mirror of
https://github.com/justcallmekoko/ESP32Marauder.git
synced 2025-12-23 07:29:14 -08:00
Spoof airtags
This commit is contained in:
Just Call Me Koko
@@ -592,6 +592,7 @@ void MenuFunctions::main(uint32_t currentTime)
|
||||
(wifi_scan_obj.currentScanMode == BT_ATTACK_SAMSUNG_SPAM) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_ATTACK_GOOGLE_SPAM) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_ATTACK_FLIPPER_SPAM) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SPOOF_AIRTAG) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SCAN_WAR_DRIVE) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SCAN_WAR_DRIVE_CONT) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SCAN_SKIMMERS))
|
||||
@@ -658,6 +659,7 @@ void MenuFunctions::main(uint32_t currentTime)
|
||||
(wifi_scan_obj.currentScanMode == BT_ATTACK_SAMSUNG_SPAM) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_ATTACK_GOOGLE_SPAM) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_ATTACK_FLIPPER_SPAM) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SPOOF_AIRTAG) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SCAN_WAR_DRIVE) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SCAN_WAR_DRIVE_CONT) ||
|
||||
(wifi_scan_obj.currentScanMode == BT_SCAN_SKIMMERS) ||
|
||||
@@ -1227,6 +1229,7 @@ void MenuFunctions::RunSetup()
|
||||
{
|
||||
extern LinkedList<AccessPoint>* access_points;
|
||||
extern LinkedList<Station>* stations;
|
||||
extern LinkedList<AirTag>* airtags;
|
||||
|
||||
this->disable_touch = false;
|
||||
|
||||
@@ -1265,6 +1268,9 @@ void MenuFunctions::RunSetup()
|
||||
#endif
|
||||
wifiGeneralMenu.list = new LinkedList<MenuNode>();
|
||||
wifiAPMenu.list = new LinkedList<MenuNode>();
|
||||
#ifdef HAS_BT
|
||||
airtagMenu.list = new LinkedList<MenuNode>();
|
||||
#endif
|
||||
#ifndef HAS_ILI9341
|
||||
wifiStationMenu.list = new LinkedList<MenuNode>();
|
||||
#endif
|
||||
@@ -1323,6 +1329,9 @@ void MenuFunctions::RunSetup()
|
||||
clearSSIDsMenu.name = text_table1[28];
|
||||
clearAPsMenu.name = text_table1[29];
|
||||
wifiAPMenu.name = "Access Points";
|
||||
#ifdef HAS_BT
|
||||
airtagMenu.name = "Select Airtag";
|
||||
#endif
|
||||
#ifndef HAS_ILI9341
|
||||
wifiStationMenu.name = "Select Stations";
|
||||
#endif
|
||||
@@ -1663,6 +1672,7 @@ void MenuFunctions::RunSetup()
|
||||
this->changeMenu(wifiAPMenu.parentMenu);
|
||||
});
|
||||
|
||||
|
||||
// Select Stations on Mini v1
|
||||
/*
|
||||
this->addNodes(&wifiGeneralMenu, "Select Stations", TFT_CYAN, NULL, KEYBOARD_ICO, [this](){
|
||||
@@ -1914,6 +1924,59 @@ void MenuFunctions::RunSetup()
|
||||
wifi_scan_obj.StartScan(BT_ATTACK_SPAM_ALL, TFT_MAGENTA);
|
||||
});
|
||||
|
||||
#ifndef HAS_ILI9341
|
||||
// Select Airtag on Mini
|
||||
