diff --git a/README.md b/README.md index 37d12cc..6728987 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,8 @@ We have tested these PoCs on **Kali Linux** git clone https://github.com/hexway/apple_bleee.git && cd ./apple_bleee # install dependencies sudo apt update && sudo apt install -y bluez libpcap-dev libev-dev libnl-3-dev libnl-genl-3-dev libnl-route-3-dev cmake libbluetooth-dev +# For the bluetooth scripts, you need to do + ```sudo apt-get install python3-bluez``` sudo pip3 install -r requirements.txt # clone and install owl for AWDL interface git clone https://github.com/seemoo-lab/owl.git && cd ./owl && git submodule update --init && mkdir build && cd build && cmake .. && make && sudo make install && cd ../.. @@ -190,3 +192,4 @@ Please find details [here](/hash2phone) [https://hexway.io](https://hexway.io)
[@_hexway](https://twitter.com/_hexway) + diff --git a/hash2phone/README.md b/hash2phone/README.md index 5082158..bac0873 100644 --- a/hash2phone/README.md +++ b/hash2phone/README.md @@ -25,7 +25,8 @@ sudo -u postgres psql < db_init.sql Place lookup script into webserver directory: ``` -cp map_hash_num.php /var/www/html/ +cp map_hash_num.php /var/www/html/ # postgres version +cp map_hash_num_sqlite.php /var/www/html/ # sqlite version ``` - SQLite @@ -54,6 +55,7 @@ Now you can get mobile phones by 3 bytes of SHA256(phone_number) this way: ``` http://127.0.0.1/map_hash_num.php?hash=112233 +http://127.0.0.1/map_hash_num_sqlite.php?hash=112233 ``` ![ph_candidates](img/hash_api.png) diff --git a/hash2phone/hashmap_gen.py b/hash2phone/hashmap_gen.py index 45e552b..febcb91 100644 --- a/hash2phone/hashmap_gen.py +++ b/hash2phone/hashmap_gen.py @@ -14,7 +14,7 @@ if len(sys.argv)!=2: print("\nUsage:\t",sys.argv[0],"<4-digit phone prefix>") print("\nEx.:Calculate hashmap for range +12130000000 -- +12139999999:") - print(sys.argv[0],"1213") + print(sys.argv[0],"1213") print("\n\n"); sys.exit() @@ -38,12 +38,15 @@ if num % 100000 == 0: print(100-(stop_num-num)/100000,"% complete") connection.commit() - strnum = str(num) + strnum = str(num).encode('utf-8') m = hashlib.sha256() m.update(strnum) - hash= m.digest().encode("hex")[0:6] - - record_to_insert = ("\\x"+hash, strnum) + bhash = m.digest() + strhash = str(bhash).encode() + #print(strhash) #These are optional if you want to see it work + #print(strnum) + record_to_insert = (strhash, num) + #print(record_to_insert) cursor.execute(postgres_insert_query, record_to_insert) @@ -52,4 +55,3 @@ connection.commit() print("last num:\t", strnum) print("done!") -