securing / gattacker Goto Github PK

View Code? Open in Web Editor NEW

697.0 35.0 139.0 312 KB

A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks

Home Page: http://www.gattack.io

License: MIT License

JavaScript 97.11% Makefile 0.06% C 2.67% Shell 0.16%

gattacker's Introduction

A Node.js package for BLE (Bluetooth Low Energy) Man-in-the-Middle & more.

Prerequisites

see:

https://github.com/sandeepmistry/noble

https://github.com/sandeepmistry/bleno

Install

npm install gattacker

Usage

Configure

Running both components Set up variables in config.env:

NOBLE_HCI_DEVICE_ID : noble ("central", ws-slave) device
BLENO_HCI_DEVICE_ID : bleno ("peripheral", advertise) device

If you run "central" and "peripheral" modules on separate boxes with just one BT4 interface, you can leave the values commented.

WS_SLAVE : IP address of ws-slave box
DEVICES_PATH : path to store json files

Start "central" device

sudo node ws-slave

Connects to targeted peripheral and acts as websocket server.

Debug:

DEBUG=ws-slave sudo node ws-slave

Scanning

Scan for advertisements

node scan

Without parameters scans for broadcasted advertisements, and records them as json files (.adv.json) in DEVICES_PATH

Explore services and characteristics

node scan <peripheral>

Explore services and characteristics of chosen peripheral. Saves the explored service structure in json file (.srv.json) in DEVICES_PATH.

Hook configuration (option)

For active request/response tampering configure hook functions for characteristic in device's json services file.

Example:

            {
                "uuid": "06d1e5e779ad4a718faa373789f7d93c",
                "name": null,
                "properties": [
                    "write",
                    "notify"
                ],
                "startHandle": 8,
                "valueHandle": 9,
                "endHandle": 10,
                "descriptors": [
                    {
                        "handle": 10,
                        "uuid": "2902",
                        "value": ""
                    }
                ],
                "hooks": {
                    "dynamicWrite": "dynamicWriteFunction",
                    "dynamicNotify": "customLog"
                }
            }

Functions:

<dynamic|static><Write|Read|Notify>

dynamic: connect to original device

static: do not connect to original device, run the tampering function locally

It will try to invoke the specified function from hookFunctions, include your own. A few examples provided in hookFunctions subdir.

staticValue - static value

Start "peripheral" device

node advertise -a <advertisement_json_file> [ -s <services_json_file> ]

It connects via websocket to ws-slave in order to forward requests to original device. Static run (-s) sets services locally, does not connect to ws-slave. You have to configure the hooks properly.

MAC address cloning

For many applications it is necessary to clone MAC address of original device. A helper tool bdaddr from Bluez is provided in helpers/bdaddr.

cd helpers/bdaddr
make

wrapper script:

./mac_adv -a <advertisement_json_file> [ -s <services_json_file> ]

Dump, replay

Dump files are saved in a path configured by DUMP_PATH in config.env (by default dump). More info: https://github.com/securing/gattacker/wiki/Dump-and-replay

Troubleshooting

Turn off, cross fingers, try again ;)

reset device

hciconfig <hci_interface> reset

Running ws-slave and advertise on the same box

With this configuration you may experience various problems.

Try switching NOBLE_HCI_INTERFACE and BLENO_HCI_INTERFACE

hcidump debug

hcidump -x -t <hci_interface>

FAQ, more information

FAQ: https://github.com/securing/gattacker/wiki/FAQ

More information: www.gattack.io

License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

gattacker's People

Contributors

Stargazers

Watchers

Forkers

pabit maciekit lucabongiorni wflk ognz k001 kabadjo ikthap evertvr 4ppsec mprokopowicz deki0r y0d4a newdominic awesome-security theo-learner hotelzululima vnclouds the-shelter akarokr samyoyo alma4rebi songofhack hughker redragonvn az0ne securextools jijicanyu sigma-random spnow nk5 forte916 olivierh59500 javarockstar lopessec malikyaseen heyfryman yuconan lemonhall ashlondon badfluxion wanming2008 gciandro13 ddm valiant signallogics wirelessice puppycodes atplejia timzhang926 antichown expertasif ray-dong suhasbhairav kromancer indrawibawa85 besimaltnok chinnidiwakar hrk31c x62smith gavz w00t3k buypolarbear fluxius orlandobcr andrewyad primmus aravindkpv hari-1203 barcating roumy thisisfalcon libertyunix modulexcite bhass1 camparijet dynamicode ceekay-shen alan-mushi jforge conditionblack laurentlemercier freqyxin lostinthemidwest seattleacademy scottsmall mattgj wemakerspace wesley-yang johndoex1 burgestrand arigus dromaludaire imtiazkarimik23 ioaday jeffrafter akabe1 xen0bit nullc0rp kimocoder

gattacker's Issues

Unable to get the ".srv " file of the ble device

Hello, i am running ws-slave on pi 3 and the other end on Laptop(Kali).
i am able to get the ".adv file" and not the ".srv" file. I have run the "gatttool" and i'm able to see the primary sevices and the characteristics of the BLE device but didn't have the luck to find the "services" on the "ws-slave"(pi 3).Could you shed some information on the same?.

Problem with Scan

Hi! I am having some issues while using gattacker. The problem is - after running the "node scan"command on the host, it doesn't scan anything. I wanted to do my experiment with a smartband, but it is not being scanned. I do not have any idea what's going on and how to fix this. Would you please help me?

(P.S. - I faced problem while installing gattacker, as per suggestions on the internet, I tried with node 8, but node 8 didn't work for me. So, I changed every dependency version to "latest" and installed gattacker using node 18.10. I was having issues with blutooth-hci-socket, I learned that the project is not being maintained. So, I replaced it with https://www.npmjs.com/package/@abandonware/bluetooth-hci-socket - this one. I am not sure what is causing the problem. I need your help.)

Thanks for your time! May God bless you!

"userDescriptionDescriptor.readValue is not a function" error

I'm getting a "userDescriptionDescriptor.readValue is not a function" when I try to explore services and characteristics with command node scan peripheralAddr . I'm not sure what is causing the error and how to fix it. Would you be able to help please?

Error with node scan

Hi
I have installed gattacker on a Raspberry Pi 3 b+, nodejs 8.17 but when a use scan command I get this:
`pi@magicmirror:~/node_modules/gattacker $ node scan -o
Ws-slave address: 192.168.1.117
Overwrite services file if exists.
events.js:183
throw er; // Unhandled 'error' event
^

Error: connect ECONNREFUSED 192.168.1.117:2846
at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1191:14)`

I tried same in another raspi and got same error

Installation Vs Node/Bleno/Noble Versions Vs Kali

Hi,
I am trying to install gattacker on a clean amd64 Kali VM and it looks like there might be some dependecies/versions issues due to NodeJS, Bleno and Noble versions...

I guess this is not enough to get gattacker installed and configure?!:

apt-get install npm nodejs nodejs-legacy
npm install gattacker

So I tried also:

sudo apt-get install bluetooth bluez libbluetooth-dev libudev-dev build-essential
npm install bleno
npm install noble
npm install gattacker

But no luck.
Then I also tried to play with Node & NPM versions by using NVM:

curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash
export NVM_DIR="$HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
nvm ls
node -v
nvm install 8
node -v
npm -v

But still errors.
Therefore, before I'll start debug those tons of errors, I will ask...
Assuming you are using a Kali amd64 VM too...

1) Which are the exact command to install gattacker? Is this enough?

apt-get install npm nodejs nodejs-legacy
npm install gattacker

2) Do I need a specific version of NodeJS? 8.x.x? 10.x.x?

Thanks in advance! 😃

Unable to clone the services.

Hello,

I recently started using the tool. My central device is set up on ubuntu 18.04 and peripheral on kali linux.
I have created the advertisement using nrf Connect app. I have got both the advertisement and services json files for that using the gattacker tool.
But when I am connecting to the fake device through another phone using ble scanner app I am unable to find any services.
Can anyone tell me the exact process of cloning the services.

What node/npm version

What node/npm version?

Unsupported manufacturer (Qualcomm)

I need to clone Bluetooth MAC adress of an Arduino (target device), in my Ubuntu laptop (peripheral BLENO device), starting the script "./mac_adv" that calls bdaddr function, but I receive "Unsupported manufacturer".
I've got a Qualcomm manufacturer, so probably that could be the problem because only some specific manufacturers are supported.
Is there any advice in order to solve this issue ?

Fails to connect and advertise together

When running mac_adv it all seems to work, goes through initialising, but then falls in a great big heap with a "Command Disallowed" error when it gets to advertising. ws-slave appears to connect to the device and then immediately disconnects.

Gattacker is advertising (I can see it from my phone), but it loses its connection to the device.

Output from mac_adv:

[root@mictlan gattacker]# ./mac_adv -a devices/3ca308c1aaa3_BS01.adv.json
Advertise with cloned MAC address
Ws-slave address: 127.0.0.1
peripheralid: 3ca308c1aaa3
advertisement file: devices/3ca308c1aaa3_BS01.adv.json
EIR: 02010609ff01023ca308c1aaa30302e7fe
scanResponse: 050942533031051250002003020a00
on open
poweredOn
Noble MAC address : 3c:a3:08:c1:aa:a3
BLENO - on -> stateChange: poweredOn
initialized !
Static - start advertising
on -> advertisingStart: error Error: Command Disallowed
Adv error  Error: Command Disallowed
    at Gap.onHciLeAdvertiseEnableSet (/home/dave/node_modules/gattacker/lib/bleno/lib/hci-socket/gap.js:201:15)
    at emitOne (events.js:116:13)
    at Hci.emit (events.js:211:7)
    at Hci.processCmdCompleteEvent (/home/dave/node_modules/gattacker/lib/bleno/lib/hci-socket/hci.js:539:10)
    at Hci.onSocketData (/home/dave/node_modules/gattacker/lib/bleno/lib/hci-socket/hci.js:427:12)
    at emitOne (events.js:116:13)
    at BluetoothHciSocket.emit (events.js:211:7)

Output from ws-slave:

ws -> send: {"type":"stopScanning"}
ws -> send: {"type":"initialized","peripheralId":"3ca308c1aaa3"}
ws -> send: {"type":"connect","peripheralId":"3ca308c1aaa3"}
ws -> send: {"type":"disconnect","peripheralId":"3ca308c1aaa3"}
ws -> send: {"type":"initializeStatus","peripheralId":"3ca308c1aaa3","status":"waiting with reconnect to target device for client connection to bleno..."}

scan by name doesn't finished

Hi,

I have a trouble with scan device by name:

node_modules/gattacker# sudo node scan.js:

Ws-slave address: 192.168.31.40
on open
poweredOn
Start scanning.
peripheral discovered (7811dcc46618 with address <78:11:dc:c4:66:18, public>, connectable true, RSSI -72:
	Name: MiKettle
	EIR: 020106141695fe71208300ee1866c4dc1178090510020018 (       q     f   x      )
	Scan response: 0b0301aa02aa03aa0a18e8fe05120600800c09094d694b6574746c65 (                    MiKettle)

advertisement saved: devices/7811dcc46618_MiKettle.adv.json
peripheral discovered (ec623b0538c9 with address <ec:62:3b:05:38:c9, random>, connectable true, RSSI -50:
	Name: Amazfit Bip Watch
	EIR: 0201041bff570100b8a2756a7cd1fc4f2494c1a99d34886b01ec623b0538c9 (     W    uj|  O$    4 k  b; 8 )
	Scan response: 1209416d617a666974204269702057617463680302e0fe0716e0fe00000000 (  Amazfit Bip Watch            )

advertisement saved: devices/ec623b0538c9_Amazfit-Bip-Watch.adv.json
peripheral discovered (682f309f62b2 with address <68:2f:30:9f:62:b2, random>, connectable true, RSSI -91:
	EIR: 02011a14ff4c000100000000000000000000008000000000 (     L                  )

advertisement saved: devices/682f309f62b2_.adv.json

I try to scan 'Amazfit Bip Watch' device.
/node_modules/gattacker# sudo node scan.js ec623b0538c9:

Ws-slave address: 192.168.31.40
on open
poweredOn
Start exploring ec623b0538c9
Start to explore ec623b0538c9
explore state: ec623b0538c9 : start

and... ...there are no activity in terminal from host machine.

host machine
ip: 192.168.31.167
hciconfig:

hci0:	Type: Primary  Bus: USB
	BD Address: 00:1A:7D:DA:71:13  ACL MTU: 310:10  SCO MTU: 64:8
	UP RUNNING 
	RX bytes:652 acl:0 sco:0 events:43 errors:0
	TX bytes:2664 acl:0 sco:0 commands:43 errors:0

consfig.env:

# HCI devices. 
# ws-slave - "central" device connecting to target peripheral 
NOBLE_HCI_DEVICE_ID=0
# "peripheral" device emulator
BLENO_HCI_DEVICE_ID=0
# advertising interval - minimal = 20ms
BLENO_ADVERTISING_INTERVAL=20
# ws-slave websocket address
WS_SLAVE=192.168.31.40
# path to save advertisement and characteristic files of devices
DEVICES_PATH=devices
# path to save log (dump) of all the data exchanged with device
DUMP_PATH=dump
# display websocket client messages in console
WS_DEBUG=0

slave machine
ip: 192.168.31.40
hciconfig:

hci1:	Type: BR/EDR  Bus: USB
	BD Address: E4:70:B8:54:57:A3  ACL MTU: 1021:4  SCO MTU: 96:6
	UP RUNNING PSCAN ISCAN 
	RX bytes:20017 acl:0 sco:0 events:2679 errors:0
	TX bytes:601568 acl:1 sco:0 commands:2545 errors:0

consfig.env:

# HCI devices. 
# ws-slave - "central" device connecting to target peripheral 
NOBLE_HCI_DEVICE_ID=1
# "peripheral" device emulator
# BLENO_HCI_DEVICE_ID=1
# advertising interval - minimal = 20ms
BLENO_ADVERTISING_INTERVAL=20
# ws-slave websocket address
# WS_SLAVE=192.168.31.167
# path to save advertisement and characteristic files of devices
DEVICES_PATH=devices
# path to save log (dump) of all the data exchanged with device
DUMP_PATH=dump
# display websocket client messages in console
WS_DEBUG=0

there are *.adv.json files in device directory, but *.srv.json files are absent.

What should I do to make scan finished success?

p.s. sorry for my English )

no idea whats going on

I have no idea whats going on but not getting data. Also tried with laptop and pi but same result

Relay working only one way

A quick one to start off with - I've got the relay working in one direction (between a phone and another device) but the connection back from the device to the phone doesn't seem to go through the relay.

If the device is close enough it makes a direct connection back to the phone. If it's too far away it just hangs and times out.

I guess my first question is if this is expected behavior or if I should investigate further...?

Failing install

Hi,
I'm trying to install GATTACKER on Ubuntu x64 (19.04).
I succeeded in installing NOBLE & BLENO.
When running the npm command, I'm getting a long list of errors and warnings (that are probably irrelevant, but I'm posting them anyway for the sake of completeness)

I'm suspecting it has something to do with changes in node-gyp breaking the current code.


> [email protected] install /home/jurgen/node_modules/usb
> prebuild-install --verbose || node-gyp rebuild

prebuild-install info begin Prebuild-install version 5.3.0
prebuild-install info looking for cached prebuild @ /home/jurgen/.npm/_prebuilds/f78b17-usb-v1.6.0-node-v64-linux-x64.tar.gz
prebuild-install info found cached prebuild 
prebuild-install info unpacking @ /home/jurgen/.npm/_prebuilds/f78b17-usb-v1.6.0-node-v64-linux-x64.tar.gz
prebuild-install info unpack resolved to /home/jurgen/node_modules/usb/build/Release/usb_bindings.node
prebuild-install info unpack required /home/jurgen/node_modules/usb/build/Release/usb_bindings.node successfully
prebuild-install info install Successfully installed prebuilt binary!

