def run(self):
self.emitter = self.getEmitter(interface=self.args['INTERFACE'])
self.receiver = self.getReceiver(interface=self.args['INTERFACE'])
self.currentChannel = self.emitter.getChannel()
self.initializeCallbacks()
if self.checkCommunicationCapabilities():
if self.args["TARGET"] != "":
self.emitter.enterSnifferMode(self.args["TARGET"])
self.target = self.args["TARGET"].upper()
self.updatePrompt(self.target)
else:
self.updatePrompt()
if self.loadScenario():
self.scenarioStop = False
io.info("Scenario loaded !")
self.startScenario()
while not self.scenarioStop:
utils.wait(seconds=0.1)
self.endScenario()
else:
interpreter.Interpreter.loop(self)
return self.ok()
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to communicate as a PRX device.")
return self.nok()
def onMasterWriteRequest(self, packet):
# Changing RGB values
if packet.handle == 0x21 and b"\x55\x13" in packet.value:
print(packet)
value = (packet.value[0:2] + bytes(
[packet.value[4], packet.value[2], packet.value[3]]) + b"\r\n")
io.info("Changing RGB values ...")
self.a2sEmitter.sendp(
ble.BLEWriteRequest(handle=packet.handle, value=value))
return False
# Changing on/off packets
elif packet.handle == 0x21 and b"\x55\x10\x01\x0d\x0a" == packet.value:
for _ in range(3):
io.info("Day !")
self.a2sEmitter.sendp(
ble.BLEWriteCommand(handle=packet.handle,
value=b"\x55\x10\x01\x0d\x0a"))
utils.wait(seconds=1)
io.info("Night !")
self.a2sEmitter.sendp(
ble.BLEWriteCommand(handle=packet.handle,
value=b"\x55\x10\x00\x0d\x0a"))
utils.wait(seconds=1)
return True
def run(self):
self.emitter = self.getEmitter(interface=self.args["INTERFACE"])
if self.checkCapabilities():
if utils.isNumber(self.args["CHANNEL"]):
self.emitter.setChannel(utils.integerArg(self.args["CHANNEL"]))
else:
io.fail("You must provide a channel number !")
return self.nok()
self.pcapReceiver = self.getReceiver(
interface=self.args["PCAP_FILE"])
io.info("Extracting packet stream from PCAP ...")
stream = self.pcapReceiver.generateStream()
io.success("Packet stream successfully extracted !")
io.info("Injecting ...")
self.emitter.sendp(*stream)
for i in stream:
i.show()
while not self.emitter.isTransmitting():
utils.wait(seconds=0.1)
while self.emitter.isTransmitting():
utils.wait(seconds=0.1)
io.success("Injection done !")
return self.ok()
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to inject frames.")
return self.nok()
def run(self):
interface = self.args["INTERFACE"]
self.emitter = self.getEmitter(interface=interface)
self.receiver = self.getReceiver(interface=interface)
if self.checkCapabilities():
self.initializeServer()
if self.args["ATT_FILE"] != "" and self.fileExists(
self.args["ATT_FILE"]):
self.importATT()
elif self.args["GATT_FILE"] != "" and self.fileExists(
self.args["GATT_FILE"]):
self.importGATT()
else:
io.info("No filename provided : empty database !")
self.initializeCallbacks()
if self.loadScenario():
io.info("Scenario loaded !")
self.startScenario()
while not self.emitter.isConnected():
utils.wait(seconds=0.01)
while self.emitter.isConnected():
utils.wait(seconds=0.01)
self.endScenario()
else:
interpreter.Interpreter.loop(self)
return self.ok()
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to communicate as a slave.")
return self.nok()
def run(self):
interface = self.args["INTERFACE"]
timeout = utils.integerArg(self.args["TIMEOUT"])
self.emitter = self.getEmitter(interface=interface)
self.receiver = self.getReceiver(interface=interface)
if self.checkCapabilities():
io.info("Trying to connect to : " + self.args["TARGET"] +
" (type : " + self.args["CONNECTION_TYPE"] + ")")
self.emitter.sendp(
ble.BLEConnect(self.args["TARGET"],
type=self.args["CONNECTION_TYPE"]))
while not self.receiver.isConnected() and timeout > 0:
timeout -= 1
utils.wait(seconds=1)
if self.receiver.isConnected():
io.success("Connected on device : " + self.args["TARGET"])
return self.ok({"INTERFACE": self.args["INTERFACE"]})
else:
io.fail("Error during connection establishment !")
