I'm running Arch Linux and the Bluez libraries on my computer, and I'm trying to connect to an iPad [w/ Retina] over BLE. I can see the iPad in bluetoothctl, pair it, trust it, and connect to it. My question is in two parts:
1) I want to be able to select the attributes, more specifically for the MAP service. However, running
list-attributes
either during or outside of the connection returns no information.
2) My iPad cannot see the computer like it can see the iPad, either through the Settings --> Bluetooth menu or the CBCentralManager in an app that I'm developing. My computer is set to be discoverable and pairable forever, but it just doesn't find it.
How would I be able to connect to the iPad appropriately, if there even is a way?
Disclaimer to anyone using BlueZ user space tools:
OP mentioned in the comments that he utilized hcitool. It's best not to use hciconfig nor hcitool as these are in the process of
being phased out of BlueZ and have been unmaintained for a very long
time. They are prone to errors and the raw calls these programs make are blocking and cause interference with other Bluetooth applications.
BlueZ publishes some methods in order for users to use its Bluetooth (LE) functionality for applications or tasks: DBus and a lower-level approach. Programs included in the BlueZ user space package include bluetoothctl, which uses DBus for bluetooth related tasks, such as scanning, advertising and GATT. Tools like btmgmt, which can be considered a maintained version of hcitool, use the lower level libraries. BlueZ recommends using the DBus API for applications. Be sure to have compiled the source code and have followed the recommended instructions to use the mentioned tools. Also always check the licensing on mentioned tools and source files as some can not be included in proprietary software.
DBus-less solution:
If using bluetoothctl or DBus doesn't work out for you, I would suggest you use btmgmt. It can be found in the /tools folder of the user space source code.
If you're looking for or wanting to include GATT-related tasks, you can use btgatt-client to act as a GATT Client or btgatt-server to act as a GATT server from that same /tools folder.
These do not use DBus, nor the corresponding Bluetooth Daemon (bluetoothd) like bluetoothctl does
DBus solution:
What is most likely the cause of you not seeing services using bluetoothctl, however, is that you are not running the aforementioned bluetooth daemon with the -E flag (experimental). Currently, all GATT-related functionality is only usable when running in this experimental mode. (They're working to get it out of experimental-only mode) I think because it's still being developed. If I recall correctly BlueZ can also be configured/installed in this experimental mode, so that no manual actions are required.
To restart the BlueZ Daemon (bluetoothd) with GATT enabled run:
sudo service bluetooth stop && bluetoothd -E
In most cases, when stopping the bluetooth service, your bluetooth controller will power down and bluetoothctl won't respond to user input/freezes on startup. If this is indeed the case, use btmgmt and issue a power on to power the bluetooth controller again.
To VIEW the MAP service attributes, use list-attributes to view them. Ensure proper spelling. To SELECT the MAP service, you need to list-attributes then select-attributes, in that order.
It sounds like your ipad is having a problem. Perhaps try turning it off and on again. Make sure you have bluetooth enabled!
There is always a way!
Related
My employer has asked me to prepare for testing several thousand Chromebooks (mix of models/manufacturers) to refurb/flip. This may be a recurring thing.
Most or all of these will be old enough that CCD will not be available. I'd like to connect a widget such as a Raspberry Pi to the USB and have it automate testing as much as possible.
I know I can use keyboard emulation to inject commands, but I'd like to get a crosh session running over USB so that I can read info from the DUT besides just controlling it.
Google shows bazillions of returns about using a Chromebook as an ssh terminal but what I'm looking for is the opposite. I'm prepared for the answer to be a simple "no" but I'm concerned because I can't find that anyone else has asked this question. I don't think I'm that creative, so I suspect my Goog-fu is weak.
The answer appears to be "no". However I solved it another way; using "gadget mode" I have a Raspberry Pi ZW enumerate as a keyboard and a serial port. I put the Chromebook into Developer mode, open a developer shell with ctrl/alt/F2, or on a PC/linux or Mac system open a terminal window and type "sudo su" (these have to be done manually). Then I have the RPi issue this bash command to identify the serial port "in the blind":
SERPORT=/dev/serial/by-id/$(ls /dev/serial/by-id) # Chromebook or PC/linux
(or)
SERPORT=$(ls /dev/cu.usbmodem*) # Mac
Now I can have the RPi inject commands via the keyboard, put ">$SERPORT" on the end of each command, and the output comes in the RPi gadget serial port. The RPi then packages the data and forwards it over WiFi to our CRM. It's working nicely for Chromebooks, PCs booted into linux, Mac desktops and Macbooks.