> [email protected] install /home/jurgen/node_modules/bleno/node_modules/bluetooth-hci-socket
> node-gyp rebuild

make: Map '/home/jurgen/node_modules/bleno/node_modules/bluetooth-hci-socket/build' wordt binnengegaan
  CXX(target) Release/obj.target/binding/src/BluetoothHciSocket.o
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h: In function ‘void Nan::AsyncQueueWorker(Nan::AsyncWorker*)’:
../../../../nan/nan.h:2298:62: warning: cast between incompatible function types from ‘void (*)(uv_work_t*)’ {aka ‘void (*)(uv_work_s*)’} to ‘uv_after_work_cb’ {aka ‘void (*)(uv_work_s*, int)’} [-Wcast-function-type]
     , reinterpret_cast<uv_after_work_cb>(AsyncExecuteComplete)
                                                              ^
../src/BluetoothHciSocket.cpp: In member function ‘void BluetoothHciSocket::poll()’:
../src/BluetoothHciSocket.cpp:251:95: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
     Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                               ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:251:95: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
     Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                               ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp: In member function ‘void BluetoothHciSocket::emitErrnoError()’:
../src/BluetoothHciSocket.cpp:275:72: error: no matching function for call to ‘v8::Function::NewInstance(int, v8::Local<v8::Value> [1])’
   Local<Value> error = errorConstructor->NewInstance(1, constructorArgs);
                                                                        ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3993:44: note: candidate: ‘v8::MaybeLocal<v8::Object> v8::Function::NewInstance(v8::Local<v8::Context>, int, v8::Local<v8::Value>*) const’
   V8_WARN_UNUSED_RESULT MaybeLocal<Object> NewInstance(
                                            ^~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3993:44: note:   candidate expects 3 arguments, 2 provided
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3996:44: note: candidate: ‘v8::MaybeLocal<v8::Object> v8::Function::NewInstance(v8::Local<v8::Context>) const’
   V8_WARN_UNUSED_RESULT MaybeLocal<Object> NewInstance(
                                            ^~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3996:44: note:   candidate expects 1 argument, 2 provided
../src/BluetoothHciSocket.cpp:282:93: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
   Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                             ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:282:93: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
   Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                             ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp: In static member function ‘static Nan::NAN_METHOD_RETURN_TYPE BluetoothHciSocket::BindRaw(Nan::NAN_METHOD_ARGS_TYPE)’:
../src/BluetoothHciSocket.cpp:395:34: warning: ‘int64_t v8::Value::IntegerValue() const’ is deprecated: Use maybe version [-Wdeprecated-declarations]
       devId = arg0->IntegerValue();
                                  ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:26,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:2476:46: note: declared here
   V8_DEPRECATED("Use maybe version", int64_t IntegerValue() const);
                                              ^~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8config.h:324:3: note: in definition of macro ‘V8_DEPRECATED’
   declarator __attribute__((deprecated(message)))
   ^~~~~~~~~~
../src/BluetoothHciSocket.cpp: In static member function ‘static Nan::NAN_METHOD_RETURN_TYPE BluetoothHciSocket::BindUser(Nan::NAN_METHOD_ARGS_TYPE)’:
../src/BluetoothHciSocket.cpp:417:34: warning: ‘int64_t v8::Value::IntegerValue() const’ is deprecated: Use maybe version [-Wdeprecated-declarations]
       devId = arg0->IntegerValue();
                                  ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:26,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:2476:46: note: declared here
   V8_DEPRECATED("Use maybe version", int64_t IntegerValue() const);
                                              ^~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8config.h:324:3: note: in definition of macro ‘V8_DEPRECATED’
   declarator __attribute__((deprecated(message)))
   ^~~~~~~~~~
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
../src/BluetoothHciSocket.cpp: At global scope:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:570:43: warning: cast between incompatible function types from ‘void (*)(Nan::ADDON_REGISTER_FUNCTION_ARGS_TYPE)’ {aka ‘void (*)(v8::Local<v8::Object>)’} to ‘node::addon_register_func’ {aka ‘void (*)(v8::Local<v8::Object>, v8::Local<v8::Value>, void*)’} [-Wcast-function-type]
       (node::addon_register_func) (regfunc),                          \
                                           ^
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:604:3: note: in expansion of macro ‘NODE_MODULE_X’
   NODE_MODULE_X(modname, regfunc, NULL, 0)  // NOLINT (readability/null_usage)
   ^~~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:499:1: note: in expansion of macro ‘NODE_MODULE’
 NODE_MODULE(binding, BluetoothHciSocket::Init);
 ^~~~~~~~~~~
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h: In instantiation of ‘void v8::PersistentBase<T>::SetWeak(P*, typename v8::WeakCallbackInfo<P>::Callback, v8::WeakCallbackType) [with P = node::ObjectWrap; T = v8::Object; typename v8::WeakCallbackInfo<P>::Callback = void (*)(const v8::WeakCallbackInfo<node::ObjectWrap>&)]’:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node_object_wrap.h:85:78:   required from here
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:9502:16: warning: cast between incompatible function types from ‘v8::WeakCallbackInfo<node::ObjectWrap>::Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<node::ObjectWrap>&)’} to ‘Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<void>&)’} [-Wcast-function-type]
                reinterpret_cast<Callback>(callback), type);
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h: In instantiation of ‘void v8::PersistentBase<T>::SetWeak(P*, typename v8::WeakCallbackInfo<P>::Callback, v8::WeakCallbackType) [with P = Nan::ObjectWrap; T = v8::Object; typename v8::WeakCallbackInfo<P>::Callback = void (*)(const v8::WeakCallbackInfo<Nan::ObjectWrap>&)]’:
../../../../nan/nan_object_wrap.h:65:61:   required from here
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:9502:16: warning: cast between incompatible function types from ‘v8::WeakCallbackInfo<Nan::ObjectWrap>::Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<Nan::ObjectWrap>&)’} to ‘Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<void>&)’} [-Wcast-function-type]
make: *** [binding.target.mk:103: Release/obj.target/binding/src/BluetoothHciSocket.o] Fout 1
make: Map '/home/jurgen/node_modules/bleno/node_modules/bluetooth-hci-socket/build' wordt verlaten
gyp ERR! build error 
gyp ERR! stack Error: `make` failed with exit code: 2
gyp ERR! stack     at ChildProcess.onExit (/usr/local/lib/node_modules/npm/node_modules/node-gyp/lib/build.js:196:23)
gyp ERR! stack     at ChildProcess.emit (events.js:189:13)
gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:248:12)
gyp ERR! System Linux 5.0.0-21-generic
gyp ERR! command "/usr/bin/node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /home/jurgen/node_modules/bleno/node_modules/bluetooth-hci-socket
gyp ERR! node -v v10.15.2
gyp ERR! node-gyp -v v5.0.3
gyp ERR! not ok 

> [email protected] install /home/jurgen/node_modules/noble/node_modules/bluetooth-hci-socket
> node-gyp rebuild

