You got your shiny new fitness bracelet or a smart watch. Great! You installed a companion app on your smartphone. Allright.
You could already be fine and happy using it. But if not... Want to know nuts and bolts of the protocol? Then go DEEPER
1st you get the Bluetooth network dump between your phone and the gadget.
- The "btsnoop" is easily recorded on the (rooted Android) phone using Developer options. Easily googled.
- Next, you get the file (btsnoop_hci.log) on your PC and open it with the Wireshark. Cool!
- The BLE protocol is carried in BT ATT/GATT so we apply filter "btatt" in the wireshark. A-ha! Now it's clear!
- Let's save it to a separate PCAP file, might be useful in the future: File → Export specified packets → "All packets", "Displayed", "as: pcap" → Save!
- Besides usual discovery messages like "Read By Group Type ..." you can find protocol specific messages in types:
- Read Request / Response (filter: btatt.opcode==0x0b)
- Write Request / Response (filter: btatt.opcode==0x12)
- Handle Value Notification (filter: btatt.opcode==0x1b)
- (look closely, there might be some more!)
- It's a good idea to note the data shown in the app at the time. It definitely helps to decrypt the protocol fields
- and then also change some parameters/options and record dump to see the change.
So you can see messages passing back and forth. Now it's time to dig them in. Let's get to the Part 2!
Комментариев нет:
Отправить комментарий