def run(self):
interface = self.args["INTERFACE"]
timeout = utils.integerArg(self.args["TIMEOUT"])
self.emitter = self.getEmitter(interface=interface)
self.receiver = self.getReceiver(interface=interface)
if self.checkCapabilities():
io.info("Trying to connect to : " + self.args["TARGET"] +
" (type : " + self.args["CONNECTION_TYPE"] + ")")
self.emitter.sendp(
ble.BLEConnect(self.args["TARGET"],
type=self.args["CONNECTION_TYPE"]))
while not self.receiver.isConnected() and timeout > 0:
timeout -= 1
utils.wait(seconds=1)
if self.receiver.isConnected():
io.success("Connected on device : " + self.args["TARGET"])
return self.ok({"INTERFACE": self.args["INTERFACE"]})
else:
io.fail("Error during connection establishment !")
self.emitter.sendp(ble.BLEConnectionCancel())
return self.nok()
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to initiate connection.")
return self.nok()
def connect(self, packet):
if self.getStage() == BLEMitmStage.WAIT_CONNECTION:
io.success("Master connected : " + packet.srcAddr)
self.initiatorAddress = packet.srcAddr
self.initiatorAddressType = b"\x00" if packet.type == "public" else b"\x01"
if self.args["ADVERTISING_STRATEGY"] == "preconnect":
if utils.booleanArg(self.args["MASTER_SPOOFING"]):
self.a2sEmitter.sendp(ble.BLEDisconnect())
while self.a2sEmitter.isConnected():
utils.wait(seconds=0.01)
self.a2sEmitter.setAddress(packet.srcAddr,
random=packet.type == "random")
address = utils.addressArg(self.args["TARGET"])
connectionType = self.args["CONNECTION_TYPE"]
io.info("Connecting to slave " + address + "...")
self.a2sEmitter.sendp(
ble.BLEConnect(dstAddr=address,
type=connectionType,
initiatorType=packet.type))
while not self.a2sEmitter.isConnected():
utils.wait(seconds=0.01)
if self.args["ADVERTISING_STRATEGY"] == "flood":
if utils.booleanArg(self.args["MASTER_SPOOFING"]):
self.a2sEmitter.setAddress(packet.srcAddr,
random=packet.type == "random")
self.connectOnSlave(packet.type)
self.setStage(BLEMitmStage.ACTIVE_MITM)
io.info("Entering ACTIVE_MITM stage ...")
def connectOnSlave(self, initiatorType="public"):
while self.a2sEmitter.getMode() != "NORMAL":
utils.wait(seconds=1)
print(self.a2sEmitter.getMode())
address = utils.addressArg(self.args["TARGET"])
connectionType = self.args["CONNECTION_TYPE"]
self.responderAddress = address
self.responderAddressType = b"\x00" if self.args[
"CONNECTION_TYPE"] == "public" else b"\x01"
io.info("Connecting to slave " + address + "...")
self.a2sEmitter.sendp(
ble.BLEConnect(dstAddr=address,
type=connectionType,
initiatorType=initiatorType))
while not self.a2sEmitter.isConnected():
utils.wait(seconds=0.5)
io.success("Connected on slave : " +
self.a2sReceiver.getCurrentConnection())
def customConnect(self):
io.info("Trying to connect to slave")
connectReq = ble.BLEConnect(dstAddr=self.target, type='public')
self.module.emitter.sendp(connectReq)