make: Map '/home/jurgen/node_modules/noble/node_modules/bluetooth-hci-socket/build' wordt binnengegaan
  CXX(target) Release/obj.target/binding/src/BluetoothHciSocket.o
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h: In function ‘void Nan::AsyncQueueWorker(Nan::AsyncWorker*)’:
../../../../nan/nan.h:2298:62: warning: cast between incompatible function types from ‘void (*)(uv_work_t*)’ {aka ‘void (*)(uv_work_s*)’} to ‘uv_after_work_cb’ {aka ‘void (*)(uv_work_s*, int)’} [-Wcast-function-type]
     , reinterpret_cast<uv_after_work_cb>(AsyncExecuteComplete)
                                                              ^
../src/BluetoothHciSocket.cpp: In member function ‘void BluetoothHciSocket::poll()’:
../src/BluetoothHciSocket.cpp:251:95: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
     Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                               ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:251:95: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
     Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                               ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp: In member function ‘void BluetoothHciSocket::emitErrnoError()’:
../src/BluetoothHciSocket.cpp:275:72: error: no matching function for call to ‘v8::Function::NewInstance(int, v8::Local<v8::Value> [1])’
   Local<Value> error = errorConstructor->NewInstance(1, constructorArgs);
                                                                        ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3993:44: note: candidate: ‘v8::MaybeLocal<v8::Object> v8::Function::NewInstance(v8::Local<v8::Context>, int, v8::Local<v8::Value>*) const’
   V8_WARN_UNUSED_RESULT MaybeLocal<Object> NewInstance(
                                            ^~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3993:44: note:   candidate expects 3 arguments, 2 provided
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3996:44: note: candidate: ‘v8::MaybeLocal<v8::Object> v8::Function::NewInstance(v8::Local<v8::Context>) const’
   V8_WARN_UNUSED_RESULT MaybeLocal<Object> NewInstance(
                                            ^~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3996:44: note:   candidate expects 1 argument, 2 provided
../src/BluetoothHciSocket.cpp:282:93: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
   Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                             ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:282:93: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
   Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                             ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp: In static member function ‘static Nan::NAN_METHOD_RETURN_TYPE BluetoothHciSocket::BindRaw(Nan::NAN_METHOD_ARGS_TYPE)’:
../src/BluetoothHciSocket.cpp:395:34: warning: ‘int64_t v8::Value::IntegerValue() const’ is deprecated: Use maybe version [-Wdeprecated-declarations]
       devId = arg0->IntegerValue();
                                  ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:26,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:2476:46: note: declared here
   V8_DEPRECATED("Use maybe version", int64_t IntegerValue() const);
                                              ^~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8config.h:324:3: note: in definition of macro ‘V8_DEPRECATED’
   declarator __attribute__((deprecated(message)))
   ^~~~~~~~~~
../src/BluetoothHciSocket.cpp: In static member function ‘static Nan::NAN_METHOD_RETURN_TYPE BluetoothHciSocket::BindUser(Nan::NAN_METHOD_ARGS_TYPE)’:
../src/BluetoothHciSocket.cpp:417:34: warning: ‘int64_t v8::Value::IntegerValue() const’ is deprecated: Use maybe version [-Wdeprecated-declarations]
       devId = arg0->IntegerValue();
                                  ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:26,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:2476:46: note: declared here
   V8_DEPRECATED("Use maybe version", int64_t IntegerValue() const);
                                              ^~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8config.h:324:3: note: in definition of macro ‘V8_DEPRECATED’
   declarator __attribute__((deprecated(message)))
   ^~~~~~~~~~
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
../src/BluetoothHciSocket.cpp: At global scope:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:570:43: warning: cast between incompatible function types from ‘void (*)(Nan::ADDON_REGISTER_FUNCTION_ARGS_TYPE)’ {aka ‘void (*)(v8::Local<v8::Object>)’} to ‘node::addon_register_func’ {aka ‘void (*)(v8::Local<v8::Object>, v8::Local<v8::Value>, void*)’} [-Wcast-function-type]
       (node::addon_register_func) (regfunc),                          \
                                           ^
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:604:3: note: in expansion of macro ‘NODE_MODULE_X’
   NODE_MODULE_X(modname, regfunc, NULL, 0)  // NOLINT (readability/null_usage)
   ^~~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:499:1: note: in expansion of macro ‘NODE_MODULE’
 NODE_MODULE(binding, BluetoothHciSocket::Init);
 ^~~~~~~~~~~
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h: In instantiation of ‘void v8::PersistentBase<T>::SetWeak(P*, typename v8::WeakCallbackInfo<P>::Callback, v8::WeakCallbackType) [with P = node::ObjectWrap; T = v8::Object; typename v8::WeakCallbackInfo<P>::Callback = void (*)(const v8::WeakCallbackInfo<node::ObjectWrap>&)]’:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node_object_wrap.h:85:78:   required from here
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:9502:16: warning: cast between incompatible function types from ‘v8::WeakCallbackInfo<node::ObjectWrap>::Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<node::ObjectWrap>&)’} to ‘Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<void>&)’} [-Wcast-function-type]
                reinterpret_cast<Callback>(callback), type);
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h: In instantiation of ‘void v8::PersistentBase<T>::SetWeak(P*, typename v8::WeakCallbackInfo<P>::Callback, v8::WeakCallbackType) [with P = Nan::ObjectWrap; T = v8::Object; typename v8::WeakCallbackInfo<P>::Callback = void (*)(const v8::WeakCallbackInfo<Nan::ObjectWrap>&)]’:
../../../../nan/nan_object_wrap.h:65:61:   required from here
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:9502:16: warning: cast between incompatible function types from ‘v8::WeakCallbackInfo<Nan::ObjectWrap>::Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<Nan::ObjectWrap>&)’} to ‘Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<void>&)’} [-Wcast-function-type]
make: *** [binding.target.mk:103: Release/obj.target/binding/src/BluetoothHciSocket.o] Fout 1
make: Map '/home/jurgen/node_modules/noble/node_modules/bluetooth-hci-socket/build' wordt verlaten
gyp ERR! build error 
gyp ERR! stack Error: `make` failed with exit code: 2
gyp ERR! stack     at ChildProcess.onExit (/usr/local/lib/node_modules/npm/node_modules/node-gyp/lib/build.js:196:23)
gyp ERR! stack     at ChildProcess.emit (events.js:189:13)
gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:248:12)
gyp ERR! System Linux 5.0.0-21-generic
gyp ERR! command "/usr/bin/node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /home/jurgen/node_modules/noble/node_modules/bluetooth-hci-socket
gyp ERR! node -v v10.15.2
gyp ERR! node-gyp -v v5.0.3
gyp ERR! not ok 

> [email protected] install /home/jurgen/node_modules/bluetooth-hci-socket
> node-gyp rebuild

make: Map '/home/jurgen/node_modules/bluetooth-hci-socket/build' wordt binnengegaan
  CXX(target) Release/obj.target/binding/src/BluetoothHciSocket.o
In file included from ../src/BluetoothHciSocket.cpp:8:
../../nan/nan.h: In function ‘void Nan::AsyncQueueWorker(Nan::AsyncWorker*)’:
../../nan/nan.h:2298:62: warning: cast between incompatible function types from ‘void (*)(uv_work_t*)’ {aka ‘void (*)(uv_work_s*)’} to ‘uv_after_work_cb’ {aka ‘void (*)(uv_work_s*, int)’} [-Wcast-function-type]
     , reinterpret_cast<uv_after_work_cb>(AsyncExecuteComplete)
                                                              ^
../src/BluetoothHciSocket.cpp: In member function ‘void BluetoothHciSocket::poll()’:
../src/BluetoothHciSocket.cpp:234:95: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
     Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                               ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:234:95: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
     Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                               ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp: In member function ‘void BluetoothHciSocket::emitErrnoError()’:
../src/BluetoothHciSocket.cpp:258:72: error: no matching function for call to ‘v8::Function::NewInstance(int, v8::Local<v8::Value> [1])’
   Local<Value> error = errorConstructor->NewInstance(1, constructorArgs);
                                                                        ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3993:44: note: candidate: ‘v8::MaybeLocal<v8::Object> v8::Function::NewInstance(v8::Local<v8::Context>, int, v8::Local<v8::Value>*) const’
   V8_WARN_UNUSED_RESULT MaybeLocal<Object> NewInstance(
                                            ^~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3993:44: note:   candidate expects 3 arguments, 2 provided
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3996:44: note: candidate: ‘v8::MaybeLocal<v8::Object> v8::Function::NewInstance(v8::Local<v8::Context>) const’
   V8_WARN_UNUSED_RESULT MaybeLocal<Object> NewInstance(
                                            ^~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:3996:44: note:   candidate expects 1 argument, 2 provided
../src/BluetoothHciSocket.cpp:265:93: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
   Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                             ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:265:93: warning: ‘v8::Local<v8::Value> Nan::MakeCallback(v8::Local<v8::Object>, v8::Local<v8::String>, int, v8::Local<v8::Value>*)’ is deprecated [-Wdeprecated-declarations]
   Nan::MakeCallback(Nan::New<Object>(this->This), Nan::New("emit").ToLocalChecked(), 2, argv);
                                                                                             ^
In file included from ../src/BluetoothHciSocket.cpp:8:
../../nan/nan.h:1045:46: note: declared here
   NAN_DEPRECATED inline v8::Local<v8::Value> MakeCallback(
                                              ^~~~~~~~~~~~
../src/BluetoothHciSocket.cpp: In static member function ‘static Nan::NAN_METHOD_RETURN_TYPE BluetoothHciSocket::BindRaw(Nan::NAN_METHOD_ARGS_TYPE)’:
../src/BluetoothHciSocket.cpp:377:34: warning: ‘int64_t v8::Value::IntegerValue() const’ is deprecated: Use maybe version [-Wdeprecated-declarations]
       devId = arg0->IntegerValue();
                                  ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:26,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:2476:46: note: declared here
   V8_DEPRECATED("Use maybe version", int64_t IntegerValue() const);
                                              ^~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8config.h:324:3: note: in definition of macro ‘V8_DEPRECATED’
   declarator __attribute__((deprecated(message)))
   ^~~~~~~~~~
../src/BluetoothHciSocket.cpp: In static member function ‘static Nan::NAN_METHOD_RETURN_TYPE BluetoothHciSocket::BindUser(Nan::NAN_METHOD_ARGS_TYPE)’:
../src/BluetoothHciSocket.cpp:399:34: warning: ‘int64_t v8::Value::IntegerValue() const’ is deprecated: Use maybe version [-Wdeprecated-declarations]
       devId = arg0->IntegerValue();
                                  ^
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:26,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:2476:46: note: declared here
   V8_DEPRECATED("Use maybe version", int64_t IntegerValue() const);
                                              ^~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8config.h:324:3: note: in definition of macro ‘V8_DEPRECATED’
   declarator __attribute__((deprecated(message)))
   ^~~~~~~~~~
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
../src/BluetoothHciSocket.cpp: At global scope:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:570:43: warning: cast between incompatible function types from ‘void (*)(Nan::ADDON_REGISTER_FUNCTION_ARGS_TYPE)’ {aka ‘void (*)(v8::Local<v8::Object>)’} to ‘node::addon_register_func’ {aka ‘void (*)(v8::Local<v8::Object>, v8::Local<v8::Value>, void*)’} [-Wcast-function-type]
       (node::addon_register_func) (regfunc),                          \
                                           ^
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:604:3: note: in expansion of macro ‘NODE_MODULE_X’
   NODE_MODULE_X(modname, regfunc, NULL, 0)  // NOLINT (readability/null_usage)
   ^~~~~~~~~~~~~
../src/BluetoothHciSocket.cpp:481:1: note: in expansion of macro ‘NODE_MODULE’
 NODE_MODULE(binding, BluetoothHciSocket::Init);
 ^~~~~~~~~~~
In file included from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node.h:63,
                 from /home/jurgen/.cache/node-gyp/10.15.2/include/node/node_buffer.h:25,
                 from ../src/BluetoothHciSocket.cpp:7:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h: In instantiation of ‘void v8::PersistentBase<T>::SetWeak(P*, typename v8::WeakCallbackInfo<P>::Callback, v8::WeakCallbackType) [with P = node::ObjectWrap; T = v8::Object; typename v8::WeakCallbackInfo<P>::Callback = void (*)(const v8::WeakCallbackInfo<node::ObjectWrap>&)]’:
/home/jurgen/.cache/node-gyp/10.15.2/include/node/node_object_wrap.h:85:78:   required from here
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:9502:16: warning: cast between incompatible function types from ‘v8::WeakCallbackInfo<node::ObjectWrap>::Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<node::ObjectWrap>&)’} to ‘Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<void>&)’} [-Wcast-function-type]
                reinterpret_cast<Callback>(callback), type);
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h: In instantiation of ‘void v8::PersistentBase<T>::SetWeak(P*, typename v8::WeakCallbackInfo<P>::Callback, v8::WeakCallbackType) [with P = Nan::ObjectWrap; T = v8::Object; typename v8::WeakCallbackInfo<P>::Callback = void (*)(const v8::WeakCallbackInfo<Nan::ObjectWrap>&)]’:
../../nan/nan_object_wrap.h:65:61:   required from here
/home/jurgen/.cache/node-gyp/10.15.2/include/node/v8.h:9502:16: warning: cast between incompatible function types from ‘v8::WeakCallbackInfo<Nan::ObjectWrap>::Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<Nan::ObjectWrap>&)’} to ‘Callback’ {aka ‘void (*)(const v8::WeakCallbackInfo<void>&)’} [-Wcast-function-type]
make: *** [binding.target.mk:103: Release/obj.target/binding/src/BluetoothHciSocket.o] Fout 1
make: Map '/home/jurgen/node_modules/bluetooth-hci-socket/build' wordt verlaten
gyp ERR! build error 
gyp ERR! stack Error: `make` failed with exit code: 2
gyp ERR! stack     at ChildProcess.onExit (/usr/local/lib/node_modules/npm/node_modules/node-gyp/lib/build.js:196:23)
gyp ERR! stack     at ChildProcess.emit (events.js:189:13)
gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:248:12)
gyp ERR! System Linux 5.0.0-21-generic
gyp ERR! command "/usr/bin/node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /home/jurgen/node_modules/bluetooth-hci-socket
gyp ERR! node -v v10.15.2
gyp ERR! node-gyp -v v5.0.3
gyp ERR! not ok 
npm WARN enoent ENOENT: no such file or directory, open '/home/jurgen/package.json'
npm WARN jurgen No description
npm WARN jurgen No repository field.
npm WARN jurgen No README data
npm WARN jurgen No license field.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/xpc-connection):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/bleno/node_modules/bluetooth-hci-socket):
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] install: `node-gyp rebuild`
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: Exit status 1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/noble/node_modules/bluetooth-hci-socket):
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] install: `node-gyp rebuild`
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: Exit status 1

npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] install: `node-gyp rebuild`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the [email protected] install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/jurgen/.npm/_logs/2019-08-05T07_19_08_990Z-debug.log
jurgen@lilsis:~/git/h4bcm_wireshark_dissector/build$ gedit /home/jurgen/.npm/_logs/2019-08-05T07_19_08_990Z-debug.log

Can't change bluetooth MAC address..(Can't write new address)

Hi, I want to do MAC cloning.
but, The following error occurs during the change bluetooth MAC address...
plz help..

//not running ws-slave.js

root@kali:~/gattacker# systemctl stop bluetooth
root@kali:~/gattacker# ./mac_adv -a devices/e0e3cf837850_.adv.json -s devices/e0e3cf837850.srv.json
Advertise with cloned MAC address
Manufacturer:   Cambridge Silicon Radio (10)
Device address: 00:1F:81:00:02:DD
New BD address: E0:E3:CF:83:78:50

Can't write new address
Re-plug the interface and hit enter

root@kali:~/gattacker# node -v
v8.14.0

TypeError on scanning if the EIR is empty

Here is a issue report.

Description:
- When I scan broadcasted advertisements, node crashes in utils.js if the EIR is empty.
- I think that device can support both classic and BLE, but I'm not sure (because I'm not the owner).
- According to the specification, the EIR could be empty. (See the footnote)
Solution:
- I checked utils.js and fix it with the following patch, and it works.
Version:
- current version (git clone)
OS:
- Ubuntu 16.04 LTS (on Virtual Box)
Here is the console logs:

$ sudo node ws-slave.js
GATTacker ws-slave
ws -> connection
ws -> send: {"type":"stateChange","state":"poweredOn"}
ws -> message: {"action":"startScanning"}
ws -> send: {"type":"startScanning"}
ws -> send: {"type":"discover","peripheralId":"00e04cd5ddf8","address":"00:e0:4c:d5:dd:f8","addressType":"public","connectable":true,"advertisement":{"serviceUuids":[],"manufacturerData":null,"serviceData":"","eir":"","scanResponse":null},"rssi":-78}
ws -> close
ws -> send: {"type":"stopScanning"}

$ node scan.js
Ws-slave address: 127.0.0.1
on open
poweredOn
Start scanning.
/home/iotsec/node_modules/gattacker/lib/utils.js:105
                      eir: advertisement.eir.toString('hex'),
                                            ^

TypeError: Cannot read property 'toString' of null
    at /home/iotsec/node_modules/gattacker/lib/utils.js:105:45
    at /home/iotsec/node_modules/gattacker/lib/utils.js:87:7
    at f (/home/iotsec/node_modules/once/once.js:25:25)
    at Glob.<anonymous> (/home/iotsec/node_modules/glob/glob.js:151:7)
    at emitOne (events.js:96:13)
    at Glob.emit (events.js:188:7)
    at Glob._finish (/home/iotsec/node_modules/glob/glob.js:199:8)
    at done (/home/iotsec/node_modules/glob/glob.js:184:14)
    at Glob._processReaddir2 (/home/iotsec/node_modules/glob/glob.js:410:12)
    at /home/iotsec/node_modules/glob/glob.js:373:17

Here is the patch:

diff --git a/lib/utils.js b/lib/utils.js
index f8d67ad..49b84be 100644
--- a/lib/utils.js
+++ b/lib/utils.js
@@ -102,7 +102,7 @@ function saveAdvertisement(peripheralId, address, addressType, connectable, adve
         //keep buffers as hex strings (by default buffers stringify unreadable into json)
         advToJson = {
                       id: peripheralId,
-                      eir: advertisement.eir.toString('hex'),
+                      eir: advertisement.eir ? advertisement.eir.toString('hex') : '',
                       scanResponse: advertisement.scanResponse ? advertisement.scanResponse.toString('hex') : null,
                       decodedNonEditable : {
                         localName: advertisement.localName ? advertisement.localName : '',

Reference
- BLUETOOTH SPECIFICATION Version 4.2 [Vol 2, Part B] page 172
  - 8.4.3 Inquiry Response Substate

If the slave's extended inquiry response data is all zeroes the slave shall only return an FHS packet with the EIR bit set to zero.

bleno and noble

Why are bleno and noble packages kept in lib dir? Are they modified somehow?
If not then I want to suggest adding them package.json as dependencies.

missing entire GattProfil (missing Device Information and Custom Service)

I tried an MitM against my Smartlock(out of band), but I get an error :/ Also tried with different targets……… but same result

Gatt Profile without MitM

Gatt Profile with MitM

Unsupported manufacturer spooftooph

Hi i was trying spooftooph and i got this:

Unsupported manufacturer
Manufacturer: Intel Corp. (2)
Device address:obv i wont put it

So i just want to know is this a problem of hardware and i cant do nothing or i installed something wrong.

