This project focuses on utilizing Android smartphones' built-in Bluetooth Low Energy (BLE) functionality to create Phantom Bluetooth Device Advertisements, similar to what is known, for instance, in the case of the Flipper Zero. While other apps are available that provide similar functionality, the objective of this app is to enhance convenience and user-friendliness in the process.
Note
This project is not actively updated due to no further optimizations to the exploit. Contributions from anyone are appreciated.
- Android 8.0 (API level 26) or later
Tip
If you don't know your API level visit SDK Platform release notes. You also can view your Android version in the Info tab in settings.
- You can not run the app on IOS or PC (even with emulators/VM's)
This app is capable of spoofing BLE advertisers that mimic the usage of the Google Fast Pair Service, leading to an influx of unwanted pop-up notifications on the receiving device.
For additional information about the Google Fast Pair Service, you can find it here
This app can spoof BLE advertisers that mimic devices supporting the Microsoft Swift Pairing Service. If Swift Pair notifications are enabled on a nearby Windows 10 (or later) device, it will receive a flood of notifications regarding nearby devices.
For additional information about the Microsoft Swift Pair Service, you can find it here
With the Easy Setup functionality, the app is capable of generating Bluetooth Low Energy Advertisement Sets that will trigger popups on Samsung devices specifically.
This app can spoof various Apple devices via Bluetooth Low Energy, which can be detected by iOS devices, resulting in a flood of unwanted popups on the receiving iOS device.
By spoofing Bluetooth Low Energy advertisers, this app can prompt iOS devices to open unwanted modals and popups, imitating certain Apple-specific actions.
With some modifications to the advertised BLE package, it is possible to trigger a reboot in various iOS 17 devices. This causes the targeted iPhone to temporarily freeze for a few minutes before automatically restarting. (iOS Crash is considered half-fixed due to the release of iOS 17.2 , it may still work on some devices.).
Note
To achieve optimal results, it is recommended to set the advertising interval to a value between 20 and 100 milliseconds. Additionally, locking and unlocking the targeted iPhone can aid in the process.
With this functionality, it is possible to enable or disable various adult toys that support the Lovespouse app. Additionally, the "Denial of Pleasure" can be executed by selecting the Lovespouse Stops List and setting the repeat mode to Repeat List. More information on this topic can be found here.
Utilizing this functionality, the app randomly generates BLE advertisement packages based on all other features. This leads to the highest number of affected devices in the vicinity.
The Spam Detector tool allows you to detect nearby spammers, even on the lock screen. It can identify spam from Flipper Zeros, our app, and various other software and scripts. Once your device has detected spam, it will send you a notification, indicating whether it was sent by a Flipper Zero or another source.
Note
Location permission and background location access are required for this feature to work. These permissions are necessary because Android mandates them for Bluetooth scanning in the background. It's important to note that the app will NOT collect your location data.
Simply put, the range of Bluetooth Low Energy (BLE) can vary between devices; some may have a long range, while others may have a short range.
The official Bluetooth Low Energy API provided by Google's Android SDK allows you to set the TX Power level and include it in the advertiser's payload. However, it doesn't permit direct modification of the byte values actually transmitted in the payload. This limitation affects the range of the Fast Pair functionality. Receiving devices calculate the transmitter's proximity based on the actual received signal strength and the transmitted byte in the payload, which contains the TX Power level the transmitter used.
Devices like the Flipper Zero, however, have the capability to modify this byte, significantly extending their range.
You can clone the repository and open it in Android Studio to install the app, or simply use the installable APK files from the Release Section. You can also download it from F-Droid here.
If you're an end-user looking for a fully functional app, download the Release APK for optimal performance (simply go for this one). If you're a developer or tester, opt for the Debug APK for testing and debugging purposes.
-
mh from mobile-hacker.com for the Article / Guideline about using the nRF Connect App to Spoof iOS Devices
-
Willy-JL, ECTO-1A, Spooks4567 and Mrproxy for their contribution in the BLE Spam App on the Flipper Zero
-
FuriousMAC and Hexway for their prior researches
-
mandomat for the research of Denial of Pleasure
-
tutozz for the research of Easy Setup Buds in Android
-
K3YOMI for the spam detector idea
-
Glorious Gizmos for making content and tutorials on our app
-
And special thanks to anyone else who has been involved in prior research and publications related to this topic.
Disclaimer for Bluetooth Low Energy Protocol Investigation Repository
This repository contains code for the investigation and experimentation of the Bluetooth Low Energy (BLE) protocol. Please be aware of the following disclaimers before using or contributing to this repository:
-
Purpose: The code and information provided in this repository are intended for educational and research purposes and is just a proof of concept. It is not intended for any malicious or harmful activities.
-
Legal Compliance: Users are responsible for ensuring that their use of the code and information in this repository complies with all applicable laws and regulations, including those governing wireless communication and intellectual property rights.
-
No Warranty: The code and information provided in this repository are provided "as is" without any warranties, expressed or implied. The authors and contributors are not responsible for any consequences resulting from the use of this code.
-
Risks: Experimenting with BLE protocols can have potential security and privacy implications. Users should exercise caution and use this code responsibly, respecting the privacy and security of devices and systems.
-
Contribution Guidelines: If you contribute to this repository, ensure that your contributions comply with the project's goals and the repository's license. By contributing, you agree to license your contributions under the same license as this repository.
-
Support: This repository is not maintained for production use. The authors and contributors may not provide support or updates regularly.
By using and contributing to this repository, you agree to these disclaimers and guidelines. If you do not agree, please refrain from using or contributing to this repository.
For any questions or concerns, please contact the repository maintainers on Discord or Github.