Skip to content

Commit

Permalink
Add fully randomized names to blespam (#2207)
Browse files Browse the repository at this point in the history
* Add fully randomized names to blespam

* fix for all

* fix warning
  • Loading branch information
htotoo authored Jul 24, 2024
1 parent f13756d commit 2fdd531
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 2 deletions.
50 changes: 50 additions & 0 deletions firmware/application/external/blespam/ui_blespam.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,52 @@ void BLESpamView::createNameSpamPacket() {
std::copy(res.begin(), res.end(), advertisementData);
}

char BLESpamView::randomNameChar() {
int randVal = rand() % 62; // 26 uppercase + 26 lowercase + 10 digits
if (randVal < 26) {
return 'A' + randVal; // Uppercase letters
} else if (randVal < 52) {
return 'a' + (randVal - 26); // Lowercase letters
} else {
return '0' + (randVal - 52); // Digits
}
}

void BLESpamView::createNameRandomPacket() {
char name[] = " ";

uint8_t name_len = strlen(name);
for (uint8_t i = 0; i < name_len; ++i) {
name[i] = randomNameChar();
}

uint8_t size = 12 + name_len;
uint8_t i = 0;

packet[i++] = 2; // Size
packet[i++] = 0x01; // AD Type (Flags)
packet[i++] = 0x06; // Flags

packet[i++] = name_len + 1; // Size
packet[i++] = 0x09; // AD Type (Complete Local Name)
memcpy(&packet[i], name, name_len); // Device Name
i += name_len;

packet[i++] = 3; // Size
packet[i++] = 0x02; // AD Type (Incomplete Service UUID List)
packet[i++] = 0x12; // Service UUID (Human Interface Device)
packet[i++] = 0x18; // ...

packet[i++] = 2; // Size
packet[i++] = 0x0A; // AD Type (Tx Power Level)
packet[i++] = 0x00; // 0dBm

// size, packet
std::string res = to_string_hex_array(packet, size);
memset(advertisementData, 0, sizeof(advertisementData));
std::copy(res.begin(), res.end(), advertisementData);
}

void BLESpamView::createIosPacket(bool crash = false) {
uint8_t ios_packet_sizes[18] = {0, 0, 0, 0, 0, 24, 0, 31, 0, 12, 0, 0, 20, 0, 12, 11, 11, 17};
ContinuityType type;
Expand Down Expand Up @@ -550,6 +596,7 @@ void BLESpamView::createAnyPacket(bool safe) {
ATK_WINDOWS,
ATK_SAMSUNG,
ATK_NAMESPAM,
ATK_NAMERANDOM,
ATK_IOS_CRASH};
ATK_TYPE attackType = type[rand() % (COUNT_OF(type) - (1 ? safe : 0))];
createPacket(attackType);
Expand All @@ -572,6 +619,9 @@ void BLESpamView::createPacket(ATK_TYPE attackType) {
case ATK_NAMESPAM:
createNameSpamPacket();
break;
case ATK_NAMERANDOM:
createNameRandomPacket();
break;
case ATK_ALL_SAFE:
createAnyPacket(true);
break;
Expand Down
8 changes: 6 additions & 2 deletions firmware/application/external/blespam/ui_blespam.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ enum ATK_TYPE {
ATK_WINDOWS,
ATK_SAMSUNG,
ATK_NAMESPAM,
ATK_NAMERANDOM,
ATK_ALL_SAFE,
ATK_ALL
};
Expand Down Expand Up @@ -129,8 +130,9 @@ class BLESpamView : public View {
{"Windows", 3},
{"Samsung", 4},
{"NameSpam", 5},
{"All-Safe", 6},
{"All", 7}}};
{"NameRandom", 6},
{"All-Safe", 7},
{"All", 8}}};

bool is_running{false};

Expand All @@ -155,6 +157,7 @@ class BLESpamView : public View {
void createSamsungPacket();
void createWindowsPacket();
void createNameSpamPacket();
void createNameRandomPacket();
void createAnyPacket(bool safe);
void createPacket(ATK_TYPE attackType);
void changePacket(bool forced);
Expand All @@ -163,6 +166,7 @@ class BLESpamView : public View {
uint64_t get_freq_by_channel_number(uint8_t channel_number);
void randomizeMac();
void randomChn();
char randomNameChar();

void furi_hal_random_fill_buf(uint8_t* buf, uint32_t len);

Expand Down

0 comments on commit 2fdd531

Please sign in to comment.