diff options
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/Makefile.am | 6 | ||||
| -rw-r--r-- | tools/idevicebtlogger.c | 360 | 
2 files changed, 366 insertions, 0 deletions
| diff --git a/tools/Makefile.am b/tools/Makefile.am index 4740330..d701bab 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -11,6 +11,7 @@ AM_LDFLAGS = \  	$(libplist_LIBS)  bin_PROGRAMS = \ +	idevicebtlogger\  	idevice_id \  	ideviceinfo \  	idevicename \ @@ -30,6 +31,11 @@ bin_PROGRAMS = \  	idevicecrashreport \  	idevicesetlocation +idevicebtlogger_SOURCES = idevicebtlogger.c +iidevicebtlogger_CFLAGS = $(AM_CFLAGS) +idevicebtlogger_LDFLAGS = $(top_builddir)/common/libinternalcommon.la $(AM_LDFLAGS) -lpcap +idevicebtlogger_LDADD = $(top_builddir)/src/libimobiledevice-1.0.la +  ideviceinfo_SOURCES = ideviceinfo.c  ideviceinfo_CFLAGS = $(AM_CFLAGS) $(limd_glue_CFLAGS)  ideviceinfo_LDFLAGS = $(AM_LDFLAGS) $(limd_glue_LIBS) diff --git a/tools/idevicebtlogger.c b/tools/idevicebtlogger.c new file mode 100644 index 0000000..fc42290 --- /dev/null +++ b/tools/idevicebtlogger.c @@ -0,0 +1,360 @@ +/* + * idevicebt_packet_logger.c + * Capture bt HCI packet log to pcap + * + * Copyright (c) 2021 Geoffrey Kruse, All Rights Reserved. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#define TOOL_NAME "idevicebtlogger" + +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include <signal.h> +#include <stdlib.h> +#include <unistd.h> +#include <getopt.h> + +#ifdef WIN32 +#include <windows.h> +#define sleep(x) Sleep(x*1000) +#else +#include <arpa/inet.h> +#endif + + +#include <libimobiledevice/libimobiledevice.h> +#include <libimobiledevice/bt_packet_logger.h> +#include <pcap.h>// todo windows??? + +#define BT_MAX_PACKET_SIZE 65535 + +static int quit_flag = 0; +static int exit_on_disconnect = 0; + +static char* udid = NULL; +static idevice_t device = NULL; +static bt_packet_logger_client_t bt_packet_logger = NULL; +static int use_network = 0; +static char* out_filename = NULL; +static pcap_dumper_t * dump; + +typedef struct { +	uint32_t length; +	uint32_t ts_secs; +	uint32_t ts_usecs; +} PacketHeaderType; + +typedef enum { +	HCI_COMMAND = 0x00, +	HCI_EVENT = 0x01, +	SENT_ACL_DATA = 0x02, +	RECV_ACL_DATA = 0x03 +} PacketLoggerPacketType; + +static void bt_packet_logger_callback(uint8_t * data, uint16_t len, void *user_data) +{ +	PacketHeaderType * header = (PacketHeaderType *)data; +	uint16_t offset = sizeof(PacketHeaderType); + +	struct pcap_pkthdr pcap_header; +	pcap_header.caplen = ntohl(header->length); +	pcap_header.len = len - sizeof(PacketHeaderType); +	pcap_header.ts.tv_sec = ntohl(header->ts_secs); +	pcap_header.ts.tv_usec = ntohl(header->ts_usecs); + +	// Sanity check incoming data and drop packet if its unreasonable. +	if(pcap_header.len > BT_MAX_PACKET_SIZE || pcap_header.caplen > BT_MAX_PACKET_SIZE) { +		fprintf(stderr, "WARNING: Packet length exceeded max size, corruption likely.