LocalDevice::LocalDevice(hci_id hid)
:
BluetoothDevice(),
fHid(hid)
{
fMessenger = _RetrieveBluetoothMessenger();
_ReadBufferSize();
_ReadLocalFeatures();
_ReadLocalVersion();
_ReadTimeouts();
_ReadLinkKeys();
// Uncomment this if you want your device to have a nicer default name
// BString name("HaikuBluetooth");
// SetFriendlyName(name);
uint32 value;
// HARDCODE -> move this to addons
if (GetProperty("manufacturer", &value) == B_OK
&& value == 15) {
// Uncomment this out if your Broadcom dongle is not working properly
// Reset(); // Perform a reset to Broadcom buggyland
// Uncomment this out if your Broadcom dongle has a null bdaddr
//#define BT_WRITE_BDADDR_FOR_BCM2035
#ifdef BT_WRITE_BDADDR_FOR_BCM2035
#warning Writting broadcom bdaddr @ init.
// try write bdaddr to a bcm2035 -> will be moved to an addon
int8 bt_status = BT_ERROR;
BluetoothCommand<typed_command(hci_write_bcm2035_bdaddr)>
writeAddress(OGF_VENDOR_CMD, OCF_WRITE_BCM2035_BDADDR);
BMessage request(BT_MSG_HANDLE_SIMPLE_REQUEST);
BMessage reply;
writeAddress->bdaddr.b[0] = 0x3C;
writeAddress->bdaddr.b[1] = 0x19;
writeAddress->bdaddr.b[2] = 0x30;
writeAddress->bdaddr.b[3] = 0xC9;
writeAddress->bdaddr.b[4] = 0x03;
writeAddress->bdaddr.b[5] = 0x00;
request.AddInt32("hci_id", fHid);
request.AddData("raw command", B_ANY_TYPE,
writeAddress.Data(), writeAddress.Size());
request.AddInt16("eventExpected", HCI_EVENT_CMD_COMPLETE);
request.AddInt16("opcodeExpected", PACK_OPCODE(OGF_VENDOR_CMD,
OCF_WRITE_BCM2035_BDADDR));
if (fMessenger->SendMessage(&request, &reply) == B_OK)
reply.FindInt8("status", &bt_status);
#endif
}
}
int main() {
if (isRoot()) {
printf("[+] pid: ");
scanf("%d", &pid);
mach_port_t process = getProcess(pid);
if (isNoError() && isProcessValid(process)) {
uintptr_t baseAddress = getBaseAddressByRegion(process, region);
if (baseAddress) {
uintptr_t pointerAddress = (uintptr_t)readAddress(
process,
baseAddress + baseOffset,
sizeof(uintptr_t)
);
if (isNoError()) {
uintptr_t targetAddress = pointerAddress - offset;
int target = (int)readAddress(
process,
targetAddress,
sizeof(int)
);
if (isNoError()) {
printf("[x] old result: %d\n", target);
int hack = 12345;
writeAddress(process, targetAddress, sizeof(hack), &hack);
if (isNoError()) {
printf("[x] write success : )\n");
}
}
}
}
}
}
return 0;
}
size_t ADXL345PiI2C::readRegisters(uint8_t start, uint8_t* buff, size_t size) {
writeAddress(start);
size_t size_read = read(handle, buff, size);
return size_read;
}