self.emitter.sendp(ble.BLEConnectionCancel())
return self.nok()
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to initiate connection.")
return self.nok()
def connect(self, packet):
if self.getStage() == BLEMitmStage.WAIT_CONNECTION:
io.success("Master connected : " + packet.srcAddr)
self.initiatorAddress = packet.srcAddr
self.initiatorAddressType = b"\x00" if packet.type == "public" else b"\x01"
if self.args["ADVERTISING_STRATEGY"] == "preconnect":
if utils.booleanArg(self.args["MASTER_SPOOFING"]):
self.a2sEmitter.sendp(ble.BLEDisconnect())
while self.a2sEmitter.isConnected():
utils.wait(seconds=0.01)
self.a2sEmitter.setAddress(packet.srcAddr,
random=packet.type == "random")
address = utils.addressArg(self.args["TARGET"])
connectionType = self.args["CONNECTION_TYPE"]
io.info("Connecting to slave " + address + "...")
self.a2sEmitter.sendp(
ble.BLEConnect(dstAddr=address,
type=connectionType,
initiatorType=packet.type))
while not self.a2sEmitter.isConnected():
utils.wait(seconds=0.01)
if self.args["ADVERTISING_STRATEGY"] == "flood":
if utils.booleanArg(self.args["MASTER_SPOOFING"]):
self.a2sEmitter.setAddress(packet.srcAddr,
random=packet.type == "random")
self.connectOnSlave(packet.type)
self.setStage(BLEMitmStage.ACTIVE_MITM)
io.info("Entering ACTIVE_MITM stage ...")
def send_deauth(self):
packet_count = utils.integerArg(self.args["COUNT"])
if packet_count == 0:
count = 0
while True:
if self.args["MODE"].lower(
) == "both" or self.args["MODE"].lower() == "deauthentication":
self.emitter.sendp(self.deauth_packet)
if self.args["MODE"].lower(
) == "both" or self.args["MODE"].lower() == "disassociation":
self.emitter.sendp(self.disas_packet)
utils.wait(seconds=0.05)
count += 1
if count % 100 == 0 and utils.booleanArg(self.args['VERBOSE']):
io.info("Sent {} deauthentication packets via {}".format(
count, self.args["INTERFACE"]))
else:
for count in range(packet_count):
if self.args["MODE"].lower(
) == "both" or self.args["MODE"].lower() == "deauthentication":
self.emitter.sendp(self.deauth_packet)
if self.args["MODE"].lower(
) == "both" or self.args["MODE"].lower() == "disassociation":
self.emitter.sendp(self.disas_packet)
utils.wait(seconds=0.05)
if count % 100 == 0 and utils.booleanArg(self.args['VERBOSE']):
io.info("Sent {} deauthentication packets via {}".format(
count, self.args["INTERFACE"]))
def _sweepingThread(self):
for channel in self.sweepingSequence:
if ((self.sniffingMode == BLESniffingMode.NEW_CONNECTION
and not self.synchronized)
or self.sniffingMode == BLESniffingMode.ADVERTISEMENT):
self.setChannel(channel=channel)
utils.wait(seconds=0.1)
def sniffAdvertisements(self,target, channel):
if len(self.receivers) == 1:
enabled,sweepingSequence = self.sweepingParameter()
if enabled:
self.receivers[0].setSweepingMode(enable=True,sequence=sweepingSequence)
self.receivers[0].sniffAdvertisements(address=target, channel=channel)
self.receivers[0].onEvent("*", callback=self.show)
elif len(self.receivers) == 2:
self.receivers[0].sniffAdvertisements(address=target,channel=37)
self.receivers[1].sniffAdvertisements(address=target,channel=38)
self.receivers[0].onEvent("*", callback=self.show)
self.receivers[1].onEvent("*", callback=self.show)
elif len(self.receivers) == 3:
self.receivers[0].sniffAdvertisements(address=target,channel=37)
self.receivers[1].sniffAdvertisements(address=target,channel=38)
self.receivers[2].sniffAdvertisements(address=target,channel=39)
self.receivers[0].onEvent("*", callback=self.show)
self.receivers[1].onEvent("*", callback=self.show)
self.receivers[2].onEvent("*", callback=self.show)
else:
io.fail("No sniffer detected !")
return self.nok()
while True:
utils.wait(seconds=0.01)
def recv(self):
'''
This method allows to receive raw HCI packets from the HCI device.
