relay: error on unsupported ad type

sultanqasim · sultanqasim · commit 18252f2c5a05 · 2025-07-12T11:18:53.000-04:00
diff --git a/python_cli/relay_master.py b/python_cli/relay_master.py
@@ -12,11 +12,12 @@
 from struct import pack, unpack
 
 from sniffle.pcap import PcapBleWriter
-from sniffle.sniffle_hw import SniffleHW, BLE_ADV_AA, PacketMessage, DebugMessage, StateMessage, \
-        MeasurementMessage, SnifferState
-from sniffle.packet_decoder import DPacketMessage, DataMessage, LlDataContMessage, AdvIndMessage, \
-        AdvDirectIndMessage, ScanRspMessage, ConnectIndMessage, str_mac, LlControlMessage
-from sniffle.relay_protocol import RelayServer, MessageType
+from sniffle.sniffle_hw import SniffleHW, BLE_ADV_AA, PacketMessage, DebugMessage, \
+        StateMessage, MeasurementMessage, SnifferState
+from sniffle.packet_decoder import DPacketMessage, DataMessage, LlDataContMessage, \
+        AdvIndMessage, AdvDirectIndMessage, ScanRspMessage, ConnectIndMessage, \
+        str_mac, LlControlMessage, AdvertMessage
+from sniffle.relay_protocol import RelayServer, MessageType, ErrorCode
 
 """
 Relay attack principles:
@@ -153,6 +154,10 @@ def main():
 
     # obtain the target's advertisement and scan response, share it with relay slave
     adv, scan_rsp = scan_target(mac_bytes)
+    if not adv or not scan_rsp:
+        print("Error: Advertisement type must be ADV_IND. Aborting.")
+        conn.send_err(ErrorCode.INVALID_ADV)
+        return
     conn.send_msg(MessageType.ADVERT, adv.body)
     conn.send_msg(MessageType.SCAN_RSP, scan_rsp.body)
 
@@ -351,14 +356,17 @@ def scan_target(mac):
         if not isinstance(msg, PacketMessage):
             continue
         dpkt = DPacketMessage.decode(msg)
-        if isinstance(dpkt, AdvIndMessage) or isinstance(dpkt, AdvDirectIndMessage):
+        if isinstance(dpkt, AdvIndMessage):
             if advPkt is None:
                 print("Found advertisement.")
             advPkt = dpkt
         elif isinstance(dpkt, ScanRspMessage):
             if scanRspPkt is None:
                 print("Found scan response.")
             scanRspPkt = dpkt
+        elif isinstance(dpkt, AdvertMessage):
+            print("Received incompatible advertisement of type %s." % dpkt.pdutype)
+            return None, None
 
     print("Target Advertisement:")
     print(advPkt)
diff --git a/python_cli/sniffle/relay_protocol.py b/python_cli/sniffle/relay_protocol.py
@@ -48,6 +48,10 @@ class MessageType(enum.Enum):
     CONN_REQ = 3    # CONNECT_IND (peripheral -> central)
     PING = 4        # network latency test
     PRELOAD = 5     # preloaded encrypted conn param changes
+    ERROR = 6       # message sent if something went wrong
+
+class ErrorCode(enum.Enum):
+    INVALID_ADV = 0 # unsupported advertisement type
 
 class RelaySocketWrapper:
     def __init__(self, sock, peer_addr):
@@ -61,10 +65,13 @@ def recv_msg(self):
         body = recvall(self.sock, mlen)
         return MessageType(mtype), body
 
-    def send_msg(self, mtype, body):
+    def send_msg(self, mtype: MessageType, body):
         hdr = struct.pack("<HH", mtype.value, len(body))
         self.sock.sendall(hdr + body)
 
+    def send_err(self, err_code: ErrorCode):
+        self.send_msg(MessageType.ERROR, bytes([err_code.value]))
+
 def connect_relay(peer_ip, port=7352):
     sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
     peer_addr = (peer_ip, port)
