve_out\" \"\$1\"" >> /app/entrypoint.sh \
+    && chmod +x /app/entrypoint.sh
+
+ENTRYPOINT ["/app/entrypoint.sh"]

README.md

@@ -1,5 +1,6 @@
-# USBvalve
-*Expose USB activity on the fly*
+<h1><img width="200" alt="logo, landscape, dark text, transparent background" src="https://github.com/cecio/USBvalve/blob/main/pictures/USBvalve_logo_scaled.png"></a></h1>
+
+### *Expose USB activity on the fly*
 
 <img src="https://github.com/cecio/USBvalve/blob/main/pictures/versions.png" alt="The two models" width="30%" height="30%" />
 
@@ -127,16 +128,57 @@ To flash the firmware, follow these steps:
 
 It's done!
 
+### Anti-Detection
+
+I don't know if it will ever be the case, but you may want to customize the firmware in order to avoid detection done by *USBvalve-aware* malware :-)
+
+I grouped most of the variables you may want to modify in this section ([see Dockerfile below for rebuilding](https://github.com/cecio/USBvalve#dockerfile))
+
+```C
+// Anti-Detection settings.
+//
+// Set USB IDs strings and numbers, to avoid possible detections.
+// Remember that you can cusotmize FAKE_DISK_BLOCK_NUM as well
+// for the same reason. Also DISK_LABEL in ramdisk.h can be changed.
+//
+// You can see here for inspiration: https://the-sz.com/products/usbid/
+//
+// Example:
+//             0x0951 0x16D5    VENDORID_STR: Kingston   PRODUCTID_STR: DataTraveler
+//
+#define USB_VENDORID 0x0951               // This override the Pi Pico default 0x2E8A
+#define USB_PRODUCTID 0x16D5              // This override the Pi Pico default 0x000A
+#define USB_DESCRIPTOR "DataTraveler"     // This override the Pi Pico default "Pico"
+#define USB_MANUF "Kingston"              // This override the Pi Pico default "Raspberry Pi"
+#define USB_SERIAL "123456789A"           // This override the Pi Pico default. Disabled by default. \
+                                          // See "setSerialDescriptor" in setup() if needed
+#define USB_VENDORID_STR "Kingston"       // Up to 8 chars
+#define USB_PRODUCTID_STR "DataTraveler"  // Up to 16 chars
+#define USB_VERSION_STR "1.0"             // Up to 4 chars
+```
+
+
 ### Building your firmware
 
 Obviously you can also build your own firmware. To build the *standard* one I used:
 
-- Arduino IDE 2.1.0
-- ~~as board I used `Raspberry Pi Pico - Arduino MBED OS RP2040` version `4.0.2`~~
-- ~~`Adafruit TinyUSB Library` version `1.14.4`. Newer versions are not working because the RPI SDK of the board is stick to an older version.  May be migrate the entire project directly on Raspberry Pi Pico SDK is the solution here.~~
-- `Adafruit TinyUSB Library` version `2.2.0` and Board `Raspberry Pi RP2040 (2.7.0)` setting clock at 240MHz (overclock)
+- Arduino IDE `2.2.1`
+- `Adafruit TinyUSB Library` version `2.2.3`, Board `Raspberry Pi RP2040 (3.6.0)` setting Tools=>CPU Speed at `120MHz` and Tools=>USB Stack to `Adafruit TinyUSB`
 - `ssd1306` OLED library version `1.8.3`
 
 If you want to re-create a new fake filesystem, you may want to have a look to the `utils` folder, where I placed some utilities to build a new one.
 
-**NOTE**: if you have ideas or improvements in your mind, I encourage you to open an issue so that we can improve the project together! Thanks!
+#### Dockerfile
+
+If you want to build your own firmware, after you customized it, I provide a `Dockerfile` which builds a complete **Arduino** environment and compile the firmware. Enter the following commands in the main `USBvalve` folder:
+
+```
+docker build -t usbvalve/arduino-cli .
+docker run --rm --name usbvalve -v $PWD:/mnt usbvalve/arduino-cli /mnt/USBvalve 
+```
+
+The firmware will be placed with extension `uf2` in folder `USBvalve_out`.
+
+### Contribute
+
+If you have ideas or improvements in your mind, I encourage you to open an issue so that we can improve the project together! Thanks!

USBvalve/USBvalve.ino

@@ -19,6 +19,8 @@
 #include <pio_usb.h>
 #include "Adafruit_TinyUSB.h"
 #include "SSD1306AsciiWire.h"
+#include <XxHash_arduino.h>
+#include <pico/stdlib.h> 
 
 //
 // BADUSB detector section
@@ -42,7 +44,7 @@ Adafruit_USBH_Host USBHost;
 // Define vars for OLED screen
 #define I2C_ADDRESS 0x3C  // 0X3C+SA0 - 0x3C or 0x3D
 #define RST_PIN -1        // Define proper RST_PIN if required.
-#define OLED_HEIGHT 64    // 64 or 32 depending on the OLED
+#define OLED_HEIGHT 32    // 64 or 32 depending on the OLED
 #define OLED_LINES (OLED_HEIGHT / 8)
 SSD1306AsciiWire oled;
 
@@ -52,7 +54,6 @@ SSD1306AsciiWire oled;
 #define FAKE_DISK_BLOCK_NUM 0x800
 #define DISK_BLOCK_SIZE 0x200
 #include "ramdisk.h"
-#include "quark.h"
 
 Adafruit_USBD_MSC usb_msc;
 
