/mirage

Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications.

Primary LanguagePythonMIT LicenseMIT

MIRAGE - 1.2

This framework is released as an opensource project using the MIT License.

Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications. It currently provides :

  • multiple lightweight and hackable wireless protocol stacks (e.g. Bluetooth Low Energy, Enhanced ShockBurst, WiFi, Zigbee ...)
  • multiple highly customizable offensive modules (e.g. Man-in-the-Middle, sniffing, jamming, hijacking, cloning ...)
  • mutiple modules dedicated to information gathering (e.g. applicative layers dumping, scanning ...)
  • mutiple experimental offensive modules based on InjectaBLE attack (e.g. Bluetooth Low Energy injection, Slave and Master hijacking, MiTM ...)
  • a chaining operator allowing to easily combine attack modules in order to build complex attack workflows
  • support of multiple devices, such as HCI devices, Crazy Radio PA, RZUSBStick, BTLEJack, Nordic, Sniffle, ButteRFly and Ubertooth sniffers
  • an user-friendly development environment allowing to easily write new modules or customize existing ones
  • an experimental Software defined radio architecture, allowing to sniff and inject packets using HackRF One

Useful links

The original BTLEJack firmware, written by Damien Cauquil, is available on github :

Publications

This framework is developed in the context of research works focused on IoT security by Romain Cayre, who is a PhD student at LAAS-CNRS and Apsys.Lab. His PhD thesis is supervised by Guillaume Auriol, Vincent Nicomette and Mohamed Kaâniche.

We published two papers describing this tool:

We also published two papers describing a new Bluetooth Low Energy attack, named InjectaBLE, allowing to inject malicious traffic into an established BLE connection. Mirage (v1.2) adds support for a new device, named ButteRFly, allowing to perform this attack: