search

greatscottgadgets / ubertooth

Software, firmware, and hardware designs for Ubertooth
https://greatscottgadgets.com/ubertoothone/
GNU General Public License v2.0
1.92k stars 430 forks source link

The following mode does not show all packets #449

Closed kenshinsamue closed 2 years ago

kenshinsamue commented 3 years ago

I have installed the latest version of ubertooth-one (lib, utils and firmware).

$ ubertooth-util -v
    Firmware version: 2020-12-R1 (API:1.07)

$ mkfifo /tmp/pipe

$ ls -l /tmp/pipe
    prw-rw-r-- 1 k1k4ss0 k1k4ss0 0 Mar 27 19:19 /tmp/pipe

With this, i run the following command: 

$ ubertooth-btle -f 94:0E:6B:44:0E:8C -c /tmp/pipe

And in wireshark using the pipe, shows this : image

Some packets from my enviroment, but if you see the source its not 94:0E:6B:44:0E:8C, in the terminal i see the following:

$ ubertooth-btle -f 94:0E:6B:44:0E:8C -c /tmp/pipe
systime=1616872869 freq=2402 addr=8e89bed6 delta_t=1422.846 ms rssi=-94
83 cc ca ec ce ab 16 3e 19 d4 f1 ac 81 b5 53 0d e4 
Advertising / AA 8e89bed6 (valid)/ 12 bytes
    Channel Index: 37
    Type:  SCAN_REQ
    ScanA: 3e:16:ab:ce:ec:ca (public)
    AdvA:  b5:81:ac:f1:d4:19 (random)

    Data:  ca ec ce ab 16 3e 19 d4 f1 ac 81 b5
    CRC:   53 0d e4

systime=1616872870 freq=2402 addr=8e89bed6 delta_t=752.408 ms rssi=-92
04 18 65 5e fd 2f d7 d7 ca 40 8c 98 31 84 03 ee a0 0a 6d 02 05 37 e9 15 f0 b7 03 1c 84 
Advertising / AA 8e89bed6 (valid)/ 24 bytes
    Channel Index: 37
    Type:  SCAN_RSP
    AdvA:  d7:d7:2f:fd:5e:65 (public)
    ScanRspData: ca 40 8c 98 31 84 03 ee a0 0a 6d 02 05 37 e9 15 f0 b7
Error: attempt to read past end of buffer (1 + 202 > 18)

    Data:  65 5e fd 2f d7 d7 ca 40 8c 98 31 84 03 ee a0 0a 6d 02 05 37 e9 15 f0 b7
    CRC:   03 1c 84

systime=1616872871 freq=2402 addr=8e89bed6 delta_t=1047.757 ms rssi=-94
12 55 0d 65 77 8d 87 79 98 59 17 4a 65 c0 49 3e 07 37 c1 40 67 86 95 2d ff 44 
Advertising / AA 8e89bed6 (valid)/ 21 bytes
    Channel Index: 37
    Type:  ADV_NONCONN_IND
    AdvA:  79:87:8d:77:65:0d (public)
    AdvData: 98 59 17 4a 65 c0 49 3e 07 37 c1 40 67 86 95
Error: attempt to read past end of buffer (1 + 152 > 15)

    Data:  0d 65 77 8d 87 79 98 59 17 4a 65 c0 49 3e 07 37 c1 40 67 86 95
    CRC:   2d ff 44

systime=1616872872 freq=2402 addr=8e89bed6 delta_t=1387.836 ms rssi=-89
b1 25 74 fc 59 66 19 3b 47 11 18 2f ef 15 50 23 3c 03 2f ac 1e 4e 06 e8 88 80 87 f3 7e 98 02 82 53 d5 56 0b 41 40 59 77 7f f2 
Advertising / AA 8e89bed6 (valid)/ 37 bytes
    Channel Index: 37
    Type:  ADV_DIRECT_IND
    AdvA:  3b:19:66:59:fc:74 (public)
    InitA: 15:ef:2f:18:11:47 (random)

    Data:  74 fc 59 66 19 3b 47 11 18 2f ef 15 50 23 3c 03 2f ac 1e 4e 06 e8 88 80 87 f3 7e 98 02 82 53 d5 56 0b 41 40 59
    CRC:   77 7f f2

systime=1616872875 freq=2402 addr=8e89bed6 delta_t=2469.423 ms rssi=-89
40 24 3d d1 f8 21 19 79 1a 02 1a 9a 7d a4 06 8f b5 62 d2 5d 05 e0 10 0e d6 02 0b 99 be 18 1b 80 73 8c c0 8f c6 56 b8 c4 23 
Advertising / AA 8e89bed6 (valid)/ 36 bytes
    Channel Index: 37
    Type:  ADV_IND
    AdvA:  79:19:21:f8:d1:3d (random)
    AdvData: 1a 02 1a 9a 7d a4 06 8f b5 62 d2 5d 05 e0 10 0e d6 02 0b 99 be 18 1b 80 73 8c c0 8f c6 56
        Type 02 (16-bit Service UUIDs, more available)
Error: attempt to read past end of buffer (28 + 143 > 30)

