Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@haremo/noble
Advanced tools
A Node.js BLE (Bluetooth Low Energy) central module.
Want to implement a peripheral? Checkout bleno
Note: macOS / Mac OS X, Linux, FreeBSD and Windows are currently the only supported OSes. Other platforms may be developed later on.
libbluetooth-dev
sudo apt-get install bluetooth bluez libbluetooth-dev libudev-dev
Make sure node
is on your path, if it's not, some options:
nodejs
to node
: sudo ln -s /usr/bin/nodejs /usr/bin/node
sudo yum install bluez bluez-libs bluez-libs-devel
See Configure Intel Edison for Bluetooth LE (Smart) Development
Make sure you have GNU Make:
sudo pkg install gmake
Disable automatic loading of the default Bluetooth stack by putting no-ubt.conf into /usr/local/etc/devd/no-ubt.conf
and restarting devd (sudo service devd restart
).
Unload ng_ubt
kernel module if already loaded:
sudo kldunload ng_ubt
Make sure you have read and write permissions on the /dev/usb/*
device that corresponds to your Bluetooth adapter.
See @don's set up guide on Bluetooth LE with Node.js and Noble on Windows.
This limit is imposed upon by the Bluetooth adapter hardware as well as it's firmware.
Platform | |
---|---|
OS X 10.11 (El Capitan) | 6 |
Linux/Windows - Adapter dependent | 5 (CSR based adapter) |
Some BLE adapters like Sena UD-100 (Cambridge Silicon Radio, Ltd Bluetooth Dongle (HCI mode)) cannot connect to a peripheral while they are scanning. You will get the following message when trying to connect :
Error: Command disallowed
You need to stop scanning before trying to connect in order to solve this issue.
npm install noble
var noble = require('noble');
noble.startScanning(); // any service UUID, no duplicates
noble.startScanning([], true); // any service UUID, allow duplicates
var serviceUUIDs = ["<service UUID 1>", ...]; // default: [] => all
var allowDuplicates = <false|true>; // default: false
noble.startScanning(serviceUUIDs, allowDuplicates[, callback(error)]); // particular UUID's
NOTE: noble.state
must be poweredOn
before scanning is started. noble.on('stateChange', callback(state));
can be used register for state change events.
noble.stopScanning();
peripheral.connect([callback(error)]);
peripheral.disconnect([callback(error)]);
peripheral.updateRssi([callback(error, rssi)]);
peripheral.discoverServices(); // any service UUID
var serviceUUIDs = ["<service UUID 1>", ...];
peripheral.discoverServices(serviceUUIDs[, callback(error, services)]); // particular UUID's
peripheral.discoverAllServicesAndCharacteristics([callback(error, services, characteristics));
var serviceUUIDs = ["<service UUID 1>", ...];
var characteristicUUIDs = ["<characteristic UUID 1>", ...];
peripheral.discoverSomeServicesAndCharacteristics(serviceUUIDs, characteristicUUIDs, [callback(error, services, characteristics));
service.discoverIncludedServices(); // any service UUID
var serviceUUIDs = ["<service UUID 1>", ...];
service.discoverIncludedServices(serviceUUIDs[, callback(error, includedServiceUuids)]); // particular UUID's
service.discoverCharacteristics() // any characteristic UUID
var characteristicUUIDs = ["<characteristic UUID 1>", ...];
service.discoverCharacteristics(characteristicUUIDs[, callback(error, characteristics)]); // particular UUID's
characteristic.read([callback(error, data)]);
characteristic.write(data, withoutResponse[, callback(error)]); // data is a buffer, withoutResponse is true|false
withoutResponse
:
false
: send a write request, used with "write" characteristic propertytrue
: send a write command, used with "write without response" characteristic propertycharacteristic.broadcast(broadcast[, callback(error)]); // broadcast is true|false
characteristic.subscribe([callback(error)]);
'data'
events when peripheral sends an notification or indicationcharacteristic.unsubscribe([callback(error)]);
characteristic.discoverDescriptors([callback(error, descriptors)]);
descriptor.readValue([callback(error, data)]);
descriptor.writeValue(data[, callback(error)]); // data is a buffer
peripheral.readHandle(handle, callback(error, data));
peripheral.writeHandle(handle, data, withoutResponse, callback(error));
See Node.js EventEmitter docs for more info. on API's.