'''
self._enterListening()
try:
if self.socket is not None and self.socket.fileno(
) != -1 and self.socket.readable():
packet = self._recv()
#packet.show()
if self._commandModeEnabled() and packet.type == 0x04:
self.commandResponses.put(packet)
return None
else:
self._exitListening()
return packet
else:
self._exitListening()
utils.wait(seconds=0.0001)
return None
# An error may occur during a socket restart
except OSError as e:
self._exitListening()
return None
def resetUbertooth(cls,index=0):
'''
This class method allows to reset the Ubertooth, by providing the device's index.
:param index: device's index
:type index: int
:return: boolean indicating if the reset operation was successful
:rtype: bool
:Example:
>>> BtUbertoothDevice.resetUbertooth(0)
True
'''
try:
device = list(usb.core.find(idVendor=UBERTOOTH_ID_VENDOR,idProduct=UBERTOOTH_ID_PRODUCT,find_all=True))[index]
bus = str(device.bus).zfill(3)
addr = str(device.address).zfill(3)
filename = "/dev/bus/usb/"+bus+"/"+addr
ioctl(open(filename,"w"),USBDEVFS_RESET,0)
device.ctrl_transfer(CTRL_OUT,UBERTOOTH_RESET,0, 0)
utils.wait(seconds=1)
return True
except (IOError,IndexError):
io.fail("Unable to reset ubertooth device : #"+str(index))
return False
def run(self):
interface = self.args["INTERFACE"]
self.emitter = self.getEmitter(interface=interface)
if self.checkCapabilities():
if self.emitter.isConnected():
self.emitter.sendp(ble.BLEDisconnect())
while self.emitter.isConnected():
utils.wait(seconds=0.01)
address = (self.emitter.getAddress()
if self.args["ADVERTISING_ADDRESS"] == "" else
utils.addressArg(self.args["ADVERTISING_ADDRESS"]))
if address != self.emitter.getAddress():
self.emitter.setAddress(address)
if utils.isHexadecimal(self.args["SCANNING_DATA"]):
scanningData = bytes.fromhex(self.args["SCANNING_DATA"])
else:
scanningData = b""
if utils.isHexadecimal(self.args["ADVERTISING_DATA"]):
advertisingData = bytes.fromhex(self.args["ADVERTISING_DATA"])
else:
advertisingData = b""
destAddress = ("00:00:00:00:00:00"
if self.args["DESTINATION_ADDRESS"] == "" else
utils.addressArg(self.args["DESTINATION_ADDRESS"]))
intervalMin = utils.integerArg(self.args["INTERVAL_MIN"])
intervalMax = utils.integerArg(self.args["INTERVAL_MAX"])
advertisingType = self.args["ADVERTISING_TYPE"].upper()
advertisingAddressType = "public" if self.args[
"ADVERTISING_ADDRESS_TYPE"].lower() == "public" else "random"
destinationAddressType = "public" if self.args[
"DESTINATION_ADDRESS_TYPE"].lower() == "public" else "random"
self.emitter.setScanningParameters(data=scanningData)
self.emitter.setAdvertisingParameters(
type=advertisingType,
destAddr=destAddress,
data=advertisingData,
intervalMin=intervalMin,
intervalMax=intervalMax,
daType=advertisingAddressType,
oaType=destinationAddressType)
self.emitter.setAdvertising(
enable=utils.booleanArg(self.args["ENABLE"]))
time = utils.integerArg(
self.args['TIME']) if self.args["TIME"] != "" else -1
while time != 0:
utils.wait(seconds=1)
time -= 1
return self.ok({"INTERFACE": self.args["INTERFACE"]})
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to send advertisements.")