    Data:  3d d1 f8 21 19 79 1a 02 1a 9a 7d a4 06 8f b5 62 d2 5d 05 e0 10 0e d6 02 0b 99 be 18 1b 80 73 8c c0 8f c6 56
    CRC:   b8 c4 23

systime=1616872878 freq=2402 addr=8e89bed6 delta_t=2720.707 ms rssi=-96
63 55 a7 e3 cb 5b e1 81 8e 40 60 4a e4 20 08 76 1d 65 55 e2 a8 83 04 ef 8c a6 
Advertising / AA 8e89bed6 (valid)/ 21 bytes
    Channel Index: 37
    Type:  SCAN_REQ
    ScanA: 81:e1:5b:cb:e3:a7 (random)
    AdvA:  20:e4:4a:60:40:8e (public)

    Data:  a7 e3 cb 5b e1 81 8e 40 60 4a e4 20 08 76 1d 65 55 e2 a8 83 04
    CRC:   ef 8c a6

systime=1616872878 freq=2402 addr=8e89bed6 delta_t=603.660 ms rssi=-90
82 22 5f b2 45 83 a5 ae 42 d7 22 6c 7c 8e 00 d2 c5 07 1e 4f 57 13 35 ef 07 17 aa ef c0 24 82 49 a4 0c 72 5c 13 9d 82 
Advertising / AA 8e89bed6 (valid)/ 34 bytes
    Channel Index: 37
    Type:  ADV_NONCONN_IND
    AdvA:  ae:a5:83:45:b2:5f (public)
    AdvData: 42 d7 22 6c 7c 8e 00 d2 c5 07 1e 4f 57 13 35 ef 07 17 aa ef c0 24 82 49 a4 0c 72 5c
Error: attempt to read past end of buffer (1 + 66 > 28)

    Data:  5f b2 45 83 a5 ae 42 d7 22 6c 7c 8e 00 d2 c5 07 1e 4f 57 13 35 ef 07 17 aa ef c0 24 82 49 a4 0c 72 5c
    CRC:   13 9d 82

systime=1616872879 freq=2402 addr=8e89bed6 delta_t=363.810 ms rssi=-90
42 0b 2f 1a cc 67 8b 55 96 c1 3c 3a d8 f1 41 2b 
Advertising / AA 8e89bed6 (valid)/ 11 bytes
    Channel Index: 37
    Type:  ADV_NONCONN_IND
    AdvA:  55:8b:67:cc:1a:2f (random)
    AdvData: 96 c1 3c 3a d8
Error: attempt to read past end of buffer (1 + 150 > 5)

    Data:  2f 1a cc 67 8b 55 96 c1 3c 3a d8
    CRC:   f1 41 2b

systime=1616872879 freq=2402 addr=8e89bed6 delta_t=856.230 ms rssi=-92
ea 14 d1 c6 e3 4f 41 19 02 2d 1a 0b e3 05 01 39 2d 1b f5 e1 c9 c9 a4 62 3c 
Advertising / AA 8e89bed6 (valid)/ 20 bytes
    Channel Index: 37
    Type:  UNKNOWN

    Data:  d1 c6 e3 4f 41 19 02 2d 1a 0b e3 05 01 39 2d 1b f5 e1 c9 c9
    CRC:   a4 62 3c

systime=1616872883 freq=2402 addr=8e89bed6 delta_t=3750.795 ms rssi=-93
2e 22 ca 0e dc e8 c0 84 bf b6 67 a0 41 05 1c c0 91 03 c8 f7 c1 02 c5 f3 c4 68 8e cf 57 45 00 12 ff cd 81 a8 3d 53 db 
Advertising / AA 8e89bed6 (valid)/ 34 bytes
    Channel Index: 37
    Type:  UNKNOWN

    Data:  ca 0e dc e8 c0 84 bf b6 67 a0 41 05 1c c0 91 03 c8 f7 c1 02 c5 f3 c4 68 8e cf 57 45 00 12 ff cd 81 a8
    CRC:   3d 53 db

systime=1616872883 freq=2402 addr=8e89bed6 delta_t=214.462 ms rssi=-90
63 1b c6 55 fe 54 c5 6c 20 2f 1b 74 48 32 0e fb 82 10 7f 33 c8 01 18 9b 44 3e 66 22 44 11 2f 4c 
Advertising / AA 8e89bed6 (valid)/ 27 bytes
    Channel Index: 37
    Type:  SCAN_REQ
    ScanA: 6c:c5:54:fe:55:c6 (random)
    AdvA:  32:48:74:1b:2f:20 (public)