state = <"unknown" | "resetting" | "unsupported" | "unauthorized" | "poweredOff" | "poweredOn">
noble.on('stateChange', callback(state));
noble.on('scanStart', callback);
The event is emitted when scanning is started or if another application enables scanning or changes scanning settings.
noble.on('scanStop', callback);
The event is emitted when scanning is stopped or if another application stops scanning.
peripheral = {
id: "<id>",
address: "<BT address">, // Bluetooth Address of device, or 'unknown' if not known
addressType: "<BT address type>", // Bluetooth Address type (public, random), or 'unknown' if not known
connectable: <connectable>, // true or false, or undefined if not known
advertisement: {
localName: "<name>",
txPowerLevel: <int>,
serviceUuids: ["<service UUID>", ...],
serviceSolicitationUuid: ["<service solicitation UUID>", ...],
manufacturerData: <Buffer>,
serviceData: [
{
uuid: "<service UUID>"
data: <Buffer>
},
...
]
},
rssi: <rssi>
};
noble.on('discover', callback(peripheral));
Note: on OS X the address will be set to 'unknown' if the device has not been connected previously.
noble.on('warning', callback(message));
peripheral.once('connect', callback);
peripheral.once('disconnect', callback);
peripheral.once('rssiUpdate', callback(rssi));
peripheral.once('servicesDiscover', callback(services));
service.once('includedServicesDiscover', callback(includedServiceUuids));
characteristic = {
uuid: "<uuid>",
// properties: 'broadcast', 'read', 'writeWithoutResponse', 'write', 'notify', 'indicate', 'authenticatedSignedWrites', 'extendedProperties'
properties: [...]
};
service.once('characteristicsDiscover', callback(characteristics));
Emitted when characteristic read has completed, result of characteristic.read(...)
or characteristic value has been updated by peripheral via notification or indication - after having been enabled with notify(true[, callback(error)])
.
characteristic.on('data', callback(data, isNotification));
characteristic.once('read', callback(data, isNotification)); // legacy
Emitted when characteristic write has completed, result of characteristic.write(...)
.
characteristic.once('write', withoutResponse, callback());
Emitted when characteristic broadcast state changes, result of characteristic.broadcast(...)
.
characteristic.once('broadcast', callback(state));
Emitted when characteristic notification state changes, result of characteristic.notify(...)
.
characteristic.once('notify', callback(state));
descriptor = {
uuid: '<uuid>'
};
characteristic.once('descriptorsDiscover', callback(descriptors));
descriptor.once('valueRead', data);
descriptor.once('valueWrite');
Run the following command:
sudo setcap cap_net_raw+eip $(eval readlink -f `which node`)
This grants the node
binary cap_net_raw
privileges, so it can start/stop BLE advertising.
Note: The above command requires setcap
to be installed, it can be installed using the following:
sudo apt-get install libcap2-bin
su -c \'yum install libcap2-bin\'
hci0
is used by default to override set the NOBLE_HCI_DEVICE_ID
environment variable to the interface number.
Example, specify hci1
:
sudo NOBLE_HCI_DEVICE_ID=1 node <your file>.js
By default noble waits for both the advertisement data and scan response data for each Bluetooth address. If your device does not use scan response the following environment variable can be used to bypass it.
sudo NOBLE_REPORT_ALL_HCI_EVENTS=1 node <your file>.js
By default noble will respond with an error whenever a GATT request message is received. If your intention is to use bleno in tandem with noble, the following environment variable can be used to bypass this functionality. Note: this requires a Bluetooth 4.1 adapter.
sudo NOBLE_MULTI_ROLE=1 node <your file>.js
By default, noble will select bindings to communicate with Bluetooth devices depending on your platform. If you prefer to specify what bindings noble should use:
var noble = require('noble/with-bindings')(require('./my-custom-bindings'));
Support us with a monthly donation and help us continue our activities. [Become a backer]
Become a sponsor and get your logo on our README on Github with a link to your site. [Become a sponsor]
Copyright (C) 2015 Sandeep Mistry sandeep.mistry@gmail.com
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
A Node.js BLE (Bluetooth Low Energy) central library.
The npm package @haremo/noble receives a total of 0 weekly downloads. As such, @haremo/noble popularity was classified as not popular.
We found that @haremo/noble demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.