return self.nok()
def _poll(self):
try:
result = self.ubertooth.ctrl_transfer(CTRL_IN,UBERTOOTH_POLL,0, 0,512,timeout=100)
utils.wait(seconds=0.001)
except usb.core.USBError as e:
#io.fail("USB Error : "+str(e))
return array.array('B',[])
return result
def run(self):
self.emitter = self.getEmitter(interface=self.args['INTERFACE'])
self.receiver = self.getReceiver(interface=self.args['INTERFACE'])
self.windowSize = utils.integerArg(self.args['WINDOW'])
self.n = utils.integerArg(self.args['ENVIRONMENT_FACTOR'])
self.devices = {}
self.connections = {}
# store rssi values over time
self.values = {}
self.deviceCallback = self.args['DEVICE_CALLBACK'] if callable(
self.args['DEVICE_CALLBACK']) else self.display
self.connectionCallback = self.args['CONNECTION_CALLBACK'] if callable(
self.args['CONNECTION_CALLBACK']) else self.display
self._dirty = False
self.scanningTime = utils.integerArg(
self.args['TIME']) if self.args["TIME"] != "" else -1
scanDev = self.args['SCAN_TYPE'] == 'all' or self.args[
'SCAN_TYPE'] == 'devices'
if scanDev:
io.info('Scanning for existing devices')
self.receiver.setSweepingMode(enable=True, sequence=[37, 38, 39])
self.receiver.sniffAdvertisements(address="FF:FF:FF:FF:FF:FF")
self.receiver.onEvent("*", callback=self.onAdvertisement)
remainingTime = self.scanningTime
while remainingTime != 0:
utils.wait(seconds=1)
remainingTime -= 1
if (self._dirty):
self.deviceCallback(self.devices)
self._dirty = False
# stop listening for advertisements
self.receiver.setSweepingMode(enable=False)
self.receiver.removeCallbacks()
scanConn = self.args['SCAN_TYPE'] == 'all' or self.args[
'SCAN_TYPE'] == 'connections'
if scanConn:
io.info('Scanning for existing connections')
self.receiver.scanExistingConnections(
onConnection=self.onConnectionFound,
resetState=self.args['SCAN_TYPE'] == 'all')
remainingTime = self.scanningTime
while remainingTime != 0:
utils.wait(seconds=1)
remainingTime -= 1
if (self._dirty):
self.connectionCallback(self.connections)
self._dirty = False
return self.ok({
'devices': self.devices,
'connections': self.connections
})
def show(self):
io.info("Received frames: (Ctrl + C to exit)")
self.showMode = True
try:
while True:
utils.wait(seconds=0.1)
except KeyboardInterrupt:
self.showMode = False
sys.stdout.write("\r")
self.updatePrompt(self.target if self.target is not None else "")
def send(self,packet): calcFcs = fcs(bytes(packet)) self.receivePipeline.stop() self.transmitPipeline.start() packet = bytes(packet)+calcFcs packet = bytes([len(packet)])+packet self.transmitPipeline.setInput(packet) utils.wait(seconds=0.75) self.transmitPipeline.stop() self.receivePipeline.start()
def disconnect(self):
if self.receiver.isConnected():
self.emitter.sendp(ble.BLEDisconnect())
utils.wait(seconds=1)
io.success("Disconnected !")
if self.receiver.isConnected():
self.updatePrompt(self.emitter.getCurrentConnection())
else:
self.updatePrompt()
else:
io.fail("No active connections !")
def _setTarget(self, target="00:00:00:00:00:00"):
utils.wait(seconds=1)
data = array.array(
"B",
bytes.fromhex(target.replace(":", "")) + bytes(0x30))
self.ubertooth.ctrl_transfer(CTRL_OUT,
UBERTOOTH_BTLE_SET_TARGET,
0,
0,
data,
timeout=5000)
def run(self):
self.emitter = self.getEmitter(interface=self.args["INTERFACE"])
self.receiver = self.getReceiver(interface=self.args["INTERFACE"])
if self.checkInjectingCapabilities():
self.pcapReceiver = self.getReceiver(interface=self.args["PCAP_FILE"])
self.target = "FF:FF:FF:FF:FF" if self.args["TARGET"] == "" else utils.addressArg(self.args["TARGET"])
if self.target == "FF:FF:FF:FF:FF" and not self.checkPassiveScanningCapabilities():
io.fail("Interface provided ("+str(self.args["INTERFACE"])+") is not able to scan in promiscuous mode, you have to provide a specific target.")
return self.nok()
if self.target != "FF:FF:FF:FF:FF" and self.args["CHANNEL"].lower() == "auto" and not self.checkActiveScanningCapabilities():
io.fail("Interface provided ("+str(self.args["INTERFACE"])+") is not able to perform an active scan.")
return self.nok()
if self.target == "FF:FF:FF:FF:FF":
io.info("Promiscuous mode enabled ! Every frame contained in the file indicated in PCAP_FILE will be transmitted.")
self.emitter.enterPromiscuousMode()
else:
io.info("Sniffing mode enabled !")