    Data:  c6 55 fe 54 c5 6c 20 2f 1b 74 48 32 0e fb 82 10 7f 33 c8 01 18 9b 44 3e 66 22 44
    CRC:   11 2f 4c

systime=1616872886 freq=2402 addr=8e89bed6 delta_t=2432.517 ms rssi=-95
40 7b 48 46 8a c5 25 42 16 80 07 d4 e7 2c 05 99 6c 39 e3 47 af b5 5d 30 56 48 19 4a cc 74 f6 82 1c 87 e5 70 7e 8a 2f 4f 63 9d 6f be 08 12 
Advertising / AA 8e89bed6 (valid)/ 59 bytes
    Channel Index: 37
    Type:  ADV_IND
    AdvA:  42:25:c5:8a:46:48 (random)
    AdvData: 16 80 07 d4 e7 2c 05 99 6c 39 e3 47 af b5 5d 30 56 48 19 4a cc 74 f6 82 1c 87 e5 70 7e 8a 2f 4f 63 9d 6f be 08 12 20 fc 59 df fd 7f 00 00 00 b2 a5 d5 dc 96 d6
        Type 80
            07 d4 e7 2c 05 99 6c 39 e3 47 af b5 5d 30 56 48 19 4a cc 74 f6
Error: attempt to read past end of buffer (24 + 130 > 53)

    Data:  48 46 8a c5 25 42 16 80 07 d4 e7 2c 05 99 6c 39 e3 47 af b5 5d 30 56 48 19 4a cc 74 f6 82 1c 87 e5 70 7e 8a 2f 4f 63 9d 6f be 08 12 20 fc 59 df fd 7f 00 00 00 b2 a5 d5 dc 96 d6
    CRC:   be 89 8e

systime=1616872886 freq=2402 addr=8e89bed6 delta_t=117.391 ms rssi=-95
40 34 3d f6 5a 75 11 79 42 01 12 8a f9 44 80 01 37 1a 13 25 15 80 0a 30 c4 15 09 e9 56 0a 0f 8a 9f ac d8 19 4d e7 39 76 4e 97 83 dc 02 fc 
Advertising / AA 8e89bed6 (valid)/ 52 bytes
    Channel Index: 37
    Type:  ADV_IND
    AdvA:  79:11:75:5a:f6:3d (random)
    AdvData: 42 01 12 8a f9 44 80 01 37 1a 13 25 15 80 0a 30 c4 15 09 e9 56 0a 0f 8a 9f ac d8 19 4d e7 39 76 4e 97 83 dc 02 fc 20 fc 59 df fd 7f 00 00
Error: attempt to read past end of buffer (1 + 66 > 46)

    Data:  3d f6 5a 75 11 79 42 01 12 8a f9 44 80 01 37 1a 13 25 15 80 0a 30 c4 15 09 e9 56 0a 0f 8a 9f ac d8 19 4d e7 39 76 4e 97 83 dc 02 fc 20 fc 59 df fd 7f 00 00
    CRC:   00 b2 a5

systime=1616872890 freq=2402 addr=8e89bed6 delta_t=3782.117 ms rssi=-97
70 92 44 1a c9 5e e1 59 4a d1 32 09 1e 48 63 ee 4e 00 07 29 1b 28 96 
Advertising / AA 8e89bed6 (valid)/ 18 bytes
    Channel Index: 37
    Type:  ADV_IND
    AdvA:  59:e1:5e:c9:1a:44 (random)
    AdvData: 4a d1 32 09 1e 48 63 ee 4e 00 07 29
Error: attempt to read past end of buffer (1 + 74 > 12)

    Data:  44 1a c9 5e e1 59 4a d1 32 09 1e 48 63 ee 4e 00 07 29
    CRC:   1b 28 96

I have seen some error messages, for example: 

systime=1616872875 freq=2402 addr=8e89bed6 delta_t=2469.423 ms rssi=-89
40 24 3d d1 f8 21 19 79 1a 02 1a 9a 7d a4 06 8f b5 62 d2 5d 05 e0 10 0e d6 02 0b 99 be 18 1b 80 73 8c c0 8f c6 56 b8 c4 23 
Advertising / AA 8e89bed6 (valid)/ 36 bytes
    Channel Index: 37
    Type:  ADV_IND
    AdvA:  79:19:21:f8:d1:3d (random)
    AdvData: 1a 02 1a 9a 7d a4 06 8f b5 62 d2 5d 05 e0 10 0e d6 02 0b 99 be 18 1b 80 73 8c c0 8f c6 56
        Type 02 (16-bit Service UUIDs, more available)
Error: attempt to read past end of buffer (28 + 143 > 30)

    Data:  3d d1 f8 21 19 79 1a 02 1a 9a 7d a4 06 8f b5 62 d2 5d 05 e0 10 0e d6 02 0b 99 be 18 1b 80 73 8c c0 8f c6 56
    CRC:   b8 c4 23

Other issue i have i that when i execute without a BT MAC, it only shows scan- relatable packets or malformed packets: image

While taking this sniffing example, i tried a pairing between my phone and my pc, with the key pass, neither the SMP packet has been shown or information packets (a photo shared with BT).

Whats happening, i can give very information to solve this, i have seen examples of sniffing in Internet and it should show some varieties of protocols but its not my case...

mossmann commented 2 years ago

I think you are seeing the impact of the 50 byte packet length limit in the firmware. I've created a new issue (#468) to track that bug.

straithe commented 2 years ago

I'm going to close this as there hasn't been a response in a while, but please re-open this issue or open a new one if you still need assistance.