@@ -74,12 +75,34 @@ bool activeState = false;
 //
 // USBvalve globals
 //
-#define VERSION "USBvalve - 0.9.0"
+#define VERSION "USBvalve - 0.13.1"
 boolean readme = false;
 boolean autorun = false;
 boolean written = false;
 boolean written_reported = false;
-int x = 2;
+boolean hid_sent = false;
+boolean hid_reported = false;
+
+// Anti-Detection settings.
+//
+// Set USB IDs strings and numbers, to avoid possible detections.
+// Remember that you can cusotmize FAKE_DISK_BLOCK_NUM as well
+// for the same reason. Also DISK_LABEL in ramdisk.h can be changed.
+//
+// You can see here for inspiration: https://the-sz.com/products/usbid/
+//
+// Example:
+//             0x0951 0x16D5    VENDORID_STR: Kingston   PRODUCTID_STR: DataTraveler
+//
+#define USB_VENDORID 0x0951               // This override the Pi Pico default 0x2E8A
+#define USB_PRODUCTID 0x16D5              // This override the Pi Pico default 0x000A
+#define USB_DESCRIPTOR "DataTraveler"     // This override the Pi Pico default "Pico"
+#define USB_MANUF "Kingston"              // This override the Pi Pico default "Raspberry Pi"
+#define USB_SERIAL "123456789A"           // This override the Pi Pico default. Disabled by default. \
+                                          // See "setSerialDescriptor" in setup() if needed
+#define USB_VENDORID_STR "Kingston"       // Up to 8 chars
+#define USB_PRODUCTID_STR "DataTraveler"  // Up to 16 chars
+#define USB_VERSION_STR "1.0"             // Up to 4 chars
 
 #define BLOCK_AUTORUN 102       // Block where Autorun.inf file is saved
 #define BLOCK_README 100        // Block where README.txt file is saved
@@ -88,21 +111,16 @@ int x = 2;
 #define BYTES_TO_HASH_OFFSET 7  // Starting sector to check for consistency (FAT_DIRECTORY is 7)
 
 // Burned hash to check consistency
-u8 valid_hash[WIDTH] = {
-  0x35, 0x98, 0x95, 0x97, 0xC7, 0x70, 0xD3, 0xE4,
-  0xDD, 0x84, 0x71, 0x1D, 0x55, 0xD2, 0xE5, 0xA4,
-  0x6C, 0x28, 0x84, 0xF6, 0xE1, 0x02, 0xD1, 0x74,
-  0x2F, 0xE9, 0x92, 0xAD, 0xAD, 0x74, 0x71, 0xF0,
-  0x37, 0xFF, 0x79, 0x39, 0xDC, 0x20, 0x56, 0x26,
-  0xFE, 0xC7, 0x9A, 0x4E, 0x3A, 0x27, 0x65, 0x81
-};
-
-u8 computed_hash[WIDTH] = { 0x00 };
+uint valid_hash = 2362816530;
 
 // Core 0 Setup: will be used for the USB mass device functions
 void setup() {
-  // Check consistency of RAM FS
-  quark(computed_hash, msc_disk[BYTES_TO_HASH_OFFSET], BYTES_TO_HASH);
+  // Change all the USB Pico settings
+  TinyUSBDevice.setID(USB_VENDORID, USB_PRODUCTID);
+  TinyUSBDevice.setProductDescriptor(USB_DESCRIPTOR);
+  TinyUSBDevice.setManufacturerDescriptor(USB_MANUF);
+  // This could be used to change the serial number as well
+  // TinyUSBDevice.setSerialDescriptor(USB_SERIAL);
 
 #if defined(ARDUINO_ARCH_MBED) && defined(ARDUINO_ARCH_RP2040)
   // Manual begin() is required on core without built-in support for TinyUSB such as
@@ -111,7 +129,7 @@ void setup() {
 #endif
 
   // Set disk vendor id, product id and revision with string up to 8, 16, 4 characters respectively
-  usb_msc.setID("Watchdog", "USBvalve", "0.1");
+  usb_msc.setID(USB_VENDORID_STR, USB_PRODUCTID_STR, USB_VERSION_STR);
 
   // Set disk size (using the "fake" size)
   usb_msc.setCapacity(FAKE_DISK_BLOCK_NUM, DISK_BLOCK_SIZE);
@@ -127,8 +145,6 @@ void setup() {
   usb_msc.setReadyCallback(msc_ready_callback);
 #endif
 
-  usb_msc.begin();
-
   // Screen Init
   Wire.begin();
   Wire.setClock(400000L);
@@ -147,23 +163,30 @@ void setup() {
 #endif
 
   oled.setFont(Adafruit5x7);
+  oled.setScrollMode(SCROLL_MODE_AUTO);
   cls();  // Clear display
 
-  if (memcmp(computed_hash, valid_hash, WIDTH) == 0) {
-    oled.println("[+] Selftest: OK");
-    x++;
+  // Check consistency of RAM FS
+  // Add 11 bytes to skip the DISK_LABEL from the hashing
+  uint computed_hash;
+  computed_hash = XXH32(msc_disk[BYTES_TO_HASH_OFFSET] + 11, BYTES_TO_HASH, 0);
+  if (computed_hash == valid_hash) {
+    oled.print("\n[+] Selftest: OK");
   } else {
-    oled.println("[!] Selftest: KO");
-    oled.println("[!] Stopping...");
+    oled.print("\n[!] Selftest: KO");
+    oled.print("\n[!] Stopping...");
     while (1) {
       delay(1000);  // Loop forever
     }
   }
+
+  usb_msc.begin();
 }
 
 // Core 1 Setup: will be used for the USB host functions for BADUSB detector
 void setup1() {
-  //while ( !Serial ) delay(10);   // wait for native usb
+  // Set a custom clock (multiple of 12Mhz) to achieve maximum compatibility
+  set_sys_clock_khz(144000, true);
 
   pio_usb_configuration_t pio_cfg = PIO_USB_DEFAULT_CONFIG;
   pio_cfg.pin_dp = HOST_PIN_DP;
@@ -179,26 +202,31 @@ void setup1() {
 void loop() {
 
   if (readme == true) {
-    if (x == OLED_LINES) cls();
-    oled.println("[!] README (R)");
-    x++;
+    oled.print("\n[!] README (R)");
     readme = false;
   }
 
   if (autorun == true) {
-    if (x == OLED_LINES) cls();
-    oled.println("[+] AUTORUN (R)");
-    x++;
+    oled.print("\n[+] AUTORUN (R)");
     autorun = false;
   }
 
   if (written == true && written_reported == false) {
-    if (x == OLED_LINES) cls();
-    oled.println("[!] WRITING");
-    x++;
+    oled.print("\n[!] WRITING");
     written = false;
     written_reported = true;
   }
+
+  if (hid_sent == true && hid_reported == false) {
+    oled.print("\n[!!] HID Sending data");
+    hid_sent = false;
+    hid_reported = true;
+  }
+
+  if (BOOTSEL) {
+    oled.print("\n[+] RESETTING");
+    swreset();
+  }
 }
 
