From 277a5d2959512f33c6aac74b9eed0f002673f274 Mon Sep 17 00:00:00 2001 From: Verkehrsrot Date: Mon, 24 Jan 2022 16:12:43 +0100 Subject: [PATCH 1/6] count randomized ble MACs only --- lib/libpax/blescan.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/libpax/blescan.cpp b/lib/libpax/blescan.cpp index 0a597aa..ec1ed67 100644 --- a/lib/libpax/blescan.cpp +++ b/lib/libpax/blescan.cpp @@ -179,8 +179,12 @@ void hci_evt_process(void *pvParameters) { rssi = -(0xFF - queue_data[data_ptr++]); if (ble_rssi_threshold && (rssi < ble_rssi_threshold)) continue; // do not count - else + else { + int universal_bit = (addr + 6 * i) & 0b10; + if(!universal_bit) + continue; mac_add((uint8_t *)(addr + 6 * i), MAC_SNIFF_BLE); + } } // freeing all spaces allocated From 78976777b9381c39f197fc75d6619f80580bb05f Mon Sep 17 00:00:00 2001 From: Verkehrsrot Date: Mon, 24 Jan 2022 21:37:07 +0100 Subject: [PATCH 2/6] Update wifiscan.cpp --- lib/libpax/wifiscan.cpp | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/lib/libpax/wifiscan.cpp b/lib/libpax/wifiscan.cpp index 80e67c3..4efa231 100644 --- a/lib/libpax/wifiscan.cpp +++ b/lib/libpax/wifiscan.cpp @@ -58,17 +58,9 @@ wifi_sniffer_packet_handler(void* buff, wifi_promiscuous_pkt_type_t type) { if ((wifi_rssi_threshold) && (ppkt->rx_ctrl.rssi < wifi_rssi_threshold)) // rssi is negative value - { - return; - } - - int universal_bit = hdr->addr2[0] & 0b10; - - if(!universal_bit) { return; - } - - mac_add((uint8_t *)hdr->addr2, MAC_SNIFF_WIFI); + else + mac_add((uint8_t *)hdr->addr2, MAC_SNIFF_WIFI); } uint16_t channels_map; From 9577e63ec5e60fca08f3dd70d231cb5647317f9f Mon Sep 17 00:00:00 2001 From: Verkehrsrot Date: Mon, 24 Jan 2022 21:37:57 +0100 Subject: [PATCH 3/6] Update blescan.cpp --- lib/libpax/blescan.cpp | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/lib/libpax/blescan.cpp b/lib/libpax/blescan.cpp index ec1ed67..5338a6d 100644 --- a/lib/libpax/blescan.cpp +++ b/lib/libpax/blescan.cpp @@ -152,16 +152,18 @@ void hci_evt_process(void *pvParameters) { // skip 2 bytes event type and advertising type for every report data_ptr += 2 * num_responses; - // get BD address in every advertising report and store in - // single array of length `6 * num_responses' as each address - // will take 6 spaces + // get device address in every advertising report and + // store in array of length `6 * num_responses' as each record + // contains 6 octets + // -> note: BD addresses are stored in little endian format! + // see # Bluetooth Specification v5.0, Vol 2, Part E, sec 5.2 addr = (uint8_t *)malloc(sizeof(uint8_t) * 6 * num_responses); if (addr == NULL) { ESP_LOGE(TAG, "Malloc addr failed!"); goto reset; } for (int i = 0; i < num_responses; i += 1) { - for (int j = 0; j < 6; j += 1) { + for (int j = 5; j >= 0; j -= 1) { addr[(6 * i) + j] = queue_data[data_ptr++]; } } @@ -178,12 +180,9 @@ void hci_evt_process(void *pvParameters) { for (uint8_t i = 0; i < num_responses; i += 1) { rssi = -(0xFF - queue_data[data_ptr++]); if (ble_rssi_threshold && (rssi < ble_rssi_threshold)) - continue; // do not count + continue; // do not count weak signal mac else { - int universal_bit = (addr + 6 * i) & 0b10; - if(!universal_bit) - continue; - mac_add((uint8_t *)(addr + 6 * i), MAC_SNIFF_BLE); + mac_add(addr + 6 * i, MAC_SNIFF_BLE); } } From 52cb9b85265df4d75c001f965ef81a97dc5c825b Mon Sep 17 00:00:00 2001 From: Verkehrsrot Date: Mon, 24 Jan 2022 21:40:26 +0100 Subject: [PATCH 4/6] Update libpax.cpp --- lib/libpax/libpax.cpp | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/lib/libpax/libpax.cpp b/lib/libpax/libpax.cpp index 4329bd4..bd84052 100644 --- a/lib/libpax/libpax.cpp +++ b/lib/libpax/libpax.cpp @@ -65,14 +65,9 @@ void reset_bucket() { seen_ids_count = 0; } -int libpax_wifi_counter_count() { - return macs_wifi; -} - -int libpax_ble_counter_count() { - return macs_ble; -} +int libpax_wifi_counter_count() { return macs_wifi; } +int libpax_ble_counter_count() { return macs_ble; } int mac_add(uint8_t *paddr, snifftype_t sniff_type) { uint16_t *id; @@ -81,6 +76,9 @@ int mac_add(uint8_t *paddr, snifftype_t sniff_type) { //ESP_LOGD(TAG, "MAC=%02x:%02x:%02x:%02x:%02x:%02x -> ID=%04x", paddr[0], // paddr[1], paddr[2], paddr[3], paddr[4], paddr[5], *id); + + // if it is NOT a locally administered ("random") mac, we don't count it + if (!(paddr[0] & 0b10)) return false; int added = add_to_bucket(*id); From 885f07978d31d4cab0cd921530ba9d059997d63d Mon Sep 17 00:00:00 2001 From: cyberman54 Date: Fri, 18 Feb 2022 17:32:09 +0100 Subject: [PATCH 5/6] adapt test cases to changes in PR#15 --- test/libpax_test_cases.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/libpax_test_cases.cpp b/test/libpax_test_cases.cpp index 512015f..fcbe663 100644 --- a/test/libpax_test_cases.cpp +++ b/test/libpax_test_cases.cpp @@ -10,7 +10,7 @@ */ void test_mac_add_bytes() { libpax_counter_reset(); - uint8_t test_mac_addr[6] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0}; + uint8_t test_mac_addr[6] = {0x0b, 0x01, 0x0, 0x0, 0x0, 0x0}; test_mac_addr[4] = 0x01; test_mac_addr[5] = 0x01; mac_add(test_mac_addr, MAC_SNIFF_WIFI); @@ -38,6 +38,8 @@ void test_mac_add_bytes() { void test_collision_add() { libpax_counter_reset(); uint8_t test_mac_addr[6]; + test_mac_addr[0] = 0x0b; + test_mac_addr[1] = 0x10; uint16_t *test_mac_addr_p = (uint16_t *)(test_mac_addr + 4); *test_mac_addr_p = 1; @@ -66,7 +68,7 @@ void test_counter_reset() { libpax_counter_reset(); TEST_ASSERT_EQUAL(0, libpax_wifi_counter_count()); - uint8_t test_mac_addr[6] = {1, 1, 1, 1, 1, 1}; + uint8_t test_mac_addr[6] = {0x0b, 0x01, 1, 1, 1, 1}; mac_add(test_mac_addr, MAC_SNIFF_WIFI); TEST_ASSERT_EQUAL(1, libpax_wifi_counter_count()); From c374b87cb538cc5883b777823e36d98bca73fd97 Mon Sep 17 00:00:00 2001 From: cyberman54 Date: Fri, 18 Feb 2022 18:09:43 +0100 Subject: [PATCH 6/6] Some code sanitizations --- lib/libpax/blescan.cpp | 12 ++++++------ lib/libpax/libpax.cpp | 10 +++++----- lib/libpax/libpax.h | 6 ++---- lib/libpax/wifiscan.cpp | 6 +----- lib/libpax/wifiscan.h | 5 ----- 5 files changed, 14 insertions(+), 25 deletions(-) diff --git a/lib/libpax/blescan.cpp b/lib/libpax/blescan.cpp index 5338a6d..81cdffb 100644 --- a/lib/libpax/blescan.cpp +++ b/lib/libpax/blescan.cpp @@ -55,7 +55,7 @@ static int host_rcv_pkt(uint8_t *data, uint16_t len) { data_pkt = (uint8_t *)malloc(sizeof(uint8_t) * len); if (data_pkt == NULL) { - ESP_LOGE(TAG, "Malloc data_pkt failed!"); + ESP_LOGE(TAG, "Malloc data_pkt failed"); return ESP_FAIL; } memcpy(data_pkt, data, len); @@ -110,14 +110,14 @@ static void hci_cmd_send_ble_scan_start(void) { uint16_t sz = make_cmd_ble_set_scan_enable(hci_cmd_buf, scan_enable, filter_duplicates); esp_vhci_host_send_packet(hci_cmd_buf, sz); - ESP_LOGI(TAG, "BLE Scanning started.."); + ESP_LOGI(TAG, "BLE Scanning started"); } void hci_evt_process(void *pvParameters) { host_rcv_data_t *rcv_data = (host_rcv_data_t *)malloc(sizeof(host_rcv_data_t)); if (rcv_data == NULL) { - ESP_LOGE(TAG, "Malloc rcv_data failed!"); + ESP_LOGE(TAG, "Malloc rcv_data failed"); return; } @@ -159,7 +159,7 @@ void hci_evt_process(void *pvParameters) { // see # Bluetooth Specification v5.0, Vol 2, Part E, sec 5.2 addr = (uint8_t *)malloc(sizeof(uint8_t) * 6 * num_responses); if (addr == NULL) { - ESP_LOGE(TAG, "Malloc addr failed!"); + ESP_LOGE(TAG, "Malloc addr failed"); goto reset; } for (int i = 0; i < num_responses; i += 1) { @@ -215,11 +215,11 @@ void start_BLE_scan(uint16_t blescantime, uint16_t blescanwindow, /* A queue for storing received HCI packets. */ adv_queue = xQueueCreate(30, sizeof(host_rcv_data_t)); if (adv_queue == NULL) { - ESP_LOGE(TAG, "Queue creation failed\n"); + ESP_LOGE(TAG, "Queue creation failed"); return; } - /* start HCI event processor task */ + /* start HCI event processor task with prio 1 on core 0 */ xTaskCreatePinnedToCore(&hci_evt_process, "hci_evt_process", 2048, NULL, 1, &hci_eventprocessor, 0); diff --git a/lib/libpax/libpax.cpp b/lib/libpax/libpax.cpp index bd84052..8a6b8dd 100644 --- a/lib/libpax/libpax.cpp +++ b/lib/libpax/libpax.cpp @@ -30,7 +30,7 @@ enum { BITS_PER_WORD = sizeof(bitmap_t) * CHAR_BIT }; #define LIBPAX_MAX_SIZE 0xFFFF // full enumeration of uint16_t #define LIBPAX_MAP_SIZE (LIBPAX_MAX_SIZE / BITS_PER_WORD) -bitmap_t seen_ids_map[LIBPAX_MAP_SIZE]; +DRAM_ATTR bitmap_t seen_ids_map[LIBPAX_MAP_SIZE]; int seen_ids_count = 0; uint16_t volatile macs_wifi = 0; @@ -38,11 +38,11 @@ uint16_t volatile macs_ble = 0; uint8_t volatile channel = 0; // channel rotation counter -void set_id(bitmap_t *bitmap, uint16_t id) { +IRAM_ATTR void set_id(bitmap_t *bitmap, uint16_t id) { bitmap[WORD_OFFSET(id)] |= ((bitmap_t)1 << BIT_OFFSET(id)); } -int get_id(bitmap_t *bitmap, uint16_t id) { +IRAM_ATTR int get_id(bitmap_t *bitmap, uint16_t id) { bitmap_t bit = bitmap[WORD_OFFSET(id)] & ((bitmap_t)1 << BIT_OFFSET(id)); return bit != 0; } @@ -50,7 +50,7 @@ int get_id(bitmap_t *bitmap, uint16_t