Can't establish connection after advertise.js shows INITIALIZED

Hi,
I'm having problems using GATTacker.
Starting the ws-slave works, as well as scanning, but the advertise.js causes some problems.
It connects to the victim-device and shows INITIALIZED and the clones device shows up (on my phone).
But when I want to connect it wont work (console shows "client connected" and "client disconnected" at the same time).
I'm using Linux Mint 17.2 with 4.4.0 kernel and BlueZ 5.41.

ws-slave log:

GATTacker ws-slave
ws -> connection
ws -> send: {"type":"stateChange","state":"poweredOn"}
ws -> message: {"action":"macAddress"}
ws -> send: {"type":"macAddress","macAddress":"01:23:45:67:89:ab"}
ws -> message: {"action":"initialize","peripheralId":"001a7dda7110","servicesJsonData":[{"uuid":"1800","name":"Generic Access","type":"org.bluetooth.service.generic_access","startHandle":1,"endHandle":5,"characteristics":[{"uuid":"2a00","name":"Device Name","properties":["read"],"value":"42616420454e495341204c6f636b","descriptors":[],"startHandle":2,"valueHandle":3,"asciiValue":"Bad ENISA Lock"},{"uuid":"2a01","name":"Appearance","properties":["read"],"value":"8000","descriptors":[],"startHandle":4,"valueHandle":5,"asciiValue":"  "}]},{"uuid":"1801","name":"Generic Attribute","type":"org.bluetooth.service.generic_attribute","startHandle":6,"endHandle":9,"characteristics":[{"uuid":"2a05","name":"Service Changed","properties":["indicate"],"value":"","descriptors":[{"handle":9,"uuid":"2902","value":""}],"startHandle":7,"valueHandle":8}]},{"uuid":"e015","name":null,"type":null,"startHandle":10,"endHandle":16,"characteristics":[{"uuid":"e016","name":null,"properties":["read","write","notify"],"value":"4c6f636b206973206e6f7720436c6f736564","descriptors":[{"handle":13,"uuid":"2902","value":""},{"handle":14,"uuid":"e026","value":""}],"startHandle":11,"valueHandle":12,"asciiValue":"Lock is now Closed"},{"uuid":"e017","name":null,"properties":["write"],"value":"","descriptors":[],"startHandle":15,"valueHandle":16}]}],"keepConnected":true}
ws -> send: {"type":"initializeStatus","peripheralId":"001a7dda7110","status":"JSON services received"}
ws -> send: {"type":"initializeStatus","peripheralId":"001a7dda7110","status":"start scanning for target peripheral"}
ws -> message: {"action":"macAddress"}
ws -> send: {"type":"macAddress","macAddress":"01:23:45:67:89:ab"}
ws -> send: {"type":"startScanning"}
ws -> send: {"type":"discover","peripheralId":"a0edcdedd8fd","address":"a0:ed:cd:ed:d8:fd","addressType":"public","connectable":true,"advertisement":{"serviceUuids":[],"manufacturerData":"4c0009060301c0a802dd","serviceData":"","eir":"02011a0bff4c0009060301c0a802dd","scanResponse":""},"rssi":-54}
ws -> send: {"type":"discover","peripheralId":"80e650ea4699","address":"80:e6:50:ea:46:99","addressType":"public","connectable":true,"advertisement":{"serviceUuids":[],"manufacturerData":"4c0009060301c0a802fa","serviceData":"","eir":"02011a0bff4c0009060301c0a802fa","scanResponse":""},"rssi":-78}
ws -> send: {"type":"discover","peripheralId":"a0edcde70487","address":"a0:ed:cd:e7:04:87","addressType":"public","connectable":true,"advertisement":{"serviceUuids":[],"manufacturerData":"4c0009060301c0a802b7","serviceData":"","eir":"02011a0bff4c0009060301c0a802b7","scanResponse":""},"rssi":-58}
ws -> send: {"type":"discover","peripheralId":"c80f10276814","address":"c8:0f:10:27:68:14","addressType":"public","connectable":true,"advertisement":{"localName":"MI1S","serviceUuids":["fee0","fee7"],"manufacturerData":"57010055d8807af55e8e433301eada7cf4d5de01c80f10276814","serviceData":"[object Object]","eir":"0201061bff57010055d8807af55e8e433301eada7cf4d5de01c80f10276814","scanResponse":"05094d4931530502e0fee7fe0716e0fe00000000"},"rssi":-72}
ws -> send: {"type":"initializeStatus","peripheralId":"001a7dda7110","status":"target peripheral discovered, trying to connect..."}
ws -> send: {"type":"discover","peripheralId":"001a7dda7110","address":"00:1a:7d:da:71:10","addressType":"public","connectable":true,"advertisement":{"localName":"Bad ENISA Lock","serviceUuids":["e015"],"manufacturerData":null,"serviceData":"","eir":"020106030315e0","scanResponse":"0f0842616420454e495341204c6f636b"},"rssi":-27}
ws -> send: {"type":"stopScanning"}
ws -> send: {"type":"initialized","peripheralId":"001a7dda7110"}
ws -> send: {"type":"connect","peripheralId":"001a7dda7110"}
ws -> send: {"type":"startScanning"}
ws -> message: {"action":"clientConnection","clientAddress":"2c:8a:72:61:91:98","state":true}
client connected : 2c:8a:72:61:91:98
ws -> message: {"action":"clientConnection","clientAddress":"2c:8a:72:61:91:98","state":false}
client disconnected : 2c:8a:72:61:91:98

advertise log:

Ws-slave address: 127.0.0.1
peripheralid: 001a7dda7110
advertisement file: devices/001a7dda7110_Bad-ENISA-Lock.adv.json
EIR: 020106030315e0
scanResponse: 0f0842616420454e495341204c6f636b
on open
poweredOn
Noble MAC address : 01:23:45:67:89:ab
BLENO - on -> stateChange: poweredOn
initialized !
Static - start advertising
      target device connected
on -> advertisingStart: success
setServices: success
 <<<<<<<<<<<<<<<< INITIALIZED >>>>>>>>>>>>>>>>>>>> 
Client connected: 2c:8a:72:61:91:98
Client disconnected: 2c:8a:72:61:91:98

hcidump (on the peripheral/bleno device):

HCI sniffer - Bluetooth packet analyzer ver 5.41
device: hci1 snap_len: 1500 filter: 0xffffffffffffffff
> HCI Event: LE Meta Event (0x3e) plen 19
    LE Connection Complete
      status 0x00 handle 69, role slave
      bdaddr 2C:8A:72:61:91:98 (Public)
< ACL data: handle 69 flags 0x00 dlen 16
    L2CAP(d): cid 0x0005 len 12 [psm 0]
> ACL data: handle 69 flags 0x02 dlen 11
    ATT: Read By Group req (0x10)
      start 0x0001, end 0xffff
      type-uuid 0x2800
> ACL data: handle 69 flags 0x02 dlen 10
    L2CAP(d): cid 0x0005 len 6 [psm 0]
> HCI Event: Number of Completed Packets (0x13) plen 5
    handle 69 packets 1
> HCI Event: Disconn Complete (0x05) plen 4
    status 0x00 handle 69 reason 0x13
    Reason: Remote User Terminated Connection
< HCI Command: Read RSSI (0x05|0x0005) plen 2
    handle 69
> HCI Event: Command Complete (0x0e) plen 7
    Read RSSI (0x05|0x0005) ncmd 1
    status 0x02 handle 69 rssi 0
    Error: Unknown Connection Identifier
< ACL data: handle 69 flags 0x00 dlen 24
    ATT: Read By Group resp (0x11)
      attr handle 0x0001, end group handle 0x0005
      value 0x00 0x18
      attr handle 0x0006, end group handle 0x0009
      value 0x01 0x18
      attr handle 0x000a, end group handle 0x0010
      value 0x15 0xe0
< HCI Command: LE Set Advertise Enable (0x08|0x000a) plen 1
> HCI Event: Command Complete (0x0e) plen 4
    LE Set Advertise Enable (0x08|0x000a) ncmd 1
    status 0x00

Thanks for any help!
TheClown

TypeError on connecting a target device because subscriptions is null

Here is a issue report.