 // Main Core1 loop: managing USB Host
@@ -289,9 +317,8 @@ bool msc_ready_callback(void) {
 // Clear display
 void cls(void) {
   oled.clear();
-  oled.println(VERSION);
-  oled.println("----------------");
-  x = 2;
+  oled.print(VERSION);
+  oled.print("\n-----------------");
 }
 
 // HexDump
@@ -330,6 +357,13 @@ void hexDump(unsigned char* data, size_t size) {
   SerialTinyUSB.println();
 }
 
+// Reset the Pico
+void swreset()
+{
+    watchdog_enable(1500, 1);
+    while(1);
+}
+
 //
 // BADUSB detector section
 //
@@ -346,9 +380,7 @@ void tuh_hid_mount_cb(uint8_t dev_addr, uint8_t instance, uint8_t const* desc_re
 
   tuh_vid_pid_get(dev_addr, &vid, &pid);
 
-  if (x == OLED_LINES) cls();
-  oled.println("[++] HID Device");
-  x++;
+  oled.print("\n[!!] HID Device");
 
   SerialTinyUSB.printf("HID device address = %d, instance = %d mounted\r\n", dev_addr, instance);
   SerialTinyUSB.printf("VID = %04x, PID = %04x\r\n", vid, pid);
@@ -362,6 +394,10 @@ void tuh_hid_mount_cb(uint8_t dev_addr, uint8_t instance, uint8_t const* desc_re
 // Invoked when device with hid interface is un-mounted
 void tuh_hid_umount_cb(uint8_t dev_addr, uint8_t instance) {
   SerialTinyUSB.printf("HID device address = %d, instance = %d unmounted\r\n", dev_addr, instance);
+
+  // Reset HID sent flag
+  hid_sent = false;
+  hid_reported = false;
 }
 
 // Invoked when received report from device
@@ -370,10 +406,9 @@ void tuh_hid_report_received_cb(uint8_t dev_addr, uint8_t instance, uint8_t cons
   static bool kbd_printed = false;
   static bool mouse_printed = false;
 
-  if (x == OLED_LINES) cls();
-  oled.println("[!!] HID Sending data");
-  x++;
-
+  // Used in main loop to write output to OLED
+  hid_sent = true;
+  
   // Read the HID protocol
   uint8_t const itf_protocol = tuh_hid_interface_protocol(dev_addr, instance);
 
@@ -504,9 +539,9 @@ static void process_mouse_report(hid_mouse_report_t const* report) {
   uint8_t button_changed_mask = report->buttons ^ prev_report.buttons;
   if (button_changed_mask & report->buttons) {
     SerialTinyUSB.printf("MOUSE: %c%c%c ",
-           report->buttons & MOUSE_BUTTON_LEFT ? 'L' : '-',
-           report->buttons & MOUSE_BUTTON_MIDDLE ? 'M' : '-',
-           report->buttons & MOUSE_BUTTON_RIGHT ? 'R' : '-');
+                         report->buttons & MOUSE_BUTTON_LEFT ? 'L' : '-',
+                         report->buttons & MOUSE_BUTTON_MIDDLE ? 'M' : '-',
+                         report->buttons & MOUSE_BUTTON_RIGHT ? 'R' : '-');
   }
 
   cursor_movement(report->x, report->y, report->wheel);
@@ -516,4 +551,4 @@ void cursor_movement(int8_t x, int8_t y, int8_t wheel) {
   SerialTinyUSB.printf("(%d %d %d)\r\n", x, y, wheel);
 }
 