id) { /** remember given id * returns 1 if id is new, 0 if already seen this is since last reset */ -int add_to_bucket(uint16_t id) { +IRAM_ATTR int add_to_bucket(uint16_t id) { if (get_id(seen_ids_map, id)) { return 0; // already seen } else { @@ -69,7 +69,7 @@ int libpax_wifi_counter_count() { return macs_wifi; } int libpax_ble_counter_count() { return macs_ble; } -int mac_add(uint8_t *paddr, snifftype_t sniff_type) { +IRAM_ATTR int mac_add(uint8_t *paddr, snifftype_t sniff_type) { uint16_t *id; // mac addresses are 6 bytes long, we only use the last two bytes id = (uint16_t *)(paddr + 4); diff --git a/lib/libpax/libpax.h b/lib/libpax/libpax.h index 5fa0b5b..ce68fd6 100644 --- a/lib/libpax/libpax.h +++ b/lib/libpax/libpax.h @@ -39,10 +39,8 @@ int libpax_ble_counter_count(); void libpax_counter_reset(); void reset_bucket(); -int mac_add(uint8_t *paddr, snifftype_t sniff_type); -int add_to_bucket(uint16_t id); - -extern void IRAM_ATTR libpax_wifi_counter_add_mac_IRAM(uint32_t mac_input); +IRAM_ATTR int mac_add(uint8_t *paddr, snifftype_t sniff_type); +IRAM_ATTR int add_to_bucket(uint16_t id); void wifiDefaultConfig(); #endif diff --git a/lib/libpax/wifiscan.cpp b/lib/libpax/wifiscan.cpp index 4efa231..61d8e01 100644 --- a/lib/libpax/wifiscan.cpp +++ b/lib/libpax/wifiscan.cpp @@ -38,8 +38,7 @@ Which in turn is based of Ɓukasz Marcin Podkalicki's ESP32/016 WiFi Sniffer TimerHandle_t WifiChanTimer; int initialized_wifi = 0; int wifi_rssi_threshold = 0; - -// configData_t cfg_pax; +uint16_t channels_map = WIFI_CHANNEL_ALL; #define WIFI_CHANNEL_MAX 13 // default values for country configuration @@ -63,7 +62,6 @@ wifi_sniffer_packet_handler(void* buff, wifi_promiscuous_pkt_type_t type) { mac_add((uint8_t *)hdr->addr2, MAC_SNIFF_WIFI); } -uint16_t channels_map; // Software-timer driven Wifi channel rotation callback function void switchWifiChannel(TimerHandle_t xTimer) { configASSERT(xTimer); @@ -117,8 +115,6 @@ void wifi_sniffer_init(uint16_t wifi_channel_switch_interval) { esp_wifi_set_promiscuous(true)); // now switch on monitor mode // setup wifi channel rotation timer - - if(wifi_channel_switch_interval > 0) { WifiChanTimer = xTimerCreate("WifiChannelTimer", pdMS_TO_TICKS(wifi_channel_switch_interval * 10), pdTRUE, (void*)0, switchWifiChannel); diff --git a/lib/libpax/wifiscan.h b/lib/libpax/wifiscan.h index e2b2946..8239109 100644 --- a/lib/libpax/wifiscan.h +++ b/lib/libpax/wifiscan.h @@ -18,8 +18,6 @@ typedef struct { uint8_t payload[0]; // network data ended with 4 bytes csum (CRC32) } wifi_ieee80211_packet_t; -// extern const wifi_ieee80211_mac_hdr_t *hdr; - void set_wifi_country(uint8_t country_code); void set_wifi_channels(uint16_t channels_map); void set_wifi_rssi_filter(int set_rssi_threshold); @@ -27,7 +25,4 @@ void set_wifi_rssi_filter(int set_rssi_threshold); void wifi_sniffer_init(uint16_t wifi_channel_switch_interval); void wifi_sniffer_stop(); -extern int run_count; -extern int timeback_delta; - #endif