i installed everything from requirements.txt, but still cant import bluetooth._bluetooth as bluez

Hello,

I am currently using Parani-UD100 as the Bluetooth USB adapter to run the POC codes, but it seems the code is not working..

Do I have to use Adafruit Bluefruit LE Sniffer or a similar BLE sniffer? If so, you should consider changing the README file as "Bluetooth adapter for sniffing BLE messages"

Does the WiFi Sharing script still work for an iPhone X on iOS 16?

A year ago I tried to put on the PC. There was an error about: inability to use pip3 install -r requirements.txt. Now I bet on Kali NH, it seemed, something new, yet, I do not understand how to fix.

Thanks for the demos. I find this really interesting!

I tried getting this to run on my Mac, but couldn't. The things that helped me were to install pybluez directly from their GitHub repo instead of from their old release on PyPI.

I've left some instructions here on how to do that here: https://stackoverflow.com/a/57210242/872328

Basically:

$ pip install git+https://github.com/pybluez/pybluez.git

And then you can just:

# import bluetooth._bluetooth
import bluetooth

However, then I ran into this issue:

$ python ble_read_state.py
Traceback (most recent call last):
  File "ble_read_state.py", line 60, in <module>
    toggle_device(dev_id, True)
  File "/code/open-source/apple_bleee/utils/bluetooth_utils.py", line 88, in toggle_device
    hci_sock = socket.socket(socket.AF_BLUETOOTH,
AttributeError: module 'socket' has no attribute 'AF_BLUETOOTH'

This is where I gave up. I'm hoping someone else can figure out if it's possible or if there is a critical missing dependency on Mac that hasn't been ported over from Linux yet.

After I got owl working with an active monitor mode, this is a the error I'm getting when trying to launch airdrop_leak. I don't know how to debug this, please help.

Traceback (most recent call last):
  File "/home/kali/Developer/apple_bleee/airdrop_leak.py", line 22, in <module>
    from opendrop2.cli import AirDropCli
  File "/home/kali/Developer/apple_bleee/opendrop2/cli.py", line 30, in <module>
    from .client import AirDropBrowser, AirDropClient
  File "/home/kali/Developer/apple_bleee/opendrop2/client.py", line 32, in <module>
    from .util import AirDropUtil, AbsArchiveWrite
  File "/home/kali/Developer/apple_bleee/opendrop2/util.py", line 57, in <module>
    from ctypescrypto import cms, x509, pkey, oid
  File "/usr/local/lib/python3.10/dist-packages/ctypescrypto/cms.py", line 18, in <module>
    from ctypescrypto.x509 import StackOfX509
  File "/usr/local/lib/python3.10/dist-packages/ctypescrypto/x509.py", line 731, in <module>
    libcrypto.X509_NAME_hash.restype = c_long
  File "/usr/lib/python3.10/ctypes/__init__.py", line 387, in __getattr__
    func = self.__getitem__(name)
  File "/usr/lib/python3.10/ctypes/__init__.py", line 392, in __getitem__
    func = self._FuncPtr((name_or_ordinal, self))
AttributeError: /lib/arm-linux-gnueabihf/libcrypto.so.3: undefined symbol: X509_NAME_hash. Did you mean: 'X509_NAME_cmp'?

Can you please add a license to which research this was released under?

It works for me but when using the adv_wifi.py - how do one get the actual
wireless code / WPA2 when the victim presses "OK share the code"

I can see - when sniffing bluetooth - that some data is transmittet.

Can you share some lights on how to get that data ?

Regards Mr. T

Am I doing something wrong, or has the protocol changed and the script doesn't work? Could you confirm or deny?
Is the bluetooth adapter built into the laptop suitable?
Thank you

This happens when trying to create a hash list.

t:/apple_bleee$ python3 ble_read_state.py -h
Traceback (most recent call last):
File "ble_read_state.py", line 24, in
import bluetooth._bluetooth as bluez
ModuleNotFoundError: No module named 'bluetooth'
t:/apple_bleee$

CMake Deprecation Warning at googletest/CMakeLists.txt:4 (cmake_minimum_required):
Compatibility with CMake < 2.8.12 will be removed from a future version of
CMake.

Update the VERSION argument value or use a ... suffix to tell
CMake that the project does not need compatibility with older versions.

CMake Deprecation Warning at googletest/googlemock/CMakeLists.txt:45 (cmake_minimum_required):
Compatibility with CMake < 2.8.12 will be removed from a future version of
CMake.

Update the VERSION argument value or use a ... suffix to tell
CMake that the project does not need compatibility with older versions.

CMake Deprecation Warning at googletest/googletest/CMakeLists.txt:56 (cmake_minimum_required):
Compatibility with CMake < 2.8.12 will be removed from a future version of
CMake.

Update the VERSION argument value or use a ... suffix to tell
CMake that the project does not need compatibility with older versions.