self.emitter.enterSnifferMode(address=self.target)
if utils.isNumber(self.args["CHANNEL"]):
self.emitter.setChannel(utils.integerArg(self.args["CHANNEL"]))
elif self.args["CHANNEL"].lower() == "auto":
self.searchChannel()
else:
io.fail("A channel must be provided in order to perform an injection.")
return self.nok()
io.info("Extracting packet stream from PCAP ...")
stream = self.pcapReceiver.generateStream()
io.success("Packet stream successfully extracted !")
io.info("Injecting ...")
self.emitter.sendp(*stream)
while not self.emitter.isTransmitting():
utils.wait(seconds=0.1)
while self.emitter.isTransmitting():
utils.wait(seconds=0.1)
io.success("Injection done !")
return self.ok()
else:
io.fail("Interface provided ("+str(self.args["INTERFACE"])+") is not able to inject.")
return self.nok()
def run(self):
self.receiver = self.getReceiver(interface=self.args["INTERFACE"])
if self.checkCapabilities():
if utils.isNumber(self.args["CHANNEL"]):
self.receiver.setChannel(utils.integerArg(
self.args["CHANNEL"]))
else:
io.fail("You must provide a channel number !")
return self.nok()
if self.args["TARGET_PANID"] != "":
self.targetPanID = utils.integerArg(self.args["TARGET_PANID"])
else:
self.targetPanID = None
if self.args["TARGET"] != "" and self.args["TARGET"][2:].upper(
) != "FFFF" and self.args["TARGET"].upper(
) != "FF:FF:FF:FF:FF:FF:FF:FF":
if utils.isNumber(self.args["TARGET"]):
self.target = utils.integerArg(self.args["TARGET"])
else:
self.target = zigbee.convertAddress(self.args["TARGET"])
else:
self.target = None
if self.args["PCAP_FILE"] != "":
self.pcap = self.getEmitter(interface=self.args["PCAP_FILE"])
else:
self.pcap = None
self.receiver.onEvent("*", callback=self.show)
time = utils.integerArg(
self.args['TIME']) if self.args["TIME"] != "" else None
start = utils.now()
while utils.now() - start <= time if time is not None else True:
utils.wait(seconds=0.1)
self.receiver.removeCallbacks()
output = {
"CHANNEL": self.args["CHANNEL"],
"INTERFACE": self.args["INTERFACE"],
"PCAP_FILE": self.args["PCAP_FILE"]
}
return self.ok(output)
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to sniff and inject frames.")
return self.nok()
def run(self):
self.receiver = self.getReceiver(interface=self.args["INTERFACE"])
self.emitter = self.getEmitter(interface=self.args["INTERFACE"])
if self.checkCapabilities():
self.receiver.enterSnifferMode(
utils.addressArg(self.args["TARGET"]))
if self.checkInjectionSyncCapabilities():
if utils.booleanArg(self.args["SYNC"]):
self.receiver.enableSync()
else:
self.receiver.disableSync()
else:
io.warning(
"Synchronized injection is not supported by this interface, the SYNC parameter will be ignored ..."
)
self.receiver.setChannel(utils.integerArg(self.args["CHANNEL"]))
if self.args["TEXT"] != "":
keystrokes = self.addMosartText(self.args["TEXT"])
self.emitter.sendp(*keystrokes)
while not self.emitter.isTransmitting():
utils.wait(seconds=0.1)
while self.emitter.isTransmitting():
utils.wait(seconds=0.1)
elif self.args["DUCKYSCRIPT"] != "":
parser = DuckyScriptParser(filename=self.args["DUCKYSCRIPT"])
keystrokes = parser.generatePackets(
textFunction=self.addMosartText,
initFunction=self.startMosartInjection,
keyFunction=self.addMosartKeystroke,
sleepFunction=self.addMosartDelay)
self.emitter.sendp(*keystrokes)
while not self.emitter.isTransmitting():
utils.wait(seconds=0.1)
while self.emitter.isTransmitting():
utils.wait(seconds=0.1)
elif utils.booleanArg(self.args["INTERACTIVE"]):
self.stop = False
self.watchKeyboard()
while not self.stop:
utils.wait(seconds=0.5)
return self.ok()
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to inject frames and run in sniffing mode.")
