def set_rand_bdaddr(src_hci, return_value=None):
"""
Sets the bluetooth address of 'src_hci' to a randomly chosen address and
returns the random address. If 'return_value' is not 'None', its value will
be returned instead without changing the bluetooth address.
Params:
- 'src_hci' - The local device to change the address of
- 'return_value' - Optional return value to return instead of the new
address
Returns:
The new randomly chosen adress or the value of 'return_value' if set.
"""
if return_value:
return return_value
prog = log.progress("Setting new BDADDR for %s" % (src_hci, ))
addr = ['%02x' % (ord(c), ) for c in os.urandom(6)]
final_addr = ':'.join(addr)
# Invoke bdaddr to change the address
code, _ = util.exec_command_block(
["./bdaddr", "-i", src_hci, "-r", final_addr])
if code != 0:
prog.failure("Failed to change BDADDR!")
sys.exit(1)
# Many bluetooth dongles have to be reconnected for the changes to apply
prog.status("Reconnect %s to complete the operation" % (src_hci, ))
while bt.hci_devid(final_addr) < 0:
time.sleep(0.1)
prog.success("Successfully changed BDADDR")
return final_addr
def set_bt_name(name, src_hci, src, dst):
"""
Sets the name of the local bluetooth device to 'name'.
Params:
- 'name' - The new name of the device
- 'src_hci' - Name of the bluetooth device to change the name of
- 'src' - The bluetooth address of the local device
- 'dst' - Bluetooth address of a remote device to temporarily connect with
(sets the REMOTE_NAME in 'dst')
"""
# Create raw HCI sock to set our BT name
raw_sock = bt.hci_open_dev(bt.hci_devid(src_hci))
flt = bt.hci_filter_new()
bt.hci_filter_all_ptypes(flt)
bt.hci_filter_all_events(flt)
raw_sock.setsockopt(bt.SOL_HCI, bt.HCI_FILTER, flt)
# Send raw HCI command to controller (first 3 bytes are padding for alignment)
raw_sock.sendall(
binascii.unhexlify('01130cf8cccccc') +
name.ljust(MAX_BT_NAME, b'\x00'))
raw_sock.close()
time.sleep(0.1)
# Connect to BNEP to "refresh" the name
bnep = bluetooth.BluetoothSocket(bluetooth.L2CAP)
bnep.bind((src, 0))
bnep.connect((dst, BNEP_PSM))
bnep.close()
# Close ACL connection again
util.exec_command_block(["hcitool", "dc", dst])
def set_rand_bdaddr(src_hci):
# Held for redundancy
addr = ['%02x' % (ord(c),) for c in os.urandom(6)]
# Input your MAC at "final_addr" as below.
final_addr = '00:00:00:00:00:00'
log.info('Set %s to BDADDR %s' % (src_hci, final_addr))
#time.sleep(1)
while bt.hci_devid(final_addr) < 0:
time.sleep(0.1)
return final_addr
def set_rand_bdaddr(src_hci):
addr = ['%02x' % (ord(c), ) for c in os.urandom(6)]
# NOTW: works only with CSR bluetooth adapters!
os.system(
'sudo bccmd -d %s psset -r bdaddr 0x%s 0x00 0x%s 0x%s 0x%s 0x00 0x%s 0x%s'
% (src_hci, addr[3], addr[5], addr[4], addr[2], addr[1], addr[0]))
final_addr = ':'.join(addr)
print('[*] Set %s to new rand BDADDR %s' % (src_hci, final_addr))
while bt.hci_devid(final_addr) < 0:
time.sleep(0.1)
return final_addr
def set_rand_bdaddr(src_hci):
addr = ['%02x' % (ord(c),) for c in os.urandom(6)]
# NOTW: works only with CSR bluetooth adapters!
os.system('sudo bccmd -d %s psset -r bdaddr 0x%s 0x00 0x%s 0x%s 0x%s 0x00 0x%s 0x%s' %
(src_hci, addr[3], addr[5], addr[4], addr[2], addr[1], addr[0]))
final_addr = ':'.join(addr)
log.info('Set %s to new rand BDADDR %s' % (src_hci, final_addr))
#time.sleep(1)
while bt.hci_devid(final_addr) < 0:
time.sleep(0.1)
return final_addr
def create_control_listening_socket(btaddr): psm = get_available_psm(btaddr) # print "Control socket: PSM %d" % psm s = create_control_socket() dev_id = bz.hci_devid(btaddr) if dev_id < 0 and btaddr and btaddr != "00:00:00:00:00:00": print "WARNING: the adapter address %s is invalid, " \ "using default adapter" % btaddr btaddr = "" s.bind((btaddr, psm)) s.listen(5) defer_setup(s) return (s, psm)
def set_bt_name(payload, src_hci, src, dst):
# Create raw HCI sock to set our BT name
raw_sock = bt.hci_open_dev(bt.hci_devid(src_hci))
flt = bt.hci_filter_new()
bt.hci_filter_all_ptypes(flt)
bt.hci_filter_all_events(flt)
raw_sock.setsockopt(bt.SOL_HCI, bt.HCI_FILTER, flt)
# Send raw HCI command to our controller to change the BT name (first 3 bytes are padding for alignment)
raw_sock.sendall(binascii.unhexlify('01130cf8cccccc') + payload.ljust(MAX_BT_NAME, b'\x00'))
raw_sock.close()
#time.sleep(1)
time.sleep(0.1)
# Connect to BNEP to "refresh" the name (does auth)
bnep = bluetooth.BluetoothSocket(bluetooth.L2CAP)
bnep.bind((src, 0))
bnep.connect((dst, BNEP_PSM))
bnep.close()
# Close ACL connection
os.system('hcitool dc %s' % (dst,))
def set_bt_name(payload, src_hci, src, dst):
# Create raw HCI sock to set our BT name
raw_sock = bt.hci_open_dev(bt.hci_devid(src_hci))
flt = bt.hci_filter_new()
bt.hci_filter_all_ptypes(flt)
bt.hci_filter_all_events(flt)
raw_sock.setsockopt(bt.SOL_HCI, bt.HCI_FILTER, flt)
# Send raw HCI command to our controller to change the BT name (first 3 bytes are padding for alignment)
raw_sock.sendall(binascii.unhexlify('01130cf8cccccc') + payload.ljust(MAX_BT_NAME, b'\x00'))
raw_sock.close()
#time.sleep(1)
time.sleep(0.1)
# Connect to BNEP to "refresh" the name (does auth)
bnep = bluetooth.BluetoothSocket(bluetooth.L2CAP)
bnep.bind((src, 0))
bnep.connect((dst, BNEP_PSM))
bnep.close()
# Close ACL connection
os.system('hcitool dc %s' % (dst,))