\n "); +		return; +	} + +	uint8_t packet_type = data[offset]; +	uint8_t hci_h4_type = 0xff; + +	switch(packet_type) { +		case HCI_EVENT: +			hci_h4_type = 0x04; +			break; + +		case HCI_COMMAND: +			hci_h4_type = 0x01; +			break; + +		case SENT_ACL_DATA: +			hci_h4_type = 0x02; +			break; + +		case RECV_ACL_DATA: +			hci_h4_type = 0x02; +			break; + +		default: +			// unknown packet logger type, just pass it on +			hci_h4_type = packet_type; +			break; +	} +	if(hci_h4_type != 0xff) { +		data[offset] = hci_h4_type; +		pcap_dump((unsigned char*)dump, &pcap_header, &data[offset]); +		pcap_dump_flush(dump); +	} + +	// for(; offset < len; offset++) { +	// 	if( (offset - sizeof(PacketHeaderType)) % 16 == 0) { +	// 		printf("\n"); +	// 	} +	// 	printf("0x%02x, ", 0xff&data[offset]); +	// } +	// printf("\n------------------------------------------------------------------------------------------------\n"); +} + +static void stop_logging(void) +{ +	fflush(NULL); + +	if (bt_packet_logger) { +		bt_packet_logger_client_free(bt_packet_logger); +		bt_packet_logger = NULL; +	} + +	if (device) { +		idevice_free(device); +		device = NULL; +	} +} + +static int start_logging(void) +{ +	idevice_error_t ret = idevice_new_with_options(&device, udid, (use_network) ? IDEVICE_LOOKUP_NETWORK : IDEVICE_LOOKUP_USBMUX); +	if (ret != IDEVICE_E_SUCCESS) { +		fprintf(stderr, "Device with udid %s not found!?\n", udid); +		return -1; +	} + +	lockdownd_client_t lockdown = NULL; +	lockdownd_error_t lerr = lockdownd_client_new_with_handshake(device, &lockdown, TOOL_NAME); +	if (lerr != LOCKDOWN_E_SUCCESS) { +		fprintf(stderr, "ERROR: Could not connect to lockdownd: %d\n", lerr); +		idevice_free(device); +		device = NULL; +		return -1; +	} + +	/* start bt_packet_logger service */ +	lockdownd_service_descriptor_t svc = NULL; +	lerr = lockdownd_start_service(lockdown, BT_PACKETLOGGER_SERVICE_NAME, &svc); +	if (lerr == LOCKDOWN_E_PASSWORD_PROTECTED) { +		fprintf(stderr, "*** Device is passcode protected, enter passcode on the device to continue ***\n"); +		while (!quit_flag) { +			lerr = lockdownd_start_service(lockdown, BT_PACKETLOGGER_SERVICE_NAME, &svc); +			if (lerr != LOCKDOWN_E_PASSWORD_PROTECTED) { +				break; +			} +			sleep(1); +		} +	} +	if (lerr != LOCKDOWN_E_SUCCESS) { +		fprintf(stderr, "ERROR: Could not connect to lockdownd: %d\n", lerr); +		fprintf(stderr, "Please ensure the target device has a valid Bluetooth logging profile installed\n"); +		idevice_free(device); +		device = NULL; +		return -1; +	} +	lockdownd_client_free(lockdown); + +	/* connect to bt_packet_logger service */ +	bt_packet_logger_error_t serr = BT_PACKET_LOGGER_E_UNKNOWN_ERROR; +	serr = bt_packet_logger_client_new(device, svc, &bt_packet_logger); +	lockdownd_service_descriptor_free(svc); +	if (serr != BT_PACKET_LOGGER_E_SUCCESS) { +		fprintf(stderr, "ERROR: Could not start service %s.\n", BT_PACKETLOGGER_SERVICE_NAME); +		fprintf(stderr, "Please ensure the target device has a valid Bluetooth logging profile installed\n"); +		idevice_free(device); +		device = NULL; +		return -1; +	} + +	/* start capturing bt_packet_logger */ +	serr = bt_packet_logger_start_capture(bt_packet_logger, bt_packet_logger_callback, NULL); +	if (serr != BT_PACKET_LOGGER_E_SUCCESS) { +		fprintf(stderr, "ERROR: Unable to start capturing bt_packet_logger.\n"); +		bt_packet_logger_client_free(bt_packet_logger); +		bt_packet_logger = NULL; +		idevice_free(device); +		device = NULL; +		return -1; +	} + +	fprintf(stdout, "[connected:%s]\n", udid); +	fflush(stdout); + +	return 0; +} + +static void device_event_cb(const idevice_event_t* event, void* userdata) +{ +	if (use_network && event->conn_type != CONNECTION_NETWORK) { +		return; +	} else if (!use_network && event->conn_type != CONNECTION_USBMUXD) { +		return; +	} +	if (event->event == IDEVICE_DEVICE_ADD) { +		if (!bt_packet_logger) { +			if (!udid) { +				