apple-bleee

apple-bleee contains proof-of-concept scripts designed to reveal the data accessible to attackers targeting Apple devices through Bluetooth Low Energy (BLE) traffic sniffing. These scripts highlight potential privacy leaks from devices like AirPods and features such as AirDrop.

Use cases include security research, red teaming exercises, and educational demonstrations of Apple ecosystem vulnerabilities. The tool simulates attacker capabilities by capturing and analyzing BLE advertisements and related protocols, showing personal information that could be exposed without user awareness.

The scripts are experimental and require specific hardware: a Bluetooth adapter capable of sending BLE messages and a Wi-Fi card supporting active monitor mode with frame injection for AWDL (AirDrop) interactions. This setup enables realistic interception and analysis of Apple device communications.

The scripts operate by sniffing Bluetooth Low Energy (BLE) traffic from Apple devices, parsing advertisements and state information to extract details like device identifiers, user data, and service states. Specific scripts target AirPods advertisements (adv_airpods.py), Wi-Fi details (adv_wifi.py), AirDrop leaks via AWDL protocol (airdrop_leak.py), and BLE state reading (ble_read_state.py). Additional utilities include hash2phone for number lookup, npyscreen for interfaces, opendrop2 for AirDrop simulation, and supporting utils, leveraging dependencies like python3-bluez for Bluetooth handling.