return self.nok()
def _sweepingThread(self):
for channel in self.sweepingSequence:
self.setChannel(channel=channel)
if self.sniffingMode is not None:
if self.sniffingMode == BLESniffingMode.ADVERTISEMENT:
self._internalCommand(
BTLEJack_Advertisements_Command() /
BTLEJack_Advertisements_Enable_Sniff_Command(
channel=channel),
noResponse=True)
elif self.sniffingMode == BLESniffingMode.NEW_CONNECTION and not self.synchronized:
self._sniffConnectionRequests(address=self.lastTarget,
channel=channel)
utils.wait(seconds=0.1)
def run(self):
self.receiver = self.getReceiver(interface=self.args["INTERFACE"])
if self.checkCapabilities():
self.receiver.onEvent("BLEAdvertisement",callback=self.scan)
time = utils.integerArg(self.args['TIME']) if self.args["TIME"] != "" else -1
self.receiver.setScan(enable=True)
while time != 0:
utils.wait(seconds=1)
time -= 1
self.updateDevices()
self.receiver.setScan(enable=False)
return self.generateOutput()
else:
io.fail("Interface provided ("+self.args["INTERFACE"]+") is not able to scan.")
return self.nok()
def run(self):
self.receiver = self.getReceiver(interface=self.args["INTERFACE"])
if self.checkSniffingCapabilities():
self.target = "FF:FF:FF:FF" if self.args[
"TARGET"] == "" else self.args["TARGET"].upper()
if self.target == "FF:FF:FF:FF":
self.receiver.enterPromiscuousMode()
else:
self.receiver.enterSnifferMode(self.target)
if self.args["PCAP_FILE"] != "":
self.pcap = self.getEmitter(interface=self.args["PCAP_FILE"])
if utils.booleanArg(self.args["DONGLE_PACKETS"]):
self.receiver.enableDonglePackets()
else:
self.receiver.disableDonglePackets()
if self.args["CHANNEL"] == "" or self.args["CHANNEL"].lower(
) == "auto":
while not self.find():
io.info("Retrying ...")
else:
self.receiver.setChannel(utils.integerArg(
self.args["CHANNEL"]))
self.receiver.onEvent("*", callback=self.show)
time = utils.integerArg(
self.args['TIME']) if self.args["TIME"] != "" else None
start = utils.now()
while utils.now() - start <= time if time is not None else True:
utils.wait(seconds=0.5)
self.receiver.removeCallbacks()
if self.pcap is not None:
self.pcap.stop()
output = {}
output["MOUSE_FILE"] = self.args["MOUSE_FILE"]
output["PCAP_FILE"] = self.args["PCAP_FILE"]
output["TARGET"] = self.target
output["CHANNEL"] = str(int(self.receiver.getChannel()))
return self.ok(output)
else:
io.fail("Interface provided (" + str(self.args["INTERFACE"]) +
") is not able to run in sniffing mode.")
return self.nok()
def jamAdvertisements(self):
if self.checkAdvertisementsJammingCapabilities():
channel = utils.integerArg(self.args["CHANNEL"])
if self.args["TARGET"] != "":
target = utils.addressArg(self.args["TARGET"])
pattern = bytes.fromhex(target.replace(":", ""))[::-1]
offset = 2
elif (utils.isNumber(self.args["OFFSET"])
and utils.isHexadecimal(self.args["PATTERN"])
and self.args["OFFSET"] != ""
and self.args["PATTERN"] != ""):
pattern = bytes.fromhex(self.args["PATTERN"])
offset = utils.integerArg(self.args["OFFSET"])
else:
io.fail(
"You must provide a dewhitened pattern and an offset, or a target to jam."
)
return self.nok()
if len(self.emitters) == 1:
self.emitters[0].jamAdvertisements(pattern=pattern,
offset=offset,
channel=channel)
if len(self.emitters) == 2:
self.emitters[0].jamAdvertisements(pattern=pattern,
offset=offset,
channel=channel)
self.emitters[1].jamAdvertisements(
pattern=pattern,
offset=offset,
channel=(channel + 1 if channel < 39 else 37))
if len(self.emitters) == 3:
self.emitters[0].jamAdvertisements(pattern=pattern,
offset=offset,
channel=37)
self.emitters[1].jamAdvertisements(pattern=pattern,
offset=offset,
channel=38)
self.emitters[2].jamAdvertisements(pattern=pattern,
offset=offset,
channel=39)
while True:
utils.wait(seconds=0.01)
else:
io.fail("Interfaces provided are not able to jam advertisements.")
return self.nok()
def findNRFSniffers(cls, index=None):
'''
This class method allows to find a specific NRFSniffer device, by providing the device's index.
