Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rapierxbox/esp32-sour-apple

Crashes iOS 17 Devices using a really any device
https://github.com/rapierxbox/esp32-sour-apple

bluetooth bluetooth-low-energy circuitpython esp32 exploit ios iphone python python3 rasberry rasberrypi raspberry-pi

Last synced: 3 days ago
JSON representation

Crashes iOS 17 Devices using a really any device

Awesome Lists containing this project

README

        

# SourApple

> ### 🚫 Warning
> Only use this on devices you own or when you have permisson to use it.\
> This project is made for educational purposes ONLY and is NOT made to break laws and/or\
> for personal gain. Everythin is provided as-is and has no warranty so if your break any of your devices.

# The iOS 17 "BLE Crash Exploit"
The exploit was originaly developed and discovered by ECTO-1A. I ported it to the ESP32 and to RPi (and any devices that can run python). The scipts are meant for the ESP32, as the ESP8266 doesnt have BLE. The exploit causes the device to crash (works fastest while it is locked on the homescreen).

# Testing
This script was tested with and at the time of writing, works on:

ESP32-S3:

• iPhone 14 Pro - iOS 17.2 (21C5029g)

• iPhone 14 Pro - iOS 17.1 (21B506 & 21B74)

ESP-WROOM-32:

• iPhone 12 Pro - iOS 17.0 (21A329)

RPi 4:

• iPhone XS - iOS 17.0 (21A329)

• iPhone 12 Pro - iOS 17.1 Beta 2

• iPhone 11 Pro - iOS 17.1.2 (21B101)

RPi Pico W:

• iPhone 13 Pro - iOS 17.2.1 (21C66) "Patched"

• iPhone 13 - iOS 17.0.3 (21A360)

• iPhone 12 - iOS 17.0 (21A329)

• iPhone 12 - iOS 17.0.1 (21A340)

• iPhone 11 - iOS 17.0 (21A326)

# Behavior
The iPhone starts to freeze after a few seconds of it getting spammed with BLE pairing requests. After a random looking amount of time the iPhone turns completely black and you can now force restart it (Volume UP, Volume Down, Hold power button), or, alternatively, wait for it to restart by itself. While testing (on an ESP32-S3), it reaches stable temps at ~57c, so heat shouldn't be of concern. Some PI models report to get a little bit hotter than that, however it still should not be an issue.

# Contributors:
­@ECTO-1A: Found the exploit

­@WillyJL: Portet the exploit to Flipper Zero

­@Amachik: Helped make the RPi script

@N1-TR0: Made the micropython script

@FLOCK4H: Made the circuitpython script

# Common Error
If you have a compilation error telling you the esp_fill_random was not declared there is a easy fix. The esp_fill_random is a hardware random generation function and available on most ESP32's. There are two fixes for it. Firstly you can try to choose another ESP32 board and just compile for it and hope that it works or you can add these lines of code:
```
void esp_fill_random(uint8_t* buf, size_t len) {
for(size_t i = 0; i < len; i++) {
buf[i] = random(0, 1000);
}
}
```

# Things you don't want to know
I spilled coffee all over a lot of electronics while writing this :(

# Need help?
My discord if you need help: rapierxbox

or open a issue