-- Configuring done
-- Generating done
-- Build files have been written to: /home/xthr0/apple_bleee/owl/build
Consolidate compiler generated dependencies of target radiotap
[ 5%] Built target radiotap
Consolidate compiler generated dependencies of target awdl
[ 51%] Built target awdl
Consolidate compiler generated dependencies of target owl
[ 64%] Built target owl
Consolidate compiler generated dependencies of target gtest
[ 67%] Building CXX object googletest/googletest/CMakeFiles/gtest.dir/src/gtest-all.cc.o
In file included from /home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-all.cc:42:
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc: In function ‘bool testing::internal::StackGrowsDown()’:
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc:1301:24: error: ‘dummy’ may be used uninitialized [-Werror=maybe-uninitialized]
1301 | StackLowerThanAddress(&dummy, &result);
| ~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc:1290:13: note: by argument 1 of type ‘const void*’ to ‘void testing::internal::StackLowerThanAddress(const void*, bool*)’ declared here
1290 | static void StackLowerThanAddress(const void* ptr, bool* result) {
| ^~~~~~~~~~~~~~~~~~~~~
/home/xthr0/apple_bleee/owl/googletest/googletest/src/gtest-death-test.cc:1299:7: note: ‘dummy’ declared here
1299 | int dummy;
| ^~~~~
cc1plus: all warnings being treated as errors
make[2]: *** [googletest/googletest/CMakeFiles/gtest.dir/build.make:76: googletest/googletest/CMakeFiles/gtest.dir/src/gtest-all.cc.o] Error 1
make[1]: *** [CMakeFiles/Makefile2:322: googletest/googletest/CMakeFiles/gtest.dir/all] Error 2
make: *** [Makefile:136: all] Error 2

On Mint 19.1, even after pip install psycopg2, hash2phone reports ImportError: No module named psycopg2. Solution was to apt install python-psycopg2.

hello!

I got it to work and I'm picking up nearby devices (probably neighbors), but it seems I can't pick up my own device (that recently updated to 12.4). Can you verify this still works with 12.4?

Thanks!

Sometimes I get strange hashes values. Empty Phone hash and Email hash, but correct AppleID hash. The same phone sometimes returns correct phone hash.

I also get this error sometimes while ble_read_state.py running:

Exception when calling handler with a BLE advertising event: ValueError("invalid literal for int() with base 16: ''")

Kali linux 2019.3
Bluetooth usb dongle CSR8510

Is it possible to spoof the AirPods being connected to the iPhone? Currently it just says "Not Your Airpods" and I want to change the message

help me please

Any chance this is going to get updated? I used this tool suite in 2020 or 2021 in its infancy, and it was awesome. Fast forward four or five years, and it is incredibly broken. I just installed all dependencies (both apt and pip), as well as owl and the other, and i think every single component of this suite is broken. there were macro issues, py ctype issues, x509 function call issues, you name it, they were there.

I understand this suite is years old and is probably broken by updated/new packages, but if you could possibly provide a poetry package or even a versions list for the apt dependencies and the same in the python requirements file, folks that want to download this could set up a virtual runtime space and continue to use this awesome tool. Thanks for any insight or assistance.

I googled and didn't find anything, if there is an up-to-date one that works could you share?

Exception in ./utils/bluetooth_utils.py running ble_read_state.py

Exception is printed all over the ble_read_state screen making it hard to read

Maybe due to new hardware IDs not included in the code (AirPods Pro?)

root@server:~/source/AppleBleee/apple_bleee/hash2phone# python ./hashmap_gen.py 0450
0 % complete
Traceback (most recent call last):
File "./hashmap_gen.py", line 45, in
strhash = str(bhash).encode()
UnicodeDecodeError: 'ascii' codec can't decode byte 0x8a in position 0: ordinal not in range(128)

Consider changing line 1 from python2 to python3 ?

When running I get a phone number hash for wifi connection attempts, but the decoded hash does not match my phone number. Other phone hashes returned are nonsensical US phones (eg 1-044-555-5555) and 044 isn't a valid us area code. With just my single device to verify it is hard to see where the problem lies.

I'm on iPhone 6, iOS 12.3.1.

Hi Guys,

I don't want to just run the scripts but I would like to also learn how to do it by capturing this data myself and replying with my own USB dongle, I believe I am doing the same but not getting the same results. Any help much appreciated :-)

Steps:

1. Run Wireshark and sniff on the USB dongle
2. Capture the 31 bytes of advert data.
3. Copy that data to the DATA variable of adv_airpod example
4. Replaying is not working :(

Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: HCI Event (0x04)
Bluetooth HCI Event - LE Meta
Advertising Data
Type: Manufacturer Specific (0xff)
Company ID: Apple, Inc. (0x004c)

Data: 0719010f2055aa38380018d6e589667f8a76f90050d2ff0f...

Exported that DATA as Hex Stream or C Array from Wireshark:

I have also tried to split the 31 bytes as done in the script adding the random 3bytes but it was not working : e.g. data=(data1 + left_speaker + right_speaker + case + data2)

ble_read_state.py incorrectly detects iPhone state: Home screen/Lock screen goes as WiFi on/off.

iOS 12.4

Exception when calling handler with a BLE advertising event: Ke92error('564a')

Set up according to the instructions in a VM ubuntu. However, i am unable to listen to any bluetooth connection. Anyone met with similar issue?

Help solve the problem.
I get the following error when running "ble read state.py " --SystemError :PY_SSIZE_T_CLEAN macro must be defined for '#' formats

When running python3 ble_read_state.py Exception is printed all over the ble_read_state screen making it hard to read

Maybe new iOS version?

An error in 37 line while comparing two values. You should use ==, not is. Else it isn't sure correct comparing result.

Getting this when I run:

python ble_read_state.py

Weirdly, in the PyBluez package it's got the same _bluetooth import-- and it can't find it either. I cloned the PyBluez project from GitHub and have searched all of the source code and it's just not there.

I'm using Python 3.7 on MacOS (Mojave, I believe). I know it's experimental but perhaps there's an alternative package I can use/install?

I have owl and ble_read_state.py running side by side, a lot of traffic is coming through in owl, yet nothing is showing up in apple devices scanner (as shown in attachment). Is everything set up right? Here's the configuration of awdl0 pulled from ip addr (mac addresses have been removed):

12: awdl0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc fq_codel state UNKNOWN group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link valid_lft forever preferred_lft forever