search

homewsn / whsniff

Whsniff is a command line utility that interfaces TI CC2531 USB dongle with Wireshark for capturing and displaying IEEE 802.15.4 traffic at 2.4 GHz.
GNU General Public License v2.0
131 stars 33 forks source link

Is CC2530 supported ? #13

Closed snakuzzo closed 3 years ago

snakuzzo commented 3 years ago

Hello. Is CC2530 supported or just CC2531 ? I have no CC2531 so I tried to flash my CC2530 with sniffer_fw_cc2530.hex firmware extracted from "SmartRF_Packet_Sniffer_2.18.0" using a SmartRF04EB...

$ sudo ./cc-tool -e -w sniffer_fw_cc2530.hex 
  Programmer: SmartRF04EB
  Target: CC2530
  Erasing flash...
  Completed       
  Writing flash (2 KB)...
  Completed (0.16 s.)

But when I start whsniff it says me no device found...

$whsniff -c 25
ERROR: No working device found.
homewsn commented 3 years ago

Whsniff does not use a device driver and accesses CC2531 using only libusb. The CC2530 does not support USB, so there is an additional chip on the board of your device that, among other things, acts as a UART2USB converter. I have not tried CC2530 with a UART2USB device. You can try it yourself by changing t_desc.idVendor and t_desc.idProduct values to the VID and PID of your USB device but this will not work if your USB device has a complex USB descriptor with multiple interfaces.

snakuzzo commented 3 years ago

Thank you @homewsn. I will try later using a CP2102 UART2USB converter.

snakuzzo commented 3 years ago

I just tried.

$ lsusb
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 002: ID 0bda:0316 Realtek Semiconductor Corp. USB3.0-CRW
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 003: ID 13d3:56a6 IMC Networks Integrated Camera
Bus 001 Device 002: ID 8087:0a2b Intel Corp. 
Bus 001 Device 005: ID 10c4:ea60 Silicon Labs CP210x UART Bridge
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

so...is it right ?

$ cat whsniff-1.3/src/whsniff.c | grep idVendor
        if(t_desc.idVendor == 0x10c4 && t_desc.idProduct == 0xea60)
            // printf("Found device %04x:%04x (bcdDevice: %04x)\n", t_desc.idVendor, t_desc.idProduct, t_desc.bcdDevice);

When I run whsniffer it seems doesn't work...

$ wireshark -k -i <( sudo whsniff -c 25 )

Wireshark starts but I have no interface and no zigbee sniffed traffic

image

homewsn commented 3 years ago

I mean the VID and PID of your SmartRF04EB board. To use the CP2102, it's first needed to sniff and hack the UART communication protocol between the CC2530 and SmartRF04EB, assuming they are using UART of course. I have neither the board itself nor its schematic, so it is difficult to guess something.

snakuzzo commented 3 years ago

Ok...thank you. I can connect CC2530 to SmartRF04EB (same connections used to flash) and SmartRF04EB to my USB. And then start whsinffer using VID and PID of SMARTRF04EB

snakuzzo commented 3 years ago

no way...I think I will buy a CC2531