hexway / apple_bleee Goto Github PK
View Code? Open in Web Editor NEWApple BLE research
License: GNU General Public License v3.0
Apple BLE research
License: GNU General Public License v3.0
Hi Guys,
I don't want to just run the scripts but I would like to also learn how to do it by capturing this data myself and replying with my own USB dongle, I believe I am doing the same but not getting the same results. Any help much appreciated :-)
Steps:
Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: HCI Event (0x04)
Bluetooth HCI Event - LE Meta
Advertising Data
Type: Manufacturer Specific (0xff)
Company ID: Apple, Inc. (0x004c)
Data: 0719010f2055aa38380018d6e589667f8a76f90050d2ff0f...
Exported that DATA as Hex Stream or C Array from Wireshark:
I have also tried to split the 31 bytes as done in the script adding the random 3bytes but it was not working : e.g. data=(data1 + left_speaker + right_speaker + case + data2)
After I got owl working with an active monitor mode, this is a the error I'm getting when trying to launch airdrop_leak
. I don't know how to debug this, please help.
Traceback (most recent call last):
File "/home/kali/Developer/apple_bleee/airdrop_leak.py", line 22, in <module>
from opendrop2.cli import AirDropCli
File "/home/kali/Developer/apple_bleee/opendrop2/cli.py", line 30, in <module>
from .client import AirDropBrowser, AirDropClient
File "/home/kali/Developer/apple_bleee/opendrop2/client.py", line 32, in <module>
from .util import AirDropUtil, AbsArchiveWrite
File "/home/kali/Developer/apple_bleee/opendrop2/util.py", line 57, in <module>
from ctypescrypto import cms, x509, pkey, oid
File "/usr/local/lib/python3.10/dist-packages/ctypescrypto/cms.py", line 18, in <module>
from ctypescrypto.x509 import StackOfX509
File "/usr/local/lib/python3.10/dist-packages/ctypescrypto/x509.py", line 731, in <module>
libcrypto.X509_NAME_hash.restype = c_long
File "/usr/lib/python3.10/ctypes/__init__.py", line 387, in __getattr__
func = self.__getitem__(name)
File "/usr/lib/python3.10/ctypes/__init__.py", line 392, in __getitem__
func = self._FuncPtr((name_or_ordinal, self))
AttributeError: /lib/arm-linux-gnueabihf/libcrypto.so.3: undefined symbol: X509_NAME_hash. Did you mean: 'X509_NAME_cmp'?
When running I get a phone number hash for wifi connection attempts, but the decoded hash does not match my phone number. Other phone hashes returned are nonsensical US phones (eg 1-044-555-5555) and 044 isn't a valid us area code. With just my single device to verify it is hard to see where the problem lies.
I'm on iPhone 6, iOS 12.3.1.
Hello,
I am currently using Parani-UD100 as the Bluetooth USB adapter to run the POC codes, but it seems the code is not working..
Do I have to use Adafruit Bluefruit LE Sniffer or a similar BLE sniffer? If so, you should consider changing the README file as "Bluetooth adapter for sniffing BLE messages"
hello!
I got it to work and I'm picking up nearby devices (probably neighbors), but it seems I can't pick up my own device (that recently updated to 12.4). Can you verify this still works with 12.4?
Thanks!
An error in 37 line while comparing two values. You should use ==, not is
. Else it isn't sure correct comparing result.
apple_bleee/hash2phone/hashmap_gen.py
Line 37 in 4b0224f
When running python3 ble_read_state.py Exception is printed all over the ble_read_state screen making it hard to read
Maybe new iOS version?
Is it possible to spoof the AirPods being connected to the iPhone? Currently it just says "Not Your Airpods" and I want to change the message
t:/apple_bleee$ python3 ble_read_state.py -h/apple_bleee$
Traceback (most recent call last):
File "ble_read_state.py", line 24, in
import bluetooth._bluetooth as bluez
ModuleNotFoundError: No module named 'bluetooth'
t:
ble_read_state.py
incorrectly detects iPhone state: Home screen/Lock screen goes as WiFi on/off.
iOS 12.4
Getting this when I run:
python ble_read_state.py
Weirdly, in the PyBluez
package it's got the same _bluetooth
import-- and it can't find it either. I cloned the PyBluez
project from GitHub and have searched all of the source code and it's just not there.
I'm using Python 3.7 on MacOS (Mojave, I believe). I know it's experimental but perhaps there's an alternative package I can use/install?
root@server:~/source/AppleBleee/apple_bleee/hash2phone# python ./hashmap_gen.py 0450
0 % complete
Traceback (most recent call last):
File "./hashmap_gen.py", line 45, in
strhash = str(bhash).encode()
UnicodeDecodeError: 'ascii' codec can't decode byte 0x8a in position 0: ordinal not in range(128)
This happens when trying to create a hash list.
Exception in ./utils/bluetooth_utils.py running ble_read_state.py
Exception is printed all over the ble_read_state screen making it hard to read
Maybe due to new hardware IDs not included in the code (AirPods Pro?)
Help solve the problem.
I get the following error when running "ble read state.py " --SystemError :PY_SSIZE_T_CLEAN macro must be defined for '#' formats
It works for me but when using the adv_wifi.py - how do one get the actual
wireless code / WPA2 when the victim presses "OK share the code"
I can see - when sniffing bluetooth - that some data is transmittet.
Can you share some lights on how to get that data ?
Regards Mr. T
Am I doing something wrong, or has the protocol changed and the script doesn't work? Could you confirm or deny?