-// END of BADUSB detector section
+// END of BADUSB detector section

USBvalve/quark.c

@@ -1,484 +0,0 @@
-/*
-  USBvalve
-*/
-
-/*
-   Quark reference C implementation
-
-   Copyright (c) 2010-2014 Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along with
-   this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
- */
-#include <stdint.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include "quark.h"
-
-#define DIGEST WIDTH
-
-typedef uint64_t u64;
-typedef uint32_t u32;
-typedef uint8_t u8;
-
-typedef struct
-{
-  int pos;          /* number of bytes read into x from current block */
-  u32 x[WIDTH * 8]; /* one bit stored in each word */
-} hashState;
-
-
-#if defined(UQUARK)
-/* 17 bytes */
-u8 iv[] = { 0xd8, 0xda, 0xca, 0x44, 0x41, 0x4a, 0x09, 0x97,
-            0x19, 0xc8, 0x0a, 0xa3, 0xaf, 0x06, 0x56, 0x44, 0xdb };
-#elif defined(DQUARK)
-/* 22 bytes */
-u8 iv[] = { 0xcc, 0x6c, 0x4a, 0xb7, 0xd1, 0x1f, 0xa9, 0xbd,
-            0xf6, 0xee, 0xde, 0x03, 0xd8, 0x7b, 0x68, 0xf9,
-            0x1b, 0xaa, 0x70, 0x6c, 0x20, 0xe9 };
-#elif defined(SQUARK)
-/* 32 bytes */
-u8 iv[] = { 0x39, 0x72, 0x51, 0xce, 0xe1, 0xde, 0x8a, 0xa7,
-            0x3e, 0xa2, 0x62, 0x50, 0xc6, 0xd7, 0xbe, 0x12,
-            0x8c, 0xd3, 0xe7, 0x9d, 0xd7, 0x18, 0xc2, 0x4b,
-            0x8a, 0x19, 0xd0, 0x9c, 0x24, 0x92, 0xda, 0x5d };
-#elif defined(CQUARK)
-/* 48 bytes */
-u8 iv[] = { 0x3b, 0x45, 0x03, 0xec, 0x76, 0x62, 0xc3, 0xcb,
-            0x30, 0xe0, 0x08, 0x37, 0xec, 0x8d, 0x38, 0xbb,
-            0xe5, 0xff, 0x5a, 0xcd, 0x69, 0x01, 0xa2, 0x49,
-            0x57, 0x50, 0xf9, 0x19, 0x8e, 0x2e, 0x3b, 0x58,
-            0x52, 0xdc, 0xaa, 0x16, 0x62, 0xb7, 0xda, 0xd6,
-            0x5f, 0xcb, 0x5a, 0x8a, 0x1f, 0x0d, 0x5f, 0xcc };
-#endif
-
-void showstate(u32 *x) {
-
-  int i;
-  u8 buf = 0;
-
-  for (i = 0; i < 8 * WIDTH; ++i) {
-    buf ^= (1 & x[i]) << (7 - (i % 8));
-
-    if (((i % 8) == 7) && (i)) {
-      printf("%02x", buf);
-      buf = 0;
-    }
-  }
-
-  printf("\n");
-}
-
-
-int permute_u(u32 *x) {
-  /* state of 136=2x68 bits */
-#define ROUNDS_U 4 * 136
-#define N_LEN_U 68
-#define L_LEN_U 10
-
-  u32 *X, *Y, *L;
-  u32 h;
-  int i;
-
-  X = (u32 *)malloc((N_LEN_U + ROUNDS_U) * sizeof(u32));
-  Y = (u32 *)malloc((N_LEN_U + ROUNDS_U) * sizeof(u32));
-  L = (u32 *)malloc((L_LEN_U + ROUNDS_U) * sizeof(u32));
-
-  /* local copy of the state in the registers*/
-  for (i = 0; i < N_LEN_U; ++i) {
-    X[i] = x[i];
-    Y[i] = x[i + N_LEN_U];
-  }
-
-  /* initialize the LFSR to 11..11 */
-  for (i = 0; i < L_LEN_U; ++i)
-    L[i] = 0xFFFFFFFF;
-
-  /* iterate rounds */
-  for (i = 0; i < ROUNDS_U; ++i) {
-
-    /* indices up to i+59, for 8x parallelizibility*/
-
-    /* need X[i] as linear term only, for invertibility */
-    X[N_LEN_U + i] = X[i] ^ Y[i];
-    X[N_LEN_U + i] ^= X[i + 9] ^ X[i + 14] ^ X[i + 21] ^ X[i + 28] ^ X[i + 33] ^ X[i + 37] ^ X[i + 45] ^ X[i + 52] ^ X[i + 55] ^ X[i + 50] ^ (X[i + 59] & X[i + 55]) ^ (X[i + 37] & X[i + 33]) ^ (X[i + 15] & X[i + 9]) ^ (X[i + 55] & X[i + 52] & X[i + 45]) ^ (X[i + 33] & X[i + 28] & X[i + 21]) ^ (X[i + 59] & X[i + 45] & X[i + 28] & X[i + 9]) ^ (X[i + 55] & X[i + 52] & X[i + 37] & X[i + 33]) ^ (X[i + 59] & X[i + 55] & X[i + 21] & X[i + 15]) ^ (X[i + 59] & X[i + 55] & X[i + 52] & X[i + 45] & X[i + 37]) ^ (X[i + 33] & X[i + 28] & X[i + 21] & X[i + 15] & X[i + 9]) ^ (X[i + 52] & X[i + 45] & X[i + 37] & X[i + 33] & X[i + 28] & X[i + 21]);
-
-    /* need Y[i] as linear term only, for invertibility */
-    Y[N_LEN_U + i] = Y[i];
-    Y[N_LEN_U + i] ^= Y[i + 7] ^ Y[i + 16] ^ Y[i + 20] ^ Y[i + 30] ^ Y[i + 35] ^ Y[i + 37] ^ Y[i + 42] ^ Y[i + 51] ^ Y[i + 54] ^ Y[i + 49] ^ (Y[i + 58] & Y[i + 54]) ^ (Y[i + 37] & Y[i + 35]) ^ (Y[i + 15] & Y[i + 7]) ^ (Y[i + 54] & Y[i + 51] & Y[i + 42]) ^ (Y[i + 35] & Y[i + 30] & Y[i + 20]) ^ (Y[i + 58] & Y[i + 42] & Y[i + 30] & Y[i + 7]) ^ (Y[i + 54] & Y[i + 51] & Y[i + 37] & Y[i + 35]) ^ (Y[i + 58] & Y[i + 54] & Y[i + 20] & Y[i + 15]) ^ (Y[i + 58] & Y[i + 54] & Y[i + 51] & Y[i + 42] & Y[i + 37]) ^ (Y[i + 35] & Y[i + 30] & Y[i + 20] & Y[i + 15] & Y[i + 7]) ^ (Y[i + 51] & Y[i + 42] & Y[i + 37] & Y[i + 35] & Y[i + 30] & Y[i + 20]);
-
-    /* need L[i] as linear term only, for invertibility */