Edit:
The company I work for has actually turned this into a product and so I'm not sure how much detail I should share, but...
I learned my way around gadget mode on the RPi from this link. There are examples for setting up a keyboard and a serial port. Using the templates in that link, I made a device called /dev/hidg0 which emits keyboard scancodes from the RPi to the Chromebook. I also made a device called /dev/ttyGS0 which the Chromebook sees as a serial port.
So I send keystrokes with some python like:
with open("/dev/hidg0","bw") as hid:
hid.write(blah)
and then have the Chromebook send text to the serial port, which I then read by looking at /dev/ttyGS0
Hopefully this will be enough to get you started. I found the isticktoit link very helpful.
I have done a jailbreak on old iPad 1, using redsn0w. Has worked really well. Installed OpenSSH, and I can use Putty on Windows or SSH on Linux to login to my iPad, and of course, pscp or scp to migrate files to/from using Windows or Linux. Installed DOSbox (using DOSpad.deb file), and it works fine. But there was no "ping" on the basic jailbreak version, so I installed "inetutils", which provides all the GNU inet stuff (ping, ftp, inetd, rlogin, telnet) and then found "arp iconfig netstat route traceroute" in Network Commands. This makes an old tablet very, very useful. Really fine stuff, but I notice now that the iPad network access times out quickly. This is new behaviour, since the Cydia "inetutils" install. If I set the iPad down, after a few minutes, I cannot ping it from any machine on my LAN. I could, before I installed the networking utilities. Maybe a security feature? If so, can I back out the network stuff, and just have ssh access, and have it not timeout? I want to to be "alive" all the time.
Ok, found it. When you jailbreak an iPad ver. 1, running iOS 5.1.1, using Redsn0w, the initial install of the code that provides root access does not include standard inetutils. The original behaviour of the iPad 1, if configured with static ip values, meant that if was on, and the wifi was enabled, it would respond to a "ping", even if the screen was "asleep".
This ping-response was useful for diagnostic purposes. Initial install of the jailbreak code did not change this behaviour. But I could not "ping" out from the iPad to other machines since there was no ping.exe available, even after the jailbreak (this contrasts to Blackberry Playbooks, which had a "ping" utility, and would also respond to pings, even if "asleep").
So I downloaded the "inetutils" package from Cydia source Telesphoreo, and that provide a ping.exe, which could be used in console mode on the iPad. It worked fine, and is a very useful program.
But, if you set the iPad aside, after about 5 minutes, it would time out. It appears the wifi transmit function is just shutdown, and response to "ping" is explicitly disabled.
After much research and experiment, I've determined that you can re-activate the iPad "ping" response - remotely - by sending it an SSH query. Example:
[your_id#Linbox ~]$ ssh mobile#xxx.yyy.zzz.aaa
where xxx.yyy.zzz.aaa is your IPV4 address,
assuming you have configured your iPad with a static ip value. (I own a couple of class C ip ranges, so I have been using these for many years, in my work). The two defined userids after jailbreak are "mobile" and "root".
The new behaviour appears after you download and install all the newer "inetutils" utilities, and the "Network Commands" utilities, from the Telesphoreo source repository.
This behaviour change is actually a pretty good idea, as it discourages inappropriate usage of ping, and probably also saves battery life. But it is a change from previous operational characteristic. Another fellow went down this same rabbit-hole, and documented the solution on the "jailbreakqa.com" site, url below:
http://www.jailbreakqa.com/questions/192379/persistent-wi-fi-when-locked
Hope this info is useful.
Curious to see this query downvoted.. Lemmie say, having this old iPad run as a full-blown remote-accessable Linux box is very useful. Once jailbroken, one can scp files back and forth, install custom computational code locally, and basically have all your office on a small, thin, light tablet in a little briefcase. Most useful.
Very interesting post... just what i am looking for. I use an ipad 1/16g/3G for a display on my kitchen wall for displaying domotica info. This works well and using ssh i can have it turn on, display something and turn off.
I got myself another ipad 1/16gb wifi only and this one had the sleeping wifi problem. My first thought was that it had to do with the 3g chip.. that maybe this keeps the ipad alive while the other one goes to sleep. The 3G model doesn't have inetutils installed and still doesnt go to sleep. So there seems some merrit to my line of thoughts.