this->addNodes(&bluetoothAttackMenu, "Spoof Airtag", TFT_WHITE, NULL, ATTACKS, [this](){
|
||||
// Clear nodes and add back button
|
||||
airtagMenu.list->clear();
|
||||
this->addNodes(&airtagMenu, text09, TFT_LIGHTGREY, NULL, 0, [this]() {
|
||||
this->changeMenu(airtagMenu.parentMenu);
|
||||
});
|
||||
|
||||
// Add buttons for all airtags
|
||||
// Find out how big our menu is going to be
|
||||
int menu_limit;
|
||||
if (airtags->size() <= BUTTON_ARRAY_LEN)
|
||||
menu_limit = airtags->size();
|
||||
else
|
||||
menu_limit = BUTTON_ARRAY_LEN;
|
||||
|
||||
Serial.println("Found " + (String)airtags->size() + " airtag(s)");
|
||||
|
||||
// Create the menu nodes for all of the list items
|
||||
for (int i = 0; i < menu_limit; i++) {
|
||||
this->addNodes(&airtagMenu, airtags->get(i).mac, TFT_WHITE, NULL, BLUETOOTH, [this, i](){
|
||||
AirTag new_at = airtags->get(i);
|
||||
new_at.selected = true;
|
||||
|
||||
airtags->set(i, new_at);
|
||||
|
||||
// Set all other airtags to "Not Selected"
|
||||
for (int x = 0; x < airtags->size(); x++) {
|
||||
if (x != i) {
|
||||
AirTag new_atx = airtags->get(x);
|
||||
new_atx.selected = false;
|
||||
airtags->set(x, new_atx);
|
||||
}
|
||||
}
|
||||
|
||||
// Start the spoof
|
||||
display_obj.clearScreen();
|
||||
this->drawStatusBar();
|
||||
wifi_scan_obj.StartScan(BT_SPOOF_AIRTAG, TFT_WHITE);
|
||||
|
||||
});
|
||||
}
|
||||
this->changeMenu(&airtagMenu);
|
||||
});
|
||||
|
||||
airtagMenu.parentMenu = &bluetoothAttackMenu;
|
||||
this->addNodes(&airtagMenu, text09, TFT_LIGHTGREY, NULL, 0, [this]() {
|
||||
this->changeMenu(airtagMenu.parentMenu);
|
||||
});
|
||||
|
||||
#endif
|
||||
|
||||
// Device menu
|
||||
deviceMenu.parentMenu = &mainMenu;
|
||||
this->addNodes(&deviceMenu, text09, TFT_LIGHTGREY, NULL, 0, [this]() {
|
||||
|
||||
@@ -151,6 +151,9 @@ class MenuFunctions
|
||||
#endif
|
||||
Menu wifiGeneralMenu;
|
||||
Menu wifiAPMenu;
|
||||
#ifdef HAS_BT
|
||||
Menu airtagMenu;
|
||||
#endif
|
||||
#ifndef HAS_ILI9341
|
||||
Menu wifiStationMenu;
|
||||
#endif
|
||||
|
||||
@@ -176,6 +176,18 @@ extern "C" {
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
case Airtag: {
|
||||
for (int i = 0; i < airtags->size(); i++) {
|
||||
if (airtags->get(i).selected) {
|
||||
AdvData.addData(std::string((char*)airtags->get(i).payload.data(), airtags->get(i).payloadSize));
|
||||
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
default: {
|
||||
Serial.println("Please Provide a Company Type");
|
||||
break;
|
||||
@@ -244,6 +256,7 @@ extern "C" {
|
||||
AirTag airtag;
|
||||
airtag.mac = mac;
|
||||
airtag.payload.assign(payLoad, payLoad + len);
|
||||
airtag.payloadSize = len;
|
||||
|
||||
airtags->add(airtag);
|
||||
|
||||
@@ -697,7 +710,8 @@ void WiFiScan::StartScan(uint8_t scan_mode, uint16_t color)