-    L[L_LEN_U + i] = L[i];
-    L[L_LEN_U + i] ^= L[i + 3];
-
-    /* compute output of the h function */
-    h = X[i + 25] ^ Y[i + 59] ^ (Y[i + 3] & X[i + 55]) ^ (X[i + 46] & X[i + 55]) ^ (X[i + 55] & Y[i + 59]) ^ (Y[i + 3] & X[i + 25] & X[i + 46]) ^ (Y[i + 3] & X[i + 46] & X[i + 55]) ^ (Y[i + 3] & X[i + 46] & Y[i + 59]) ^ (X[i + 25] & X[i + 46] & Y[i + 59] & L[i]) ^ (X[i + 25] & L[i]);
-    h ^= X[i + 1] ^ Y[i + 2] ^ X[i + 4] ^ Y[i + 10] ^ X[i + 31] ^ Y[i + 43] ^ X[i + 56] ^ L[i];
-
-    /* feedback of h into the registers */
-    X[N_LEN_U + i] ^= h;
-    Y[N_LEN_U + i] ^= h;
-  }
-
-  /* copy final state into hashState */
-  for (i = 0; i < N_LEN_U; ++i) {
-    x[i] = X[ROUNDS_U + i];
-    x[i + N_LEN_U] = Y[ROUNDS_U + i];
-  }
-
-  free(X);
-  free(Y);
-  free(L);
-
-  return 0;
-}
-
-
-int permute_d(u32 *x) {
-  /* state of 176=2x88 bits */
-#define ROUNDS_D 4 * 176
-#define N_LEN_D 88
-#define L_LEN_D 10
-
-  u32 *X, *Y, *L;
-  u32 h;
-  int i;
-
-  X = (u32 *)malloc((N_LEN_D + ROUNDS_D) * sizeof(u32));
-  Y = (u32 *)malloc((N_LEN_D + ROUNDS_D) * sizeof(u32));
-  L = (u32 *)malloc((L_LEN_D + ROUNDS_D) * sizeof(u32));
-
-  /* local copy of the state in the registers*/
-  for (i = 0; i < N_LEN_D; ++i) {
-    X[i] = x[i];
-    Y[i] = x[i + N_LEN_D];
-  }
-
-  /* initialize the LFSR to 11..11 */
-  for (i = 0; i < L_LEN_D; ++i)
-    L[i] = 0xFFFFFFFF;
-
-  /* iterate rounds */
-  for (i = 0; i < ROUNDS_D; ++i) {
-
-    /* need X[i] as linear term only, for invertibility */
-    X[N_LEN_D + i] = X[i] ^ Y[i];
-    X[N_LEN_D + i] ^= X[i + 11] ^ X[i + 18] ^ X[i + 27] ^ X[i + 36] ^ X[i + 42] ^ X[i + 47] ^ X[i + 58] ^ X[i + 67] ^ X[i + 71] ^ X[i + 64] ^ (X[i + 79] & X[i + 71]) ^ (X[i + 47] & X[i + 42]) ^ (X[i + 19] & X[i + 11]) ^ (X[i + 71] & X[i + 67] & X[i + 58]) ^ (X[i + 42] & X[i + 36] & X[i + 27]) ^ (X[i + 79] & X[i + 58] & X[i + 36] & X[i + 11]) ^ (X[i + 71] & X[i + 67] & X[i + 47] & X[i + 42]) ^ (X[i + 79] & X[i + 71] & X[i + 27] & X[i + 19]) ^ (X[i + 79] & X[i + 71] & X[i + 67] & X[i + 58] & X[i + 47]) ^ (X[i + 42] & X[i + 36] & X[i + 27] & X[i + 19] & X[i + 11]) ^ (X[i + 67] & X[i + 58] & X[i + 47] & X[i + 42] & X[i + 36] & X[i + 27]);
-
-
-    /* need Y[i] as linear term only, for invertibility */
-    Y[N_LEN_D + i] = Y[i];
-    Y[N_LEN_D + i] ^= Y[i + 9] ^ Y[i + 20] ^ Y[i + 25] ^ Y[i + 38] ^ Y[i + 44] ^ Y[i + 47] ^ Y[i + 54] ^ Y[i + 67] ^ Y[i + 69] ^ Y[i + 63] ^ (Y[i + 78] & Y[i + 69]) ^ (Y[i + 47] & Y[i + 44]) ^ (Y[i + 19] & Y[i + 9]) ^ (Y[i + 69] & Y[i + 67] & Y[i + 54]) ^ (Y[i + 44] & Y[i + 38] & Y[i + 25]) ^ (Y[i + 78] & Y[i + 54] & Y[i + 38] & Y[i + 9]) ^ (Y[i + 69] & Y[i + 67] & Y[i + 47] & Y[i + 44]) ^ (Y[i + 78] & Y[i + 69] & Y[i + 25] & Y[i + 19]) ^ (Y[i + 78] & Y[i + 69] & Y[i + 67] & Y[i + 54] & Y[i + 47]) ^ (Y[i + 44] & Y[i + 38] & Y[i + 25] & Y[i + 19] & Y[i + 9]) ^ (Y[i + 67] & Y[i + 54] & Y[i + 47] & Y[i + 44] & Y[i + 38] & Y[i + 25]);
-
-    /* need L[i] as linear term only, for invertibility */
-    L[L_LEN_D + i] = L[i];
-    L[L_LEN_D + i] ^= L[i + 3];  // linear feedback here
-
-    /* compute output of the h function */
-    h = X[i + 35] ^ Y[i + 79] ^ (Y[i + 4] & X[i + 68]) ^ (X[i + 57] & X[i + 68]) ^ (X[i + 68] & Y[i + 79]) ^ (Y[i + 4] & X[i + 35] & X[i + 57]) ^ (Y[i + 4] & X[i + 57] & X[i + 68]) ^ (Y[i + 4] & X[i + 57] & Y[i + 79]) ^ (X[i + 35] & X[i + 57] & Y[i + 79] & L[i]) ^ (X[i + 35] & L[i]);
-    h ^= X[i + 1] ^ Y[i + 2] ^ X[i + 5] ^ Y[i + 12] ^ X[i + 40] ^ Y[i + 55] ^ X[i + 72] ^ L[i];
-    h ^= Y[i + 24] ^ X[i + 48] ^ Y[i + 61];
-
-    /* feedback of h into the registers */
-    X[N_LEN_D + i] ^= h;
-    Y[N_LEN_D + i] ^= h;
-  }
-
-  /* copy final state into hashState */
-  for (i = 0; i < N_LEN_D; ++i) {
-    x[i] = X[ROUNDS_D + i];
-    x[i + N_LEN_D] = Y[ROUNDS_D + i];
-  }
-
-  free(X);
-  free(Y);
-  free(L);
-
-  return 0;
-}
-
-
-int permute_s(u32 *x) {
-  /* state of 256=2x128 bits */
-#define ROUNDS_S 4 * 256
-#define N_LEN_S 128
-#define L_LEN_S 10
-
-  u32 *X, *Y, *L;
-  u32 h;
-  int i;
-
-  X = (u32 *)malloc((N_LEN_S + ROUNDS_S) * sizeof(u32));
-  Y = (u32 *)malloc((N_LEN_S + ROUNDS_S) * sizeof(u32));
-  L = (u32 *)malloc((L_LEN_S + ROUNDS_S) * sizeof(u32));