Description:
- When advertise.js connects a target devices, node crashes because the subscriptions is null.
- I'm not sure that I followed proper steps to set up.
  - What kind of timing should I operate to call the onSubscribe event before notify is called ?
  - Is this correct behavior for any devices?
- Hook function is not defined.
Workaround:
- To check if subscriptions is null in advertise.js, but this is just workaround.
Version: current version (git clone)
OS: Ubuntu 16.04 LTS (on Virtual Box)
Here is the console logs:

$ sudo node ws-slave.js 
GATTacker ws-slave
ws -> connection
ws -> send: {"type":"stateChange","state":"poweredOn"}
ws -> message: {"action":"macAddress"}
ws -> send: {"type":"macAddress","macAddress":"00:1a:7d:da:71:13"}
ws -> message: {"action":"initialize","peripheralId":"b4994c3a2823","servicesJsonData":[{"uuid":"1800","name":"Generic Access","type":"org.bluetooth.service.generic_access","startHandle":1,"endHandle":11,"characteristics":[{"uuid":"2a00","name":"Device Name","properties":["read"],"value":"53656e736547697a2d46494e4439313936","descriptors":[],"startHandle":2,"valueHandle":3,"asciiValue":"SenseGiz-FIND9196"},{"uuid":"2a01","name":"Appearance","properties":["read"],"value":"0000","descriptors":[],"startHandle":4,"valueHandle":5,"asciiValue":"  "},{"uuid":"2a02","name":"Peripheral Privacy Flag","properties":["read","write"],"value":"00","descriptors":[],"startHandle":6,"valueHandle":7,"asciiValue":" "},{"uuid":"2a03","name":"Reconnection Address","properties":["write"],"value":"","descriptors":[],"startHandle":8,"valueHandle":9},{"uuid":"2a04","name":"Peripheral Preferred Connection Parameters","properties":["read"],"value":"5000a0000000e803","descriptors":[],"startHandle":10,"valueHandle":11,"asciiValue":"P       "}]},{"uuid":"1801","name":"Generic Attribute","type":"org.bluetooth.service.generic_attribute","startHandle":12,"endHandle":15,"characteristics":[{"uuid":"2a05","name":"Service Changed","properties":["indicate"],"value":"","descriptors":[{"handle":15,"uuid":"2902","value":""}],"startHandle":13,"valueHandle":14}]},{"uuid":"180a","name":"Device Information","type":"org.bluetooth.service.device_information","startHandle":16,"endHandle":34,"characteristics":[{"uuid":"2a23","name":"System ID","properties":["read"],"value":"23283a00004c99b4","descriptors":[],"startHandle":17,"valueHandle":18,"asciiValue":"#(:  L  "},{"uuid":"2a24","name":"Model Number String","properties":["read"],"value":"00","descriptors":[],"startHandle":19,"valueHandle":20,"asciiValue":" "},{"uuid":"2a25","name":"Serial Number String","properties":["read"],"value":"46696e64203931393600","descriptors":[],"startHandle":21,"valueHandle":22,"asciiValue":"Find 9196 "},{"uuid":"2a26","name":"Firmware Revision String","properties":["read"],"value":"312e3000","descriptors":[],"startHandle":23,"valueHandle":24,"asciiValue":"1.0 "},{"uuid":"2a27","name":"Hardware Revision String","properties":["read"],"value":"302e3900","descriptors":[],"startHandle":25,"valueHandle":26,"asciiValue":"0.9 "},{"uuid":"2a28","name":"Software Revision String","properties":["read"],"value":"312e3000","descriptors":[],"startHandle":27,"valueHandle":28,"asciiValue":"1.0 "},{"uuid":"2a29","name":"Manufacturer Name String","properties":["read"],"value":"53656e736547697a00","descriptors":[],"startHandle":29,"valueHandle":30,"asciiValue":"SenseGiz "},{"uuid":"2a2a","name":"IEEE 11073-20601 Regulatory Certification Data List","properties":["read"],"value":"fe006578706572696d656e74616c","descriptors":[],"startHandle":31,"valueHandle":32,"asciiValue":"  experimental"},{"uuid":"2a50","name":"PnP ID","properties":["read"],"value":"010d0000001001","descriptors":[],"startHandle":33,"valueHandle":34,"asciiValue":"       "}]},{"uuid":"1803","name":"Link Loss","type":"org.bluetooth.service.link_loss","startHandle":35,"endHandle":37,"characteristics":[{"uuid":"2a06","name":"Alert Level","properties":["read","write"],"value":"00","descriptors":[],"startHandle":36,"valueHandle":37,"asciiValue":" "}]},{"uuid":"1802","name":"Immediate Alert","type":"org.bluetooth.service.immediate_alert","startHandle":38,"endHandle":40,"characteristics":[{"uuid":"2a06","name":"Alert Level","properties":["writeWithoutResponse"],"value":"","descriptors":[],"startHandle":39,"valueHandle":40}]},{"uuid":"1804","name":"Tx Power","type":"org.bluetooth.service.tx_power","startHandle":41,"endHandle":44,"characteristics":[{"uuid":"2a07","name":"Tx Power Level","properties":["read","notify"],"value":"00","descriptors":[{"handle":44,"uuid":"2902","value":""}],"startHandle":42,"valueHandle":43,"asciiValue":" "}]},{"uuid":"180f","name":"Battery Service","type":"org.bluetooth.service.battery_service","startHandle":45,"endHandle":49,"characteristics":[{"uuid":"2a19","name":"Battery Level","properties":["read","notify"],"value":"10","descriptors":[{"handle":48,"uuid":"2902","value":""},{"handle":49,"uuid":"2908","value":""}],"startHandle":46,"valueHandle":47,"asciiValue":" ","hooks":{"dynamicWrite":"hookDynamicWrite","dynamicNotify":"hookDynamicNotify"}}]},{"uuid":"f000ffc004514000b000000000000000","name":null,"type":null,"startHandle":50,"endHandle":65535,"characteristics":[{"uuid":"f000ffc104514000b000000000000000","name":null,"properties":["writeWithoutResponse","write","notify"],"value":"","descriptors":[{"handle":54,"uuid":"2901","value":"Img Identify"},{"handle":53,"uuid":"2902","value":""}],"startHandle":51,"valueHandle":52},{"uuid":"f000ffc204514000b000000000000000","name":null,"properties":["writeWithoutResponse","write","notify"],"value":"","descriptors":[{"handle":58,"uuid":"2901","value":"Img Block"},{"handle":57,"uuid":"2902","value":""}],"startHandle":55,"valueHandle":56}]}],"keepConnected":true}
ws -> send: {"type":"initializeStatus","peripheralId":"b4994c3a2823","status":"JSON services received"}
ws -> send: {"type":"initializeStatus","peripheralId":"b4994c3a2823","status":"start scanning for target peripheral"}
ws -> message: {"action":"macAddress"}
ws -> send: {"type":"macAddress","macAddress":"00:1a:7d:da:71:13"}
ws -> send: {"type":"startScanning"}
ws -> send: {"type":"stopScanning"}
noble: unknown peripheral b4994c3a2823 connected!
noble: unknown peripheral b4994c3a2823 handle notify!
ws -> send: {"type":"read","peripheralId":"b4994c3a2823","serviceUuid":"180f","characteristicUuid":"2a19","data":"54","isNotification":true}
noble: unknown peripheral b4994c3a2823 disconnected!
ws -> close
ws -> send: {"type":"stopScanning"}

$ sudo node advertise.js -a devices/b4994c3a2823.adv.json
Ws-slave address: 127.0.0.1
peripheralid: b4994c3a2823
advertisement file: devices/b4994c3a2823.adv.json
EIR: 0201060702031802180418
scanResponse: 120953656e736547697a2d46494e4439313936020a00
on open
poweredOn
Noble MAC address : 00:1a:7d:da:71:13
BLENO - on -> stateChange: poweredOn

<< Notify: 180f (Battery Service) -> 2a19 (Battery Level ) : 54 (T)
/home/iotsec/node_modules/gattacker/advertise.js:254
              subscriptions[serviceUuid][uuid](modifiedData);          
                                        ^

