Sniff and decode NRF24L01+ and Bluetooth Low Energy using RTL-SDR.
These protocols use the ISM 2.4Ghz frequency range, which is beyond the capabilities of the cheap rtl-sdr, a down convertor is necessary. See http://blog.cyberexplorer.me/2014/01/sniffing-and-decoding-nrf24l01-and.html for more details.
The main repository is at https://github.com/omriiluz/NRF24-BTLE-Decoder
make
or directly
gcc -std=gnu99 -Wall -O3 -o nrf24-btle-decoder nrf24-btle-