-
-  /* local copy of the state in the registers*/
-  for (i = 0; i < N_LEN_S; ++i) {
-    X[i] = x[i];
-    Y[i] = x[i + N_LEN_S];
-  }
-
-  /* initialize the LFSR to 11..11 */
-  for (i = 0; i < L_LEN_S; ++i)
-    L[i] = 0xFFFFFFFF;
-
-  /* iterate rounds */
-  for (i = 0; i < ROUNDS_S; ++i) {
-
-    /* need X[i] as linear term only, for invertibility */
-    X[N_LEN_S + i] = X[i] ^ Y[i];
-    X[N_LEN_S + i] ^= X[i + 16] ^ X[i + 26] ^ X[i + 39] ^ X[i + 52] ^ X[i + 61] ^ X[i + 69] ^ X[i + 84] ^ X[i + 97] ^ X[i + 103] ^ X[i + 94] ^ (X[i + 111] & X[i + 103]) ^ (X[i + 69] & X[i + 61]) ^ (X[i + 28] & X[i + 16]) ^ (X[i + 103] & X[i + 97] & X[i + 84]) ^ (X[i + 61] & X[i + 52] & X[i + 39]) ^ (X[i + 111] & X[i + 84] & X[i + 52] & X[i + 16]) ^ (X[i + 103] & X[i + 97] & X[i + 69] & X[i + 61]) ^ (X[i + 111] & X[i + 103] & X[i + 39] & X[i + 28]) ^ (X[i + 111] & X[i + 103] & X[i + 97] & X[i + 84] & X[i + 69]) ^ (X[i + 61] & X[i + 52] & X[i + 39] & X[i + 28] & X[i + 16]) ^ (X[i + 97] & X[i + 84] & X[i + 69] & X[i + 61] & X[i + 52] & X[i + 39]);
-
-    /* need Y[i] as linear term only, for invertibility */
-    Y[N_LEN_S + i] = Y[i];
-    Y[N_LEN_S + i] ^= Y[i + 13] ^ Y[i + 30] ^ Y[i + 37] ^ Y[i + 56] ^ Y[i + 65] ^ Y[i + 69] ^ Y[i + 79] ^ Y[i + 96] ^ Y[i + 101] ^ Y[i + 92] ^ (Y[i + 109] & Y[i + 101]) ^ (Y[i + 69] & Y[i + 65]) ^ (Y[i + 28] & Y[i + 13]) ^ (Y[i + 101] & Y[i + 96] & Y[i + 79]) ^ (Y[i + 65] & Y[i + 56] & Y[i + 37]) ^ (Y[i + 109] & Y[i + 79] & Y[i + 56] & Y[i + 13]) ^ (Y[i + 101] & Y[i + 96] & Y[i + 69] & Y[i + 65]) ^ (Y[i + 109] & Y[i + 101] & Y[i + 37] & Y[i + 28]) ^ (Y[i + 109] & Y[i + 101] & Y[i + 96] & Y[i + 79] & Y[i + 69]) ^ (Y[i + 65] & Y[i + 56] & Y[i + 37] & Y[i + 28] & Y[i + 13]) ^ (Y[i + 96] & Y[i + 79] & Y[i + 69] & Y[i + 65] & Y[i + 56] & Y[i + 37]);
-
-    /* need L[i] as linear term only, for invertibility */
-    L[L_LEN_S + i] = L[i];
-    L[L_LEN_S + i] ^= L[i + 3];  // linear feedback here
-
-    /* compute output of the h function */
-    h = X[i + 47] ^ Y[i + 111] ^ (Y[i + 8] & X[i + 100]) ^ (X[i + 72] & X[i + 100]) ^ (X[i + 100] & Y[i + 111]) ^ (Y[i + 8] & X[i + 47] & X[i + 72]) ^ (Y[i + 8] & X[i + 72] & X[i + 100]) ^ (Y[i + 8] & X[i + 72] & Y[i + 111]) ^ (X[i + 47] & X[i + 72] & Y[i + 111] & L[i]) ^ (X[i + 47] & L[i]);
-    h ^= X[i + 1] ^ Y[i + 3] ^ X[i + 7] ^ Y[i + 18] ^ X[i + 58] ^ Y[i + 80] ^ X[i + 105] ^ L[i];
-    h ^= Y[i + 34] ^ Y[i + 71] ^ X[i + 90] ^ Y[i + 91];
-
-    /* feedback of h into the registers */
-    X[N_LEN_S + i] ^= h;
-    Y[N_LEN_S + i] ^= h;
-  }
-
-  /* copy final state into hashState */
-  for (i = 0; i < N_LEN_S; ++i) {
-    x[i] = X[ROUNDS_S + i];
-    x[i + N_LEN_S] = Y[ROUNDS_S + i];
-  }
-
-  free(X);
-  free(Y);
-  free(L);
-
-  return 0;
-}
-
-
-int permute_c(u32 *x) {
-  /* state of 384=2x192 bits */
-#define ROUNDS_C 2 * 384
-#define N_LEN_C 192
-#define L_LEN_C 16
-
-  u32 *X, *Y, *L;
-  u32 h;
-  int i;
-
-  X = (u32 *)malloc((N_LEN_C + ROUNDS_C) * sizeof(u32));
-  Y = (u32 *)malloc((N_LEN_C + ROUNDS_C) * sizeof(u32));
-  L = (u32 *)malloc((L_LEN_C + ROUNDS_C) * sizeof(u32));
-
-  /* local copy of the state in the registers*/
-  for (i = 0; i < N_LEN_C; ++i) {
-    X[i] = x[i];
-    Y[i] = x[i + N_LEN_C];
-  }
-
-  /* initialize the LFSR to 11..11 */
-  for (i = 0; i < L_LEN_C; ++i)
-    L[i] = 0xFFFFFFFF;
-
-  /* iterate rounds */
-  for (i = 0; i < ROUNDS_C; ++i) {
-
-    X[N_LEN_C + i] = X[i] ^ Y[i];
-    X[N_LEN_C + i] ^= X[i + 13] ^ X[i + 34] ^ X[i + 65] ^ X[i + 77] ^ X[i + 94] ^ X[i + 109] ^ X[i + 127] ^ X[i + 145] ^ X[i + 157] ^ X[i + 140] ^ (X[i + 159] & X[i + 157]) ^ (X[i + 109] & X[i + 94]) ^ (X[i + 47] & X[i + 13]) ^ (X[i + 157] & X[i + 145] & X[i + 127]) ^ (X[i + 94] & X[i + 77] & X[i + 65]) ^ (X[i + 159] & X[i + 127] & X[i + 77] & X[i + 13]) ^ (X[i + 157] & X[i + 145] & X[i + 109] & X[i + 94]) ^ (X[i + 159] & X[i + 157] & X[i + 65] & X[i + 47]) ^ (X[i + 159] & X[i + 157] & X[i + 145] & X[i + 127] & X[i + 109]) ^ (X[i + 94] & X[i + 77] & X[i + 65] & X[i + 47] & X[i + 13]) ^ (X[i + 145] & X[i + 127] & X[i + 109] & X[i + 94] & X[i + 77] & X[i + 65]);
-
-    Y[N_LEN_C + i] = Y[i];