TypeError: Cannot read property '2a19' of undefined
    at /home/iotsec/node_modules/gattacker/advertise.js:254:41
    at Object.hookDynamicNotify (/home/iotsec/node_modules/gattacker/hookFunctions/find.js:32:2)
    at wsClient.<anonymous> (/home/iotsec/node_modules/gattacker/advertise.js:251:44)
    at emitMany (events.js:127:13)
    at wsClient.emit (events.js:201:7)
    at wsClient.onRead (/home/iotsec/node_modules/gattacker/lib/ws-client.js:201:10)
    at emitMany (events.js:127:13)
    at wsClient.emit (events.js:201:7)
    at wsClient.onMessage (/home/iotsec/node_modules/gattacker/lib/ws-client.js:141:10)
    at emitTwo (events.js:106:13)

Here is the patch:

diff --git a/advertise.js b/advertise.js
index aec4ca0..3f9bf39 100644
--- a/advertise.js
+++ b/advertise.js
@@ -250,7 +250,9 @@ wsclient.on('notification', function(peripheralId, serviceUuid, uuid, data) {
           hookFunctions[hook.dynamicNotify](peripheralId, serviceUuid, uuid, 'notify', data , wsclient, function(err, modifiedData){
             if (modifiedData) {
               console.log('<< Notify DATA hook                                                             : '.yellow + modifiedData.toString('hex').yellow.inverse + ' (' + utils.hex2a(modifiedData.toString('hex'))+ ')');
-              subscriptions[serviceUuid][uuid](modifiedData);              
+              if (subscriptions[serviceUuid] && subscriptions[serviceUuid][uuid]) {
+                  subscriptions[serviceUuid][uuid](modifiedData);
+              }
             } else {
               console.log('<< Notify DATA hook: '.yellow + 'intercept, not forwarding'.yellow);
             }

Can Gattacker send LTK encrypted command to a device?

Hi, I was trying to hack my BLE key card and I came across this great tool, but there're some questions I'd like to ask.

The key card connects to a smart phone with LTK encryption (Which I can crack with Crackle). Because the private key stored in the card regenerates every time the card is connected to a new phone, I will have to hack it without actually pairing with it.

So, the idea I came up is to spoof the real phone connected to the key card and try to get its key.
I think it was possible to achieve the spoofing part of my plan with Gattacker, but the problem is they uses LTK to encrypt their communications.
Is Gattacker available to send LTK encrypted packet if I know the LTK?

Unsupported manufacturer - Realtek Semiconductor Corporation (93) (TP-Link UB500)

Hi,
Is there any chance to add TP-Link UB500 to supported manufacturer?

Bug in ws-slave lets crash it when userDescriptorDescriptor gets read

Im running the current version of gattacker (git clone) on Kali-Linux.
When I try to get the service description of a device with userDescriptorDescriptor ws-slave crashes. I checked the async.detect() API and found that the crashing code does not follow the specification. It does not use the error argument. I tried to fix it with the following patch - and it works.

957c957
<                           return callback(descriptor.uuid === '2901');

---
>                           return callback(null, descriptor.uuid === '2901');
959c959
<                         function(userDescriptionDescriptor){

---
>                         function(error, userDescriptionDescriptor){

Here is the exception traceback:

/root/projects/gattacker/ws-slave.js:961
                            userDescriptionDescriptor.readValue(function(error, data) {
                                                      ^

TypeError: userDescriptionDescriptor.readValue is not a function
    at /root/projects/gattacker/ws-slave.js:961:55
    at /root/projects/gattacker/node_modules/async/dist/async.js:2736:29
    at /root/projects/gattacker/ws-slave.js:957:34
    at wrappedIteratee (/root/projects/gattacker/node_modules/async/dist/async.js:2733:17)
    at eachOfArrayLike (/root/projects/gattacker/node_modules/async/dist/async.js:1002:13)
    at eachOf (/root/projects/gattacker/node_modules/async/dist/async.js:1052:9)
    at Object.<anonymous> (/root/projects/gattacker/node_modules/async/dist/async.js:2753:17)
    at /root/projects/gattacker/ws-slave.js:954:29
    at Characteristic.<anonymous> (/root/projects/gattacker/lib/noble/lib/characteristic.js:115:7)
    at Characteristic.g (events.js:260:16)

how relay the ble

how replay the ble packet?

ps: sorry,my english is so poor！hh~

Issue in using Simulated BLE Peripheral

Hi
I have a scenario in which I am simulating a battery peripheral on an android device, using your tool for man in the middle attack and then connecting that peripheral using another android device using nrf connect. When gattacker is not used I am able to connect to the simulated peripheral while when using gattacker as MITM attack I am unable to connect to gattacker advertised peripheral. It just loads and does not connect.
I am using two linux virtual machines, device is cloned, initialized and notify is also working but with some default value which is not affected when it is changed from peripheral app
Kindly guide where i am missing something or doing wrong
I want to change values that are being transferred to receiving device

Peripheral Simulator app screenshot file, receiving device bluetooth log file (nrf connect app), terminal commands files are attached for reference. Advertisement and services files are also attached. Zip file was not being uploaded i had to rename bluetooth log file, advertisement and services files to txt files

BLE Simulator App Link: https://play.google.com/store/apps/details?id=io.github.webbluetoothcg.bletestperipheral

terminal commands.txt
ws-slave commands.txt
7b435a4df98a.srv.json.txt
7b435a4df98a_Lenovo-K5-Plus.adv.json.txt
btsnoop_hci(lgg2).log.txt

Your help in this regard will be a life saver for me!!!!!

Unable to initialize .adv & .srv

I've successfully collected the advertisement and service packets of my device with a contact tracing application active. I have also successfully changed the bdaddress of my bluetooth adapter. However, when I attempt to advertise.js or ./mac_adv, the process hangs at BLENO - on -> stateChange: poweredOn. The central output shows that it did attempt to initialize and scan for target peripherals, however, it does not finish scanning nor the initialization. In theory, when other devices with the contact tracing application active discovers such beacon, it will complete a handshake and return symmetric values. Anyone knows the reason to this issue?

Peripheral

Central (Slave)

adapter does not support Bluetooth Low Energy

nice project.
But,when i use CSR(Cambridge Silicon Radio CSR8510 ) adapter,noble warning: adapter does not support Bluetooth Low Energy (BLE, Bluetooth Smart).

DEBUG=ws-slave sudo node ws-slave
GATTacker ws-slave
noble warning: adapter does not support Bluetooth Low Energy (BLE, Bluetooth Smart).
               Try to run with environment variable:
               [sudo] NOBLE_HCI_DEVICE_ID=x node ...
ws -> connection
ws -> send: {"type":"stateChange","state":"unsupported"}
ws -> message: {"action":"stopScanning"}


node scan
Ws-slave address: 127.0.0.1
on open
unsupported

Which type adapter should i used? CC2540?
thanks!

Unsupported manufacturer

when i use mac_adv ,it return:

Unsupported manufacturer
Re-plug the interface and hit enter

what's wrong?
thank you for your help!

my manufacturer is:

Manufacturer: Intel Corp. (2)

that is mean this manufacturer is unsupport？

Specific BLE Device is Causing GATTacker (ws-slave) to Crash

Hello, I am very new to reverse engineering, BLE, node, javascript, linux, etc. I am attempting to MitM a specific BLE device (https://www.homedepot.com/p/Genie-Aladdin-Connect-Smartphone-Enabled-Garage-Door-Controller-to-open-and-monitor-your-door-from-anywhere-ALKT1-R/206268108).

I've already determined the device does not use authentication or encryption and sends its payload to the Master every 30 seconds using a Notify of the Battery Level characteristic. The value it puts in for the Battery Level handle is actually the application-layer data the Master needs.

Here's the problem: when I insert the battery so the device starts advertising- it actually crashes GATTacker. I am running the slave on a Kali VM within a regular Kali box that is acting as the master. GATTacker runs fine and see's the other BLE devices in the area and records their advertisements- but when I turn on the BLE device I want to clone- GATTacker crashes with "erros.RangeError('ERR_INDEC_OUT_OF_RANGE').

I am so new to this I do not even know where to begin troubleshooting. I've attached a screenshot so you can see how GATTacker was seeing other BLE devices, then crashed with the above-mentioned errors (it happens every time I turn on the BLE device). The left terminal in the screenshot is the VM acting as the slave, and the right terminal is the real box acting as the master (Im using 2 separate BLE dongles). Any help would be greatly appreciated. Thank you.

Scanner Shows powered off

Hi,
I am using two ubuntu (16.04) as my slave and master. When i am running node scan it shows my slave is powered off:

Also this is the response from my slave connection:

Would really appreciate any help. Thanks.