Spam BLE advertisements on iPhones!
iPhone 15s (latest) | Older iPhones |
---|---|
iphone_15.mp4 |
iphone_old.mp4 |
Based off of the work of ronaldstoner in the AppleJuice repository.
Also thanks to simondankelmann for their discoveries in new advertising messages to pop-up new notifications in iOS devices source
With the randomization optimizations it can render an iPhone almost useless with a single ESP32 (a new notification as soon as you close the old one).
Confirmed on:
- iPhone 15 (running iOS 17.1.2)
- iPhone 14 Pro Max (running iOS 17.2 b3) (See #19)
- iPhone 14 Pro (running iOS 16.6.1)
- iPhone 13 Pro (running iOS 17.4 (21E5184k))
- iPhone 11 (running iOS 16.6.1)
- iPhone X (running iOS 14.8 (18H17)) - only "AppleTV Keyboard", "TV Color Balance", "AppleTV Setup", "AppleTV Homekit Setup", "AppleTV New User".
- iPad Pro 11 (running iPadOS 17.3 (21D50))
Not working on:
- iPhone 4S (running iOS 10.3 (14E277))
Other observations:
- Doesn't seem to spawn notifications if Keyboard is open / Camera is open
Single ESP32 vs. iPhone 14 Pro @ iOS 16.6.1
applexd.mp4
This implementation makes the following changes:
- Random source MAC address (including
BLE_ADDR_TYPE_RANDOM
) - Randomly pick BLE Advertisement Type (this may lead to more success)
- Randomly pick one of the possible devices
- Sets the ESP32 BLE Power to the maximum (9dBm) to increase range
And it makes these random choices every time it runs (default re-advertise every second).
Given the 29 devices and the 3 advertisement types, there are a total of 87 unique possible advertisements (ignoring the random source MAC) possible, of which one is broadcast every second.
Clone the repo, and easiest would be to use VS Code w/ PlatformIO to upload it to your ESP32.
This project has been tested on an ESP32-C3 from AirM2M.
If you've setup the Arduino CLI, e.g. via https://wellys.com/posts/esp32_cli/ , then you can cd
into the src
folder, and run the following:
arduino-cli compile --fqbn esp32:esp32:esp32c6 EvilAppleJuice-ESP32-INO -v
arduino-cli upload -p COM4 --fqbn esp32:esp32:esp32c6 EvilAppleJuice-ESP32-INO -v
arduino-cli monitor -c baudrate=115200 -p COM4
Replace COM4
with the port the ESP32 is on, and esp32c6
with the appropriate board.
Some basic instructions are here: ckcr4lyf#42 (comment) , but if you're not a script kiddie you can probably figure it out.