d1s
Posts: 3
Joined: Mon Feb 20, 2017 12:32 am

Sniffing Bluetooth LE packets with Pi 3's onboard bluetooth

Mon Feb 20, 2017 12:39 am

Hey guys
I'm trying to reverse engineer a cheap Smart Light Bulb so I can control it from my pi, but I don't have any tools for bluetooth packet sniffing.
There are plenty of guides for using the Pi with a USB Bluetooth adapter for sniffing, but none about using the Pi 3's onboard bluetooth for sniffing.
Is it possible?

If so, any guides on how to do it?

Thanks

User avatar
Douglas6
Posts: 4783
Joined: Sat Mar 16, 2013 5:34 am
Location: Chicago, IL

Re: Sniffing Bluetooth LE packets with Pi 3's onboard blueto

Mon Feb 20, 2017 12:52 am

The Pi3's on board Bluetooth will work identically (for most intents and purposes) to a USB dongle. Your best bet is probably with gatttool.

d1s
Posts: 3
Joined: Mon Feb 20, 2017 12:32 am

Re: Sniffing Bluetooth LE packets with Pi 3's onboard blueto

Mon Feb 20, 2017 1:03 am

As far as I'm aware I can't use gattool for packet sniffing
A few scripts I've come across need the bluetooth device's address, such as /dev/usb0 but this doesn't apply to the onboard bluetooth.
Does the onboard BT have an address like that?

User avatar
Douglas6
Posts: 4783
Joined: Sat Mar 16, 2013 5:34 am
Location: Chicago, IL

Re: Sniffing Bluetooth LE packets with Pi 3's onboard blueto

Mon Feb 20, 2017 1:13 am

Hmm, I don't know. I'd be interested in any information you can link to for 'packet sniffing' using /dev/usb0.


User avatar
Douglas6
Posts: 4783
Joined: Sat Mar 16, 2013 5:34 am
Location: Chicago, IL

Re: Sniffing Bluetooth LE packets with Pi 3's onboard blueto

Mon Feb 20, 2017 1:32 am

Just took a quick look, thanks, I'll look into it more closely. It seems to depend on Adafruit's BLE sniffer device (https://www.adafruit.com/product/2269), which has custom firmware that is probably not reproducible on either the on board chip or a standard USB dongle. I've used that device on a PC, not a Pi, so I appreciate the link. But again, programming the firmware on a standard adapter... That is going to be rough (impossible).

Oh, and you might be surprised by what you can learn with gatttool and hcidump.

peppino
Posts: 2
Joined: Sun Jun 25, 2017 7:47 pm

Re: Sniffing Bluetooth LE packets with Pi 3's onboard blueto

Sun Jun 25, 2017 7:49 pm

Hi,

were you able to get into the smart bulb? I'd be interested in what has been done in this respect.

/P


peppino
Posts: 2
Joined: Sun Jun 25, 2017 7:47 pm

Re: Sniffing Bluetooth LE packets with Pi 3's onboard blueto

Mon Jun 26, 2017 5:57 pm

Thank you Douglas, I'll check this out.

Return to “Advanced users”