I installed the inetutils on the wifi only ipad and it seems like this solved this trick. I can ssh into it just fine.. even when it is in sleep mode. Thanks for your update.
The link in your post doesn't work anymore..
I need to slow down (simulate bad) internet connection, I found some documentation where it was achieved by "ipfw pipe" command , the thing is that in latest MAC OS versions , ipfw was deprecated (and removed)...
I was wondering if there are any alternative to the ipfw API ?
Does anyone know how latest Network Link Conditioner achieves it?
The original previous way which enabled to slow down an internet connection :
sudo ipfw pipe 1 config bw 56Kbit/s delay 200 plr 0.2
and to clear the pipe :
sudo ipfw delete 1
Thanks.
I don't know much about Mac OS (I use Linux myself), but I'll give this a shot.
A bunch of digging established that ipfw seems unavailable, as you say.
I was also unable to find a way to use the Network Link Conditioner from the command line. Everything should be usable from the command line, so that's stupid.
One work around would be to try to access the NLC from within AppleScript. The following will get you started on toggling the NLC:
property thePane : "com.apple.Network-Link-Conditioner"
tell application "System Preferences"
activate
set the current pane to pane id thePane
--delay 2
end tell
---
tell application "System Events"
tell application process "System Preferences"
try
click ((checkboxes of window "Network Link Conditioner") whose description is "enable switch")
on error
click ((checkboxes of window "Network Link Conditioner") whose description is "enable switch")
end try
end tell
end tell
I think that you can run a script from the terminal with osascript <SCRIPT>.
As an alternative, Charles Proxy is a pay-to-use program that can be used to perform throttling, provided you can convince the software you are testing to connect to the proxy's port rather than directly to the internet. Maybe there are free proxy solutions out there somewhere?
Perhaps Squid would work in that regard. SquidMan seems to be an easy-ish way to install it for Mac. It looks as though DelayPools and or Client Bandwidth Limits might be useful for simulating a low speed connection, though I can't find evidence of people having used them for such.
I found several solutions that might work. They come from some old threads, but they might help:
How to simulate slow internet connections on the mac
Apple has made a very handy official tool to slow down the network connections on you Mac for testing purposes.
The Network Link Conditioner preference is a free download from within Xcode (for Lion and later OS). Additionally, iOS has similar function accessible from within Xcode and iOS 6 or later.
How do I simulate a bad Wi-Fi connection on my iPad?
There are a few ways you can do this, depending on your situation:
Move further away from your router. While this may seem a bit obvious, I realize that it isn't always possible while testing/debugging (for example, if you are working on a desktop computer).
Put aluminum foil around the router and/or antenna. This will (partially) block some or all of the radio signals by creating a makeshift Faraday cage. The results you get will depend on the strength of your router signal, distance from the router, and other environmental factors.
Set your router's wireless signal power to a lower setting. The method for doing this is different for each router, so you will have to look at the user guide for instructions on how to do this.
Slow down internet for iOS simulator
You can set the network to slow characteristic by testing on devices. Go to Settings -> Developer Settings -> Network Link Conditioner -> Enable. This is for iPhone/iPad running iOS 6
I don't know if the last one you can still do.
I've used many methods in the past for slowing down network connections, among them:
performing a parallel download of some massive Linux ISO file;
physically pulling out the Ethernet cable (at one point, I actually toyed with the idea of building a push-button device that would sit between two cat5 cables and do this without having to physically disconnect the whole cable).
using ifconfig eth0 down ; sleep 1 ; ifconfig eth0 up.
Hopefully one or more of those methods will help.
If you're looking to slow down your network connection because you're doing testing/profiling work, one option is to get a specific device that can create network latency/noise.
For example Apposite Tech's mini2 WAN emulator allows you to change values for bandwidth and packet loss. You can roll your own device too using something like: http://wanem.sourceforge.net/ . It just depends on your needs, time and budget.
I want to create a network intrusion detection system for iOS application. The main function is to allow the user to select a home network (maybe prompt them to simply enter the IP address only) and to be able to monitor the packets and if there is anything suspicious- we need to alert user via push notification or email. i wanted to use the features and functions of Snort, an open source network intrusion detection system.
Any Suggestions,Sample code ?! Where to start?
