Closed byte-arts closed 3 years ago
Ok i corrected the Command identifier for the Connection Parameter Update Request/Response and it works. For this I added a l2capCmdId field to the BLEConnectionParameterUpdateRequest and BLEConnectionParameterUpdateResponse, which stores the command identifier and can therefore be used for creating a valid response. Since the packet objects in mirage only contain payload data, i think its more a little hack to make it work... Any recommendation where to add the header field? Then i would create a pull request.
Hello, thank you for signaling (and fixing !) this issue. You can create a pull request with your patch as it is right now, I'll try to correct it later to automatically select the right command ID in the stack itself.
So i created a pull request, with the changes that work for me. This is my first pull request, hopefully everything is correct!
Thank you, it's perfect :)
Hello,
i am trying to use the ble_mitm module of mirage. But the slave device mostly* disconnects after a short amount of time. If i connect fast enough with the master device, the mitm module works. But only until the slave disconnects.
I start the module with the following command (same results with activated master and slave spoofing):
Output is:
So even without connecting the master device, the slave terminates the connection (Remote User Terminated Connection (0x13)).
I cannot verify if this is the reason, but i recognized that the command identifier in the L2CAP Connection Parameter Update Response Packet is invalid.
From the specification (page 1047 - Core_v5.2):
*mostly, because i got the ble_mitm module working with a peripheral example from the Zephyr project. The example device does not disconnect but prints a warning message:
I am using Ubuntu 20.04 LTS with bluez 5.53 and the latest mirage version. Tested with 2 Asus BT-400 USB-Dongles.
If you need any further information let me know!