If no index is provided, it returns a list of every devices found.
If no device has been found, None is returned.
:param index: device's index
:type index: int
:return: string indicating the device
:rtype: str
:Example:
>>> NRFSnifferDevice.findNRFSniffers(0)
'/dev/ttyACM0'
>>> NRFSnifferDevice.findNRFSniffers()
['/dev/ttyACM0','/dev/ttyACM1']
'''
devices = [i[0] for i in comports()]
nrfsniffers = []
for device in devices:
attempts = 10
while attempts > 0 and device not in nrfsniffers:
try:
ser = Serial(port=device, baudrate=460800, timeout=5)
# Fingerprinting using Ping packet.
# Looks dirty in my opinion but I don't find a most elegant way.
ser.write(b"\xab\x06\x00\x01\x00\x00\x0d\xbc")
utils.wait(seconds=1)
response = b""
while ser.in_waiting:
response += ser.read(1)
if b"\x57\x04\xbc" in response:
nrfsniffers.append(device)
except:
attempts -= 1
utils.wait(seconds=1)
if index is None:
return nrfsniffers
else:
try:
nrfsniffer = nrfsniffers[index]
except IndexError:
return None
return nrfsniffer
return None
def run(self):
self.receiver = self.getReceiver(interface=self.args["INTERFACE"])
if self.checkCapabilities():
frequency = self.receiver.getFrequency()
if frequency != utils.integerArg(self.args["FREQUENCY"]):
self.receiver.setFrequency(utils.integerArg(self.args["FREQUENCY"]))
self.count = utils.integerArg(self.args["NUMBER"]) if utils.isNumber(self.args["NUMBER"]) else 1
self.receiver.onEvent("*",callback=self.show)
self.receiver.waitData()
while self.count > 0:
utils.wait(seconds=0.5)
output = self.generateOutput()
return self.ok(output)
else:
io.fail("Interface provided ("+str(self.args["INTERFACE"])+") is not able to sniff IR signals.")
return self.nok()
def monitoring(self):
self.receiver.onEvent("*", callback=self.onPacket)
try:
if self.args["TIME"] == "":
while True:
utils.wait(seconds=0.00001)
elif utils.isNumber(self.args["TIME"]):
time = utils.integerArg(self.args["TIME"])
start = utils.now()
while utils.now() - start < time:
utils.wait(seconds=0.0000001)
else:
io.fail("You have provided a wrong TIME value.")
return self.nok()
except KeyboardInterrupt:
pass
def _pingPRX(self): utils.wait(seconds=1) self.ackLock.acquire() self.emitter.sendp(esb.ESBPingRequestPacket(address=self.target)) found = False start = utils.now() while utils.now() - start < 1: if self.ack: found = True break self.ack = False if not found: self.onPingFailure() while not self.emitter.scan(): utils.wait(seconds=0.1) self.onPRXFound() self.currentChannel = self.emitter.getChannel() self.updatePrompt(self.target) self.ackLock.release()
def sniffNewConnections(self, address='FF:FF:FF:FF:FF:FF', channel=None):
'''
This method starts the new connections sniffing mode.
:param address: selected address - if not provided, no filter is applied (format : "1A:2B:3C:4D:5E:6F")
:type address: str
:param channel: selected channel - if not provided, channel 37 is selected
:type channel: int
:Example:
>>> device.sniffNewConnections()
>>> device.sniffNewConnections(channel=38)
>>> device.sniffNewConnections(address="1A:2B:3C:4D:5E:6F")
.. note::
This method is a **shared method** and can be called from the corresponding Emitters / Receivers.
'''
self.synchronized = False
self.sniffingMode = BLESniffingMode.NEW_CONNECTION
self.lastTarget = address
if self.sweepingMode:
self._setChannels(self.sweepingSequence)
else:
if channel is None:
channel = 37
self._setChannel(channel)
if address.upper() == "FF:FF:FF:FF:FF:FF":
io.fail(
"NRFSniffer requires to target a specific device in order to sniff a connection."
)
else:
self._scanContinuously()
while address.upper() not in self.targets:
utils.wait(seconds=1)
io.success("Target found :" + address.upper() + " [ " +
self.targets[address.upper()] + " ]")
self._followTarget(address,
self.targets[address.upper()],
advertisementsOnly=False)