Skip to content

Onimous-git/smartwatch-hack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ezwake.py
ezwake.py
 
 
keep120.py
keep120.py
 
 
requirements.txt
requirements.txt
 
 
scan.py
scan.py
 
 

Repository files navigation

EZWatch

Keep Smartwatch Screen Awake via BLE Reverse Engineering

\

Reverse engineered Bluetooth Low Energy commands to control smartwatch screen wake and timeout, then automated it using Python + systemd.

Features

  • Reverse engineered proprietary smartwatch protocol
  • Direct BLE GATT command replay
  • Automatic reconnect on boot
  • Low resource background service
  • Keeps watch screen awake continuously
  • Pure Python implementation using bleak

Reverse Engineering Process

  1. Captured Bluetooth traffic using Wireshark
  2. Analyzed HCI snoop log from Android device
  3. Identified custom GATT characteristics
  4. Reverse engineered smartwatch communication protocol
  5. Replayed commands to control watch behavior

Discovered BLE Commands

Action Hex Command
Screen Turn ON fe ea 20 06 53 0e
Timeout 30 sec fe ea 20 06 7d 1e
Timeout 60 sec fe ea 20 06 7d 3c
Timeout 120 sec fe ea 20 06 7d 78

Architecture

Linux PC
   │
   │ BLE (Bleak)
   ▼
Python Script (ezwake.py)
   │
   ▼
GATT Write Command
   │
   ▼
Smartwatch
(Screen stays awake)

Requirements

  • Linux (tested on Kali Linux)
  • Python 3
  • Bluetooth adapter
  • Python library: bleak
  • systemd

Installation

1. Create project directory

mkdir /home/sam/scripts
cd /home/sam/scripts
# copy or download ezwake.py into this folder
code .

2. Create virtual environment

rm -rf venv
python3 -m venv venv
source venv/bin/activate
python -m ensurepip --upgrade
python -m pip install --upgrade pip
python -m pip install bleak

3. Pair Bluetooth device

sudo bluetoothctl

Then run:

power on
agent on
default-agent
scan on
pair XX:XX:XX:XX:XX:XX
trust XX:XX:XX:XX:XX:XX
connect XX:XX:XX:XX:XX:XX
exit

Auto Start at Boot (systemd)

Create service file:

sudo nano /etc/systemd/system/ezwatch.service

Paste:

[Unit]
Description=Keep Smartwatch Awake
After=bluetooth.target
Requires=bluetooth.target

[Service]
Type=simple
User=sam
ExecStart=/home/sam/scripts/venv/bin/python /home/sam/scripts/ezwake.py
Restart=always
RestartSec=3
Environment=PYTHONUNBUFFERED=1

StandardOutput=journal
StandardError=journal

[Install]
WantedBy=multi-user.target

Enable service:

sudo systemctl daemon-reload
sudo systemctl enable ezwatch
sudo systemctl start ezwatch

Logs

journalctl -u ezwatch -f

Expected output:

Trying to connect...
Connected to watch
Wake (connected)

Troubleshooting

Check if enabled:

sudo systemctl is-enabled ezwatch

Enable if needed:

sudo systemctl enable ezwatch

Project Structure

/scripts
├── ezwake.py
├── README.md
├── requirements.txt
└── LICENSE

Disclaimer

This project was created through reverse engineering for educational purposes. Use responsibly.

Author

Reverse engineered and developed by Onimous

If this helped you

Give the repo a star — it helps a lot!

About

Hacking a smart watch for infinite screentime and many more

Topics

python wireshark kali-linux btsnoop

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages