I've tried to post this question on Amateur Radio, but it was closed as off topic. I'm not sure this is the right place to post it as it's not purely software, but still.
Being a quasi-newbie in this game, I'm trying to identify a device which communicates on 2.4Ghz, a Bluetooth mouse talking to his dongle.
My goal is to identify the MAC address of the device and then reverse the protocol.
Knowing that my only documentation about it is his chipset and the associated datasheet :
Which are the basics step to follow to achieve this ?
What hardware and software tool should I use ?
Would dumping the dongle's firmware be a possible approach ? If yes why ?
So far I've tried three methods:
With a Ubertooth dogle and his Kismet plugin, I can see a lot of traffic, but I can't identify the correct device (the vendor is almost unknown). Also, I don't know why but Kismet doesn't let me do channel hopping, so I can only scan the channel 37 (most likely the device doesn't use this channel ?).
With a HackRF, but same problem, in all the noise I can't identify the device.
With a nRF52840 and a sniffing firmware, I can see a lot of traffic but can't identify the right dongle.
Related
I've have been looking for a while and though a lot of Exchange Q&A's have helped, I haven't exactly received the answer I'm looking for.
Going off the question asked here: How can I detect a USB port being used for charging in Linux?
I felt as if it needed it's own question. I have a USB Powered Hub for charging smart phones and I wish to control the power (On/Off only) to each of the ports individually.
Using a USB charging cable, Linux cannot detect that a device is plugged in, so using a USB data cable might be more useful to this scenario.
Essentially, I want Linux to be able to detect when a device is plugged in, however I do not want any data transmission to occur between the device and Linux. Simply only power. By detecting the device being plugged in, I want to be able to control whether power will flow to the device or not, but no data transmission.
I'm currently testing with uhubctl, however when enabling/disabling the port, unfortunately it controls both power/data where I wish to cut off data entirely and only allow power to the device.
Is it possible to using a USB Data Cable detect a device plugged in, then essentially disable the phone talking to the computer entirely, but still allow power to flow to the device?
If not, the other option I was thinking is if there is a USB Power Hub out there that can tell Linux if a new device has been plugged in or not and I can tell it whether to charge or not?
Any input would be greatly appreciated.
I am not much experienced in bluetooth programming yet, but for my bachelor thesis I was asked to implement an interface for an blood presure monitor. In general this device is able to connect to other devices in order to share the data via bluetooth. It is also common licenced.
Now the Problem:
I have written an java program using bluecove to search for bluetooth devices. It works, but I can't find the device I want to. This blood presure monitor also has an button for activating pairing, which does not help either. Every time the device is getting new data (I measure my blood presure) it says on screen "transmitting data" so it trys to connect to an bluetooth device it knows.
Is there any special way I need to address it in order to get paired with it? So I would need to create an server waiting for this device to connect to, or is the general task impossible to handle?
I wonder whether it is possible to emulate a specific bluetooth device like a Remote Controller for a TV or another device with my PC. I'd be okay with installing an additional hardware device for my computer (e. g. a BlueTooth PCIe card).
I imagined something like "recording" all single commands of my original remote controller using my Bluetooth card and afterwards use these recorded commands to turn on my TV for example.
Is something like this possible (with additional hardware maybe)?
Of course this is possible. Bluetooth is just a protocol and you can impliment it in your custom software to emulate all kinds of devices. If you need to emulate simple devices like keyboard or mouse, there are many ready solutions like this.
But if you have non standard device, there won't be any ready solutions and you will have to implement it yourself. What can help you:
If you have some kind of controller for PC and you want to emulate device with unknown protocol, you can use WireShark or other sniffer to understand what's going on.
There is an emulator called BT-Sim, but it is so poorly documented that I can't even guess what it does.
You can can take as example different android software like described in answers to this question.
You can check different program samples for PC like this.
For hardware you need only simple Bluetooth dongle. However, if you want to spy on some BLE (Bluetooth Low Energy) devices, you can buy hardware sniffer like this.
(At least in Windows 10) Microsoft Store has an application called "Bluetooth LE Explorer" which is able to simulate different kind of Bluetooth GATT profiles as a peripheral.
This is my first question in Stackoverflow :)
I'm trying to make few modifications to the Ti Sensortag but I have few questions please:
1- is it possible to make the sensortags communicate with each-other without a gateway?
(lets Say I put Sensor1 in bedroom 1 and sensor 2 in bedroom 2 can I make them exchange readings without the need for a gateway?)
2- can I install a micro USB over the interface connector to be able to use a portable battery pack? (photo of the interface connector)
thanks
You'll get better more in depth responses on the TI support forums as Ifor has said.
However, I can tell you the answer to #1... Regular bluetooth allows for things like piconets, but Low Energy does not. With LE you have a client/server (master/slave) connection between two devices only. It may be possible to modify the firmware on the sensortags to allow them to make connections to other sensortags, but then they'd have to give up whatever connection they currently had to do so. The master devices can connect to multiple slave devices, but the slave device can only be connected to one master.
As the sensortags are currently designed, I think they only work as a slave (server) device.
Press releases say that the new 4.1 spec allows for a single BLE device to act in both roles--central and peripheral eliminating the need for a gateway. A 4.1 update is, in theory, possible with 4.0 radio hardware like the SensorTag has. I personally haven't seen an example of this however and SensorTag processing resources may be a limiting factor to a dual role.
The Battery Pack connector breaks out VDD_EXT and GND and the SensorTag hardware schematic is available. Analysis by a hardware design engineer should be able to determine the suitability of a USB source powering option.
http://processors.wiki.ti.com/index.php/SensorTag_User_Guide
Does anyone know how a bluetooth device could pick up the discoverable devices' device IDs in range?
I am ideally looking for the simplest solution that involves the smallest implimentation of the bluetooth protocols.
A starting point would be good, I just wish to create a device that can store all the device ids of nearby bluetooth devices with minimal power consumption, preferably just using radio frequencies and not SDP and whatever else.
If you can't help me with this, please can you help me find good reading material for low level bluetooth (step by step) communication. The reading online is so high level that I cant work out what is actually sent, when.
Laalto nailed the answer from the Bluetooth spec/stack POV, but your question implies your looking for a stand-alone Bluetooth device - not just a laptop app scanning surrounding devices.
I can only speak for the BT chips that the company I work for manufactures (Cambridge Silicon Radio - CSR) but our chips can do that pretty much out of the box. Our chips have an on-board Virtual Machine sandbox that allows access to the firmware functions and Bluetooth stack of the chip. You can easily write a C code app to run in the virtual machine sandbox, on chip, that periodically scans for discoverable devices around, grab their ids and then download them when connected via USB or Serial, or maybe over BT when a device connects to the listener directly.
www.csr.com and www.csrsupport.com for chips, dev-kits, design references, etc.. etc...
You probably want a module with the extra HW (UARTs, USB etc...) as well as just the chip but you could implement this with something the size of a BlueTooth USB or probably smaller.
It would really help to know more about what your trying to achieve, why you want something that just scans the surrounding bluetooth devices and how big the device needs to be.
Sorry if this sounds like advertising. For balance: Broadcom make BT chips too!
The Bluetooth specs from http://www.bluetooth.org are a good starting place for low-level information. You need an account to access the specs, but you can create one for free.
Basically what you need to do is to go into Inquiry mode periodically and grab the response packets as they arrive. The more time you spend in Inquiry mode, the more likely you will discover devices in range: discoverable devices enter the Inquiry Scan mode only relatively rarely; it takes some time (10.24s at least with older Bluetooth versions) to scan all the possible frequencies in the Inquiry/Inquiry Scan frequency hopping schemes. And even then you can have suboptimal radio conditions.
For implementation I suggest you at least start with existing Bluetooth libraries such as BlueZ and do not attempt to create your own from scratch.