search

davidgyoung / ble-scanner

Bluetooth LE scanning CLI tool for Linux/BlueZ
BSD 3-Clause "New" or "Revised" License
19 stars 6 forks source link

It shows only one device #2

Open YossiCohen opened 2 years ago

YossiCohen commented 2 years ago

When I scan with my android it shows many devices. output sample:

73:F2:DF:C0:BA:01 -75 1E FF 06 00 01 09 20 02 85 82 B5 7D 20 88 BC 92 98 33 7F 14 95 F1 C3 F0 ED 6E 1B AA BA E7 37 73:F2:DF:C0:BA:01 -79 1E FF 06 00 01 09 20 02 85 82 B5 7D 20 88 BC 92 98 33 7F 14 95 F1 C3 F0 ED 6E 1B AA BA E7 37 73:F2:DF:C0:BA:01 -75 1E FF 06 00 01 09 20 02 85 82 B5 7D 20 88 BC 92 98 33 7F 14 95 F1 C3 F0 ED 6E 1B AA BA E7 37 73:F2:DF:C0:BA:01 -72 1E FF 06 00 01 09 20 02 85 82 B5 7D 20 88 BC 92 98 33 7F 14 95 F1 C3 F0 ED 6E 1B AA BA E7 37 73:F2:DF:C0:BA:01 -75 1E FF 06 00 01 09 20 02 85 82 B5 7D 20 88 BC 92 98 33 7F 14 95 F1 C3 F0 ED 6E 1B AA BA E7 37 73:F2:DF:C0:BA:01 -72 1E FF 06 00 01 09 20 02 85 82 B5 7D 20 88 BC 92 98 33 7F 14 95 F1 C3 F0 ED 6E 1B AA BA E7 37

What am I missing?

davidgyoung commented 2 years ago

Each of those lines is a detected Bluetooth LE advertising packet. A single advertising device may be the source of many packets. You can tell distinct devices by the MAC address, e.g. 73:F2:DF:C0:BA:01

YossiCohen commented 2 years ago

Thanks for your prompt response David, I know, but it seems like there is only one device that is printing out although my phone shows more than one BLE in the area

davidgyoung commented 2 years ago

Perhaps your phone is showing the Linux computer that is doing the scanning? A scanning device cannot detect its own transmission.

YossiCohen commented 2 years ago

Another strange issue: I am in the same room (it is almost a faraday cage - a bomb shelter) and there are no new devices here (there are some laptops (pcs & a Mac), phones, and other stuff with bluetooth. but from time to time the only single device that is detected by your code changes his MAC address:

6E:EA:F2:2F:68:16 -78 1E FF 06 00 01 09 20 02 54 47 F7 A9 17 B3 41 58 89 30 D6 FE 79 89 B9 C9 1E 21 92 6A D6 40 F2 6E:EA:F2:2F:68:16 -79 1E FF 06 00 01 09 20 02 54 47 F7 A9 17 B3 41 58 89 30 D6 FE 79 89 B9 C9 1E 21 92 6A D6 40 F2 6E:EA:F2:2F:68:16 -79 1E FF 06 00 01 09 20 02 54 47 F7 A9 17 B3 41 58 89 30 D6 FE 79 89 B9 C9 1E 21 92 6A D6 40 F2 and after some time: 45:D2:F1:12:39:E5 -79 1E FF 06 00 01 09 20 02 52 68 7F C7 9C 36 1D 2D 61 2A 99 40 F5 5D 35 6D 48 1C 95 18 54 DC D5 45:D2:F1:12:39:E5 -87 1E FF 06 00 01 09 20 02 52 68 7F C7 9C 36 1D 2D 61 2A 99 40 F5 5D 35 6D 48 1C 95 18 54 DC D5 45:D2:F1:12:39:E5 -84 1E FF 06 00 01 09 20 02 52 68 7F C7 9C 36 1D 2D 61 2A 99 40 F5 5D 35 6D 48 1C 95 18 54 DC D5 45:D2:F1:12:39:E5 -79 1E FF 06 00 01 09 20 02 52 68 7F C7 9C 36 1D 2D 61 2A 99 40 F5 5D 35 6D 48 1C 95 18 54 DC D5

The phone I am using as a scanner too detects the same MAC too: image

After moving my phone I've detected that the signal is coming from one of the laptops. Is it possible that the BLE changes its MAC from time to time?

davidgyoung commented 2 years ago

Both Android and iOS devices rotate their MAC addresses about every ~15 min. Laptops may or may not do the same. Raspberry Pi computers and dedicated Bluetooth peripherals typically do not.

The first two bytes after FF are the Bluetooth SIG registered company code for the manufacturer advertisement. So when you see FF 06 00, that means it is a device by company code 0x0006 "Microsoft Corp." See here: https://www.bluetooth.com/specifications/assigned-numbers/company-identifiers/