This project focuses on utilizing the built-in Bluetooth Low Energy (BLE) functionality of Android smartphones to create Phantom Bluetooth Device Advertisements, similar to what is known, for instance, in the case of the Flipper Zero. While there are other apps available that provide similar functionality, the objective of this app is to enhance convenience and user-friendliness in the process.
NOTE: This project is in its early stages of development. Contributions from anyone are welcome. Therefore, the app is currently quite unreliable, and there isn't much we can do about it.
- Android 8.0 (API level 26) or later does not support IOS or PC
If you don't know your API level visit SDK Platform release notes. You also can view your Android version in the Info tab in settings.
This app is capable of spoofing BLE advertisers that mimic the usage of the Google Fast Pair Service, leading to an influx of unwanted pop-up notifications on the receiving device.
For additional information about the Google Fast Pair Service, you can find it here
This app can spoof BLE advertisers that mimic devices supporting the Microsoft Swift Pairing Service. If Swift Pair notifications are enabled on a nearby Windows 10 (or later) device, it will receive a flood of notifications regarding nearby devices.
For additional information about the Microsoft Swift Pair Service, you can find it here
With the Easy Setup functionality, the app is capable of generating Bluetooth Low Energy Advertisement Sets that will trigger popups on Samsung devices specifically.
This app can spoof various Apple devices via Bluetooth Low Energy, which can be detected by iOS devices, resulting in a flood of unwanted popups on the receiving iOS device.
By spoofing Bluetooth Low Energy advertisers, this app can prompt iOS devices to open unwanted modals and popups, imitating certain Apple-specific actions.
Utilizing this functionality, the app randomly generates BLE advertisement packages based on all other features. This leads to the highest number of affected devices in the vicinity.
Simply put, the range of Bluetooth Low Energy (BLE) can vary between devices; some may have a long range, while others may have a short range.
The official Bluetooth Low Energy API provided by Google's Android SDK allows you to set the TX Power level and include it in the advertiser's payload. However, it doesn't permit direct modification of the byte values actually transmitted in the payload. This limitation affects the range of the Fast Pair functionality. Receiving devices calculate the transmitter's proximity based on the actual received signal strength and the transmitted byte in the payload, which contains the TX Power level the transmitter used.
Devices like the Flipper Zero, however, have the capability to modify this byte, significantly extending their range.
You can clone the repository and open it in Android Studio to install the app, or simply use the installable APK files from the Release Section
If you're an end-user looking for a fully functional app, download the Release APK for optimal performance (simply go for this one). If you're a developer or tester, opt for the Debug APK for testing and debugging purposes.
-
mh from mobile-hacker.com for the Article / Guideline about using the nRF Connect App to Spoof iOS Devices
-
Willy-JL, ECTO-1A, Spooks4567,Mrproxy for their contribution in the BLE Spam App on the Flipper Zero
-
FuriousMAC and Hexway for their prior researches
-
And special thanks to anyone else who has been involved in prior research and publications related to this topic.
Disclaimer for Bluetooth Low Energy Protocol Investigation Repository
This repository contains code for the investigation and experimentation of the Bluetooth Low Energy (BLE) protocol. Please be aware of the following disclaimers before using or contributing to this repository:
-
Purpose: The code and information provided in this repository are intended for educational and research purposes and is just a proof of concept. It is not intended for any malicious or harmful activities.
-
Legal Compliance: Users are responsible for ensuring that their use of the code and information in this repository complies with all applicable laws and regulations, including those governing wireless communication and intellectual property rights.
-
No Warranty: The code and information provided in this repository are provided "as is" without any warranties, expressed or implied. The authors and contributors are not responsible for any consequences resulting from the use of this code.
-
Risks: Experimenting with BLE protocols can have potential security and privacy implications. Users should exercise caution and use this code responsibly, respecting the privacy and security of devices and systems.
-
Contribution Guidelines: If you contribute to this repository, ensure that your contributions comply with the project's goals and the repository's license. By contributing, you agree to license your contributions under the same license as this repository.
-
Support: This repository is not maintained for production use. The authors and contributors may not provide support or updates regularly.
By using and contributing to this repository, you agree to these disclaimers and guidelines. If you do not agree, please refrain from using or contributing to this repository.
For any questions or concerns, please contact the repository maintainers on Discord or Github.