|
||||
(scan_mode == BT_ATTACK_SPAM_ALL) ||
|
||||
(scan_mode == BT_ATTACK_SAMSUNG_SPAM) ||
|
||||
(scan_mode == BT_ATTACK_GOOGLE_SPAM) ||
|
||||
(scan_mode == BT_ATTACK_FLIPPER_SPAM)) {
|
||||
(scan_mode == BT_ATTACK_FLIPPER_SPAM) ||
|
||||
(scan_mode == BT_SPOOF_AIRTAG)) {
|
||||
#ifdef HAS_BT
|
||||
RunSwiftpairSpam(scan_mode, color);
|
||||
#endif
|
||||
@@ -885,6 +899,7 @@ void WiFiScan::StopScan(uint8_t scan_mode)
|
||||
(currentScanMode == BT_ATTACK_SAMSUNG_SPAM) ||
|
||||
(currentScanMode == BT_ATTACK_GOOGLE_SPAM) ||
|
||||
(currentScanMode == BT_ATTACK_FLIPPER_SPAM) ||
|
||||
(currentScanMode == BT_SPOOF_AIRTAG) ||
|
||||
(currentScanMode == BT_SCAN_WAR_DRIVE) ||
|
||||
(currentScanMode == BT_SCAN_WAR_DRIVE_CONT) ||
|
||||
(currentScanMode == BT_SCAN_SKIMMERS))
|
||||
@@ -2051,7 +2066,7 @@ void WiFiScan::setBaseMacAddress(uint8_t macAddr[6]) {
|
||||
|
||||
// Check for success or handle errors
|
||||
if (err == ESP_OK) {
|
||||
Serial.println("Base MAC address successfully set.");
|
||||
return;
|
||||
} else if (err == ESP_ERR_INVALID_ARG) {
|
||||
Serial.println("Error: Invalid MAC address argument.");
|
||||
} else {
|
||||
@@ -2059,6 +2074,46 @@ void WiFiScan::setBaseMacAddress(uint8_t macAddr[6]) {
|
||||
}
|
||||
}
|
||||
|
||||
void WiFiScan::executeSpoofAirtag() {
|
||||
#ifdef HAS_BT
|
||||
for (int i = 0; i < airtags->size(); i++) {
|
||||
if (airtags->get(i).selected) {
|
||||
|
||||
uint8_t macAddr[6];
|
||||
|
||||
convertMacStringToUint8(airtags->get(i).mac, macAddr);
|
||||
|
||||
//macAddr[0] = 0x02;
|
||||
|
||||
macAddr[5] -= 2;
|
||||
|
||||
Serial.println("Using MAC: " + macToString(macAddr));
|
||||
|
||||
// Do this because ESP32 BT addr is Base MAC + 2
|
||||
|
||||
this->setBaseMacAddress(macAddr);
|
||||
|
||||
NimBLEDevice::init("");
|
||||
|
||||
NimBLEServer *pServer = NimBLEDevice::createServer();
|
||||
|
||||
pAdvertising = pServer->getAdvertising();
|
||||
|
||||
//NimBLEAdvertisementData advertisementData = getSwiftAdvertisementData();
|
||||
NimBLEAdvertisementData advertisementData = this->GetUniversalAdvertisementData(Airtag);
|
||||
pAdvertising->setAdvertisementData(advertisementData);
|
||||
pAdvertising->start();
|
||||
delay(10);
|
||||
pAdvertising->stop();
|
||||
|
||||
NimBLEDevice::deinit();
|
||||
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
void WiFiScan::executeSwiftpairSpam(EBLEPayloadType type) {
|
||||
#ifdef HAS_BT
|
||||
uint8_t macAddr[6];
|
||||
@@ -2473,6 +2528,8 @@ void WiFiScan::RunSwiftpairSpam(uint8_t scan_mode, uint16_t color) {
|
||||
display_obj.tft.drawCentreString("BLE Spam Google",120,16,2);
|
||||
else if (scan_mode == BT_ATTACK_FLIPPER_SPAM)
|
||||
display_obj.tft.drawCentreString("BLE Spam Flipper", 120, 16, 2);
