This tool emulates a simple bluetooth HID device (keyboard + mouse) based on bluez and xserver from linux. It was orignally designed for a poor student cannot afford a bluetooth keyboard. That poor student used laptop keyboard/mouse to control an android phone via bluetooth.
Via bluez, EmuBTHID registers a special bluetooth service ("00001124-0000-1000-8000-00805f9b34fb") which can serve as a HID device and be discoverable by other users.
Via Xlib, EmuBTHID creates a X window, which grabs keyboard/mouse input and send them to remote.
This tool requires "root" to listen to priviledged bluetooth ports, which communicate with remote devices.
This tool is recently tested under Archlinux:
kernel: 6.8.9
bluez: 5.75
xorg-server: 21.1.13
python libraries:
python-xlib 0.33 dbus-python 1.3.2
The client who uses the emulated HID device is an android 9 phone.
Edit main.py
and change the CONTROLLER_MAC
variable in the beginning to your own MAC. You can find the MAC of the bluetooth controller in bluetoothctl
. E.g. the "5C:87:9C:96:BE:5E" shown in the screenshot below is the MAC.
-
make sure that bluetoothd has the plugin
input
disabled (i.e. "-P input").-
For example, refer to ArchWiki
sudo systemctl edit bluetooth
-
Then append the argument "-P input"
### Editing /etc/systemd/system/bluetooth.service.d/override.conf ### Anything between here and the comment below will become the contents > [Service] ExecStart= ExecStart=/usr/lib/bluetooth/bluetoothd -P input
-
Finally restart the modified bluetoothd
sudo systemctl restart bluetooth
-
-
make sure that bluetooth service is running (systemctl status bluetooth)
-
enter
bluetoothctl
and dopower on
-
make sure the bluetooth controller is not blocked by software (check rfkill or enable bluetooth in your desktop manager, e.g. gnome)
-
Run
xhost +
to enable root user also draw something on a non-root user's X session. (see this stackoverflow) -
Run
sudo python3 main.py
In bluetoothctl, it should look like this, where a lot of UUIDs are registered
And you can find this specific Class
value and UUID for a "Human Interface Device" appears in show
-
Now go back to bluetoothctl, enable discoverable
-
(unverified) users also reported that "pairable" might need to be explicitly enforced via bluetoothctl command
pairable on
. Just make sure in bluetoothctl you can see a message saying your controller[CHG] Controller XX:XX:XX:XX:XX:XX Pairable: Yes
-
Now you should be able to discover a new HID device on other devices (e.g. an android phone). Now pair or re-connect. You should finish the pairing procedure in bluetoothctl (there will be a prompt). It looks like this:
-
After a device is paired and connected, you should be able to see the main window of EmuBTHID which will capture your keyboard/mouse input:
-
Final step, go back to the main window. enter "Ctrl+Alt+Shift+B" as shown in the window to grab keyboard as well as mouse input. Press the same combination again to un-grab.
-
The
xhost +
is pretty hacky and may raise security concerns. But I am personally fine with that. -
After pairing or connecting to this emulated HID device,
bluetoothctl
will show a lot of authorize prompt, which I normally ignore. -
Even though the keyboard usually works pretty well, the mouse sometimes becomes lagging. But I normally only use the keyboard feature.
-
Don't work with apple devices. Having a "connection reset by peer" issue.