VM's do not have native hardware access, which is necessary for monitor mode. Maybe IOMMU PCI passthrough or bridged devices might work. It is probable that it is possible to compile the iOS kernel with a module that works for the wireless nic. I don't think it's a proprietary chip specific to apple, because a chip with multie technology capabilities in RF wouldn't be cost effective qt all. I'm just not sure if the filesystem blocks access in the OS framework or whatever. I have tried to compile linux/iOS ARM packages natively in the shell with the aircrack-ng source, but have not had any luck. Maybe someone would have better luck actually cross-compiling a package and sideloading it somehow.
I don't think this is possible for multiple reasons:
You wouldn't be able to compile snort for iOS.
In order to run snort you have to have the interface (NIC) in promiscuous mode, which I really don't think you can do on an iOS device (iPhone, iPad, etc) but I have never really looked into it, but Apple probably locks this down and restricts this for security purposes so if you could do it you'd likely have to jail-break the device first. It's not even possible to put the wifi card in an Apple laptop into monitor mode, which is similar.
There are a lot of dependencies for snort, most importantly the DAQ. You would probably only be able to monitor the wifi interface (even this might not be possible), not the interface used for the cellular network as this is probably a different daq than standard Ethernet nics.
This very likely is not possible on iOS, if it is it would be VERY difficult to pull off and even if you did the use case isn't really good. Even if you could get a daq for the cellular card, I don't know if promiscuous mode even exists and if it did all of the traffic on the cellular network is encrypted, so inspecting this with snort would be pointless. If you could do it for the wifi traffic it's probably not worth the effort honestly, especially since almost all traffic nowadays is encrypted, you'd have to decrypt it first, which certainly isn't possible to do.
In the view of Johnjg12's comments, I am wondering about your goal. If you want to make a NIDS, you can make it OS independent, anyway. If you want to consider only HIDS that monitors packet destined to it, we don't need it to be in promiscuous mode (a comment to Johgj12's response). so, now it is something to do with Snort on iOS. I am wondering if we can do it on a VM and then turning its promiscuous mode? Having said that I came across a link: https://www.securemac.com/macosxsnort.php
Is it possible to access my Cisco router details like Name,Model,IP Address,Connection status etc from my iOS mobile.
I'm even ready to write small mobile app in iOS to get all router details.
Since I have just started learning in iOS, don't know if any library already exists for above task.
If my router does not work or gets hang.. I even want to try for restart of router using my mobile.
If example code exist, it will be very useful.
Like Cisco already has andriod and iOS app for same above function but dont want to use this app and want to write my own app with limited features only.
(http://www.addictivetips.com/mobile/cisco-connect-express-manage-router-settings-remotely-android-ios/)
Thanks,
Accessing network gear is best done by using SNMP. Cisco has extremely rich management/monitoring capabilities via SNMP and all of their MIBs are publicly available here.
Almost all Cisco gear supports the SNMPv2-SMI MIB (the 1.3.6.1.2.1 OID) so querying things like sysName, sysLocation, sysContact, sysDescription, sysUpTime should be very easy. This MIB even supports tables for listing all the interfaces and IP addresses and has a whole lot of other things that might be of interest to you.
If you have SNMP write access on the device then you can even make config changes and perform management functions like rebooting or bringing an interface up/down.
There are a few SNMP libraries for ObjectiveC and I think Net-SNMP is the most popular (It's not .net even though the title suggests that).
If you are new to SNMP then I suggest starting simple by querying easy objects like 1.3.6.1.2.1.1.5 (sysName) and 1.3.6.1.2.1.1.6 (sysLocation) before trying to jump into tables like 1.3.6.1.2.1.2.2 (ifTable)
Remember, you don't have to stick with the standard MIBs you can download all of the custom ones that are particular to your device which will give you incredible amounts of flexibility.
You could use a screen-scraping technique to telnet or ssh to the Cisco device and parse the "show version" output. This will give you some of the information you need. For others, like IP addresses, you can use "show ip interface brief", "show cdp neighbors" etc. as you need.
Keep security in mind: make sure that telnet/ssh credentials are adequately protected in your app's settings, and try to restrict your commands to those that do not need privileged access on the Cisco device.
Be aware that Cisco devices have a small pool of available VTYs, and every telnet/ssh access from your app will use up one VTY. So if you have for example 30 guys wanting to use the access the device simultaneously from their apps, some of those instances are not going to get access to the device.
If this is a concern, SNMP is a better and more scalable option as suggested by previous answer. Make sure that you (a) have a read-only community string configured on the device, and (b) use only the ro community string from the app.