-    Y[N_LEN_C + i] ^= Y[i + 21] ^ Y[i + 57] ^ Y[i + 60] ^ Y[i + 94] ^ Y[i + 112] ^ Y[i + 125] ^ Y[i + 133] ^ Y[i + 152] ^ Y[i + 157] ^ Y[i + 146] ^ (Y[i + 159] & Y[i + 157]) ^ (Y[i + 125] & Y[i + 112]) ^ (Y[i + 36] & Y[i + 21]) ^ (Y[i + 157] & Y[i + 152] & Y[i + 133]) ^ (Y[i + 112] & Y[i + 94] & Y[i + 60]) ^ (Y[i + 159] & Y[i + 133] & Y[i + 94] & Y[i + 21]) ^ (Y[i + 157] & Y[i + 152] & Y[i + 125] & Y[i + 112]) ^ (Y[i + 159] & Y[i + 157] & Y[i + 60] & Y[i + 36]) ^ (Y[i + 159] & Y[i + 157] & Y[i + 152] & Y[i + 133] & Y[i + 125]) ^ (Y[i + 112] & Y[i + 94] & Y[i + 60] & Y[i + 36] & Y[i + 21]) ^ (Y[i + 152] & Y[i + 133] & Y[i + 125] & Y[i + 112] & Y[i + 94] & Y[i + 60]);
-
-    L[L_LEN_C + i] = L[i] ^ L[i + 2] ^ L[i + 3] ^ L[i + 5];
-
-
-    h = X[i + 25] ^ Y[i + 59] ^ (Y[i + 3] & X[i + 55]) ^ (X[i + 46] & X[i + 55]) ^ (X[i + 55] & Y[i + 59]) ^ (Y[i + 3] & X[i + 25] & X[i + 46]) ^ (Y[i + 3] & X[i + 46] & X[i + 55]) ^ (Y[i + 3] & X[i + 46] & Y[i + 59]) ^ (X[i + 25] & X[i + 46] & Y[i + 59] & L[i]) ^ (X[i + 25] & L[i]);
-    h ^= L[i];
-    h ^= X[i + 4] ^ X[i + 28] ^ X[i + 40] ^ X[i + 85] ^ X[i + 112] ^ X[i + 141] ^ X[i + 146] ^ X[i + 152];
-    h ^= Y[i + 2] ^ Y[i + 33] ^ Y[i + 60] ^ Y[i + 62] ^ Y[i + 87] ^ Y[i + 99] ^ Y[i + 138] ^ Y[i + 148];
-
-    X[N_LEN_C + i] ^= h;
-    Y[N_LEN_C + i] ^= h;
-  }
-
-  /* copy final state into hashState */
-  for (i = 0; i < N_LEN_C; ++i) {
-    x[i] = X[ROUNDS_C + i];
-    x[i + N_LEN_C] = Y[ROUNDS_C + i];
-  }
-
-  free(X);
-  free(Y);
-  free(L);
-
-  return 0;
-}
-
-
-
-
-/* permutation of the state */
-static void permute(u32 *x) {
-
-#ifdef DEBUG
-  printf("enter permute\n");
-  showstate(x);
-#endif
-
-#if defined(UQUARK)
-  permute_u(x);
-#elif defined(DQUARK)
-  permute_d(x);
-#elif defined(SQUARK)
-  permute_s(x);
-#elif defined(CQUARK)
-  permute_c(x);
-#endif
-
-#ifdef DEBUG
-  printf("permute done\n");
-  showstate(x);
-#endif
-}
-
-
-/* initialization of the IV */
-int init_iv(hashState *state) {
-  int i;
-
-#ifdef DEBUG
-  printf("enter init\n");
-#endif
-
-  /* initialize state */
-  for (i = 0; i < 8 * WIDTH; ++i)
-    state->x[i] = (iv[i / 8] >> (7 - (i % 8))) & 1;
-
-  state->pos = 0;
-
-#ifdef DEBUG
-  printf("init done\n");
-  showstate(state->x);
-#endif
-
-  return 0;
-}
-
-
-int update(hashState *state, const u8 *data, int databytelen) {
-  /* caller promises us that previous data had integral number of bytes */
-  /* so state->pos is a multiple of 8 */
-
-  int i;
-
-#ifdef DEBUG
-  printf("enter update\n");
-#endif
-
-  while (databytelen > 0) {
-
-    /* get next byte */
-    u8 u = *data;
-
-#ifdef DEBUG
-    printf("get byte %02x at pos %d\n", u, state->pos);
-#endif
-
-    /* xor state with each bit */
-    for (i = 8 * state->pos; i < 8 * state->pos + 8; ++i) {
-      state->x[(8 * (WIDTH - RATE)) + i] ^= (u >> (i % 8)) & 1;
-    }
-
-
-    data += 1;
-    databytelen -= 1;
-    state->pos += 1;
-
-    if (state->pos == RATE) {
-      permute(state->x);
-      state->pos = 0;
-    }
-  }
-
-#ifdef DEBUG
-  printf("update done\n");
-#endif
-
-  return 0;
-}
-
-
-/* finalize (padding) and return digest */
-int final(hashState *state, u8 *out) {
-  int i;
-  int outbytes = 0;
-  u8 u;
-
-#ifdef DEBUG
-  printf("enter final\n");
-#endif
-
-  /* append '1' bit */
-  state->x[8 * (WIDTH - RATE) + state->pos * 8] ^= 1;
-
-  /* permute to obtain first final state*/
-  permute(state->x);
-
-  /* zeroize output buffer */
-  for (i = 0; i < DIGEST; ++i)
-    out[i] = 0;
-
-  /* while output requested, extract RATE bytes and permute */
-  while (outbytes < DIGEST) {
-
-    /* extract one byte */
-    for (i = 0; i < 8; ++i) {
-      u = state->x[8 * (WIDTH - RATE) + i + 8 * (outbytes % RATE)] & 1;
-      out[outbytes] ^= (u << (7 - i));
-    }
-
-#ifdef DEBUG
-    printf("extracted byte %02x (%d)\n", out[outbytes], outbytes);
-#endif
-
-    outbytes += 1;
-
-    if (outbytes == DIGEST)
-      break;
-
-    /* if RATE bytes extracted, permute again */
-    if (!(outbytes % RATE)) {
-      permute(state->x);
-    }
-  }
-
-#ifdef DEBUG
-  printf("final done\n");
-#endif
-
-
-  return 0;
-}
-
-
-int quark(u8 *out, u8 *in, u64 inlen) {
-  /* inlen in bytes */
-
-  hashState state;
-
-  init_iv(&state);
-  update(&state, in, inlen);
-  final(&state, out);
-
-  return 0;
-}

USBvalve/quark.h

@@ -1,37 +0,0 @@
-/*
-  USBvalve
-*/
-
-typedef uint64_t u64;
-typedef uint32_t u32;
-typedef uint8_t u8;
-
-#define CQUARK
-
-#if defined(UQUARK)
-#define CAPACITY 16
-#define RATE 1
-#define WIDTH 17
-#elif defined(DQUARK)
-#define CAPACITY 20
-#define RATE 2
-#define WIDTH 22
-#elif defined(SQUARK)
-#define CAPACITY 28
-#define RATE 4
-#define WIDTH 32
-#elif defined(CQUARK)
-#define CAPACITY 40
-#define RATE 8
-#define WIDTH 48
-#endif
-
-#ifdef __cplusplus
- extern "C" {
-#endif
-
-int quark(u8 *out, u8 *in, u64 inlen);
-
-#ifdef __cplusplus
-}
-#endif

USBvalve/ramdisk.h

@@ -1,5 +1,7 @@
 /*
   USBvalve
+
+  RAMDISK file written by Cesare Pizzi
 */
 
 /*
@@ -35,9 +37,15 @@
 //    README.TXT
 //    System Volume Information
 //
+
+// Keep 11 chars
+#define DISK_LABEL 'M', 'y', 'D', 'r', 'i', 'v', 'e', ' ', ' ', ' ', ' '
+
+// Do not change this here, it is just for reference
 #define README_CONTENTS \
   "...nuke the entire site from orbit. It's the only way to be sure."
 
+// Do not change this here, it is just for reference
 #define AUTORUN_CONTENTS \
   "[autorun]\r\nopen=calc.exe\r\nicon=icon.ico\r\n"
 
@@ -134,7 +142,7 @@ uint8_t msc_disk[DISK_BLOCK_NUM][DISK_BLOCK_SIZE] = {
 },
 { 
 //------------- Block 7: -------------//
-0x55, 0x53, 0x42, 0x56, 0x41, 0x4c, 0x56, 0x45, 0x20, 0x20, 0x20, 0x08, 0x00, 0x00, 0xaf, 0x60, 
+DISK_LABEL, 0x08, 0x00, 0x00, 0xaf, 0x60, 
 0x6d, 0x55, 0x6d, 0x55, 0x00, 0x00, 0xaf, 0x60, 0x6d, 0x55, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
 0x41, 0x55, 0x54, 0x4f, 0x52, 0x55, 0x4e, 0x20, 0x49, 0x4e, 0x46, 0x20, 0x00, 0x9d, 0xef, 0x58, 
 0x6d, 0x55, 0x6b, 0x55, 0x00, 0x00, 0xef, 0x58, 0x6d, 0x55, 0x60, 0x00, 0x2a, 0x00, 0x00, 0x00, 
@@ -601,7 +609,38 @@ uint8_t msc_disk[DISK_BLOCK_NUM][DISK_BLOCK_SIZE] = {
 },
 { 
 //------------- Block 85: -------------//
-0x00
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+0x35, 0xc3, 0x28, 0x56, 0xaa, 0x10, 0x9b, 0xd7, 0xd2, 0x75, 0x6e, 0xcf, 0x1e, 0x1e, 0x21, 0xaf, 
+0xcc, 0x52, 0x04, 0xe4, 0xc3, 0x7d, 0x3e, 0xee, 0xf7, 0xf1, 0x7d, 0xe0, 0x09, 0x95, 0x11, 0x6c, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
 },
 { 
 //------------- Block 86: -------------//