|
||||
else if (scan_mode == BT_SPOOF_AIRTAG)
|
||||
display_obj.tft.drawCentreString("BLE Spoof Airtag", 120, 16, 2);
|
||||
display_obj.touchToExit();
|
||||
#endif
|
||||
display_obj.tft.setTextColor(TFT_GREEN, TFT_BLACK);
|
||||
@@ -4922,7 +4979,8 @@ void WiFiScan::main(uint32_t currentTime)
|
||||
(currentScanMode == BT_ATTACK_SPAM_ALL) ||
|
||||
(currentScanMode == BT_ATTACK_SAMSUNG_SPAM) ||
|
||||
(currentScanMode == BT_ATTACK_GOOGLE_SPAM) ||
|
||||
(currentScanMode == BT_ATTACK_FLIPPER_SPAM)) {
|
||||
(currentScanMode == BT_ATTACK_FLIPPER_SPAM) ||
|
||||
(currentScanMode == BT_SPOOF_AIRTAG)) {
|
||||
#ifdef HAS_BT
|
||||
if (currentTime - initTime >= 1000) {
|
||||
initTime = millis();
|
||||
@@ -4958,6 +5016,10 @@ void WiFiScan::main(uint32_t currentTime)
|
||||
if ((currentScanMode == BT_ATTACK_FLIPPER_SPAM) ||
|
||||
(currentScanMode == BT_ATTACK_SPAM_ALL))
|
||||
this->executeSwiftpairSpam(FlipperZero);
|
||||
|
||||
if (currentScanMode == BT_SPOOF_AIRTAG)
|
||||
this->executeSpoofAirtag();
|
||||
|
||||
#endif
|
||||
}
|
||||
else if (currentScanMode == WIFI_SCAN_WAR_DRIVE) {
|
||||
|
||||
@@ -96,6 +96,7 @@
|
||||
#define BT_ATTACK_GOOGLE_SPAM 41
|
||||
#define BT_ATTACK_FLIPPER_SPAM 42
|
||||
#define BT_SCAN_AIRTAG 43
|
||||
#define BT_SPOOF_AIRTAG 44
|
||||
|
||||
#define GRAPH_REFRESH 100
|
||||
|
||||
@@ -159,6 +160,7 @@ struct Station {
|
||||
struct AirTag {
|
||||
String mac; // MAC address of the AirTag
|
||||
std::vector<uint8_t> payload; // Payload data
|
||||
uint16_t payloadSize;
|
||||
bool selected;
|
||||
};
|
||||
|
||||
@@ -273,7 +275,8 @@ class WiFiScan
|
||||
Apple,
|
||||
Samsung,
|
||||
Google,
|
||||
FlipperZero
|
||||
FlipperZero,
|
||||
Airtag
|
||||
};
|
||||
|
||||
#ifdef HAS_BT
|
||||
@@ -302,6 +305,7 @@ class WiFiScan
|
||||
void clearMacHistory();
|
||||
void executeWarDrive();
|
||||
void executeSourApple();
|
||||
void executeSpoofAirtag();
|
||||
void executeSwiftpairSpam(EBLEPayloadType type);
|
||||
void startWardriverWiFi();
|
||||
//void generateRandomMac(uint8_t* mac);
|
||||
|
||||
@@ -55,6 +55,14 @@ String macToString(const Station& station) {
|
||||
return String(macStr);
|
||||
}
|
||||
|
||||
String macToString(uint8_t macAddr[6]) {
|
||||
char macStr[18]; // 17 characters for "XX:XX:XX:XX:XX:XX" + 1 null terminator
|
||||
snprintf(macStr, sizeof(macStr), "%02X:%02X:%02X:%02X:%02X:%02X",
|
||||
macAddr[0], macAddr[1], macAddr[2],
|
||||
macAddr[3], macAddr[4], macAddr[5]);
|
||||
return String(macStr);
|
||||
}
|
||||
|
||||
void convertMacStringToUint8(const String& macStr, uint8_t macAddr[6]) {
|
||||
// Ensure the input string is in the format "XX:XX:XX:XX:XX:XX"
|
||||
if (macStr.length() != 17) {
|
||||
|
||||
Reference in New Issue
Block a user