Is the bluetooth adapter built into the laptop suitable?
Thank you
Does the WiFi Sharing script still work for an iPhone X on iOS 16?
Thanks for the demos. I find this really interesting!
I tried getting this to run on my Mac, but couldn't. The things that helped me were to install pybluez
directly from their GitHub repo instead of from their old release on PyPI.
I've left some instructions here on how to do that here: https://stackoverflow.com/a/57210242/872328
Basically:
$ pip install git+https://github.com/pybluez/pybluez.git
And then you can just:
# import bluetooth._bluetooth
import bluetooth
However, then I ran into this issue:
$ python ble_read_state.py
Traceback (most recent call last):
File "ble_read_state.py", line 60, in <module>
toggle_device(dev_id, True)
File "/code/open-source/apple_bleee/utils/bluetooth_utils.py", line 88, in toggle_device
hci_sock = socket.socket(socket.AF_BLUETOOTH,
AttributeError: module 'socket' has no attribute 'AF_BLUETOOTH'
This is where I gave up. I'm hoping someone else can figure out if it's possible or if there is a critical missing dependency on Mac that hasn't been ported over from Linux yet.
Can you please add a license to which research this was released under?
Exception when calling handler with a BLE advertising event: Ke92error('564a')
On Mint 19.1, even after pip install psycopg2, hash2phone reports ImportError: No module named psycopg2. Solution was to apt install python-psycopg2.
Sometimes I get strange hashes values. Empty Phone hash and Email hash, but correct AppleID hash. The same phone sometimes returns correct phone hash.
I also get this error sometimes while ble_read_state.py
running:
Exception when calling handler with a BLE advertising event: ValueError("invalid literal for int() with base 16: ''")
Kali linux 2019.3
Bluetooth usb dongle CSR8510
i installed everything from requirements.txt, but still cant import bluetooth._bluetooth as bluez
CMake Deprecation Warning at googletest/CMakeLists.txt:4 (cmake_minimum_required):
Compatibility with CMake < 2.8.12 will be removed from a future version of
CMake.
Update the VERSION argument value or use a ... suffix to tell
CMake that the project does not need compatibility with older versions.
CMake Deprecation Warning at googletest/googlemock/CMakeLists.txt:45 (cmake_minimum_required):
Compatibility with CMake < 2.8.12 will be removed from a future version of
CMake.
Update the VERSION argument value or use a ... suffix to tell
CMake that the project does not need compatibility with older versions.
CMake Deprecation Warning at googletest/googletest/CMakeLists.txt:56 (cmake_minimum_required):
Compatibility with CMake < 2.8.12 will be removed from a future version of
CMake.
Update the VERSION argument value or use a ... suffix to tell
CMake that the project does not need compatibility with older versions.
-- Configuring done
-- Generating done
-- Build files have been written to: /home/xthr0/apple_bleee/owl/build
Consolidate compiler generated dependencies of target radiotap
[ 5%] Built target radiotap
Consolidate compiler generated dependencies of target awdl
[ 51%] Built target awdl
Consolidate compiler generated dependencies of target owl
[ 64%] Built target owl
Consolidate compiler generated dependencies of target gtest
[ 67%] Building CXX object googletest/googletest/CMakeFiles/gtest.dir/src/gtest-all.cc.o
In file included from /home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-all.cc:42:
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc: In function ‘bool testing::internal::StackGrowsDown()’:
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc:1301:24: error: ‘dummy’ may be used uninitialized [-Werror=maybe-uninitialized]
1301 | StackLowerThanAddress(&dummy, &result);
| ~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc:1290:13: note: by argument 1 of type ‘const void*’ to ‘void testing::internal::StackLowerThanAddress(const void*, bool*)’ declared here
1290 | static void StackLowerThanAddress(const void* ptr, bool* result) {
| ^~~~~~~~~~~~~~~~~~~~~
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc:1299:7: note: ‘dummy’ declared here
1299 | int dummy;
| ^~~~~
cc1plus: all warnings being treated as errors
make[2]: *** [googletest/googletest/CMakeFiles/gtest.dir/build.make:76: googletest/googletest/CMakeFiles/gtest.dir/src/gtest-all.cc.o] Error 1
make[1]: *** [CMakeFiles/Makefile2:322: googletest/googletest/CMakeFiles/gtest.dir/all] Error 2
make: *** [Makefile:136: all] Error 2
Any chance this is going to get updated? I used this tool suite in 2020 or 2021 in its infancy, and it was awesome. Fast forward four or five years, and it is incredibly broken. I just installed all dependencies (both apt and pip), as well as owl and the other, and i think every single component of this suite is broken. there were macro issues, py ctype issues, x509 function call issues, you name it, they were there.
I understand this suite is years old and is probably broken by updated/new packages, but if you could possibly provide a poetry package or even a versions list for the apt dependencies and the same in the python requirements file, folks that want to download this could set up a virtual runtime space and continue to use this awesome tool. Thanks for any insight or assistance.
Set up according to the instructions in a VM ubuntu. However, i am unable to listen to any bluetooth connection. Anyone met with similar issue?
I googled and didn't find anything, if there is an up-to-date one that works could you share?
I have owl and ble_read_state.py running side by side, a lot of traffic is coming through in owl, yet nothing is showing up in apple devices scanner (as shown in attachment). Is everything set up right? Here's the configuration of awdl0 pulled from ip addr (mac addresses have been removed):
12: awdl0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link valid_lft forever preferred_lft forever
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.