udid = strdup(event->udid); +			} +			if (strcmp(udid, event->udid) == 0) { +				if (start_logging() != 0) { +					fprintf(stderr, "Could not start logger for udid %s\n", udid); +				} +			} +		} +	} else if (event->event == IDEVICE_DEVICE_REMOVE) { +		if (bt_packet_logger && (strcmp(udid, event->udid) == 0)) { +			stop_logging(); +			fprintf(stdout, "[disconnected:%s]\n", udid); +			if (exit_on_disconnect) { +				quit_flag++; +			} +		} +	} +} + +/** + * signal handler function for cleaning up properly + */ +static void clean_exit(int sig) +{ +	fprintf(stderr, "\nExiting...\n"); +	quit_flag++; +} + +static void print_usage(int argc, char **argv, int is_error) +{ +	char *name = NULL; +	name = strrchr(argv[0], '/'); +	fprintf(is_error ? stderr : stdout, "Usage: %s [OPTIONS] <FILE>\n", (name ? name + 1: argv[0])); +	fprintf(is_error ? stderr : stdout, +		"\n" \ +		"Capture HCI packets from a connected device.\n" \ +		"\n" \ +		"OPTIONS:\n" \ +		"  -u, --udid UDID  target specific device by UDID\n" \ +		"  -n, --network    connect to network device\n" \ +		"  -x, --exit       exit when device disconnects\n" \ +		"  -h, --help       prints usage information\n" \ +		"  -d, --debug      enable communication debugging\n" \ +		"  -v, --version    prints version information\n" \ +		"\n" \ +		"Homepage:    <" PACKAGE_URL ">\n" +		"Bug Reports: <" PACKAGE_BUGREPORT ">\n" +	); +} + +int main(int argc, char *argv[]) +{ +	int c = 0; +	const struct option longopts[] = { +		{ "debug", no_argument, NULL, 'd' }, +		{ "help", no_argument, NULL, 'h' }, +		{ "udid", required_argument, NULL, 'u' }, +		{ "network", no_argument, NULL, 'n' }, +		{ "exit", no_argument, NULL, 'x' }, +		{ "version", no_argument, NULL, 'v' }, +		{ NULL, 0, NULL, 0} +	}; + +	signal(SIGINT, clean_exit); +	signal(SIGTERM, clean_exit); +#ifndef WIN32 +	signal(SIGQUIT, clean_exit); +	signal(SIGPIPE, SIG_IGN); +#endif + +	while ((c = getopt_long(argc, argv, "dhu:nxv", longopts, NULL)) != -1) { +		switch (c) { +		case 'd': +			idevice_set_debug_level(1); +			break; +		case 'u': +			if (!*optarg) { +				fprintf(stderr, "ERROR: UDID must not be empty!\n"); +				print_usage(argc, argv, 1); +				return 2; +			} +			free(udid); +			udid = strdup(optarg); +			break; +		case 'n': +			use_network = 1; +			break; +		case 'x': +			exit_on_disconnect = 1; +			break; +		case 'h': +			print_usage(argc, argv, 0); +			return 0; +		case 'v': +			printf("%s %s\n", TOOL_NAME, PACKAGE_VERSION); +			return 0; +		default: +			print_usage(argc, argv, 1); +			return 2; +		} +	} + +	if (optind < argc) { +		out_filename = argv[optind]; +		printf("Output File: %s\n", out_filename); +	} +	else { +		print_usage(argc, argv, 1); +		return 2; +	} + +	int num = 0; +	idevice_info_t *devices = NULL; +	idevice_get_device_list_extended(&devices, &num); +	idevice_device_list_extended_free(devices); +	if (num == 0) { +		if (!udid) { +			fprintf(stderr, "No device found. Plug in a device or pass UDID with -u to wait for device to be available.\n"); +			return -1; +		} else { +			fprintf(stderr, "Waiting for device with UDID %s to become available...\n", udid); +		} +	} + +	dump = pcap_dump_open(pcap_open_dead(187, BT_MAX_PACKET_SIZE), out_filename); +	idevice_event_subscribe(device_event_cb, NULL); + +	while (!quit_flag) { +		sleep(1); +	} + +	idevice_event_unsubscribe(); +	stop_logging(); + +	free(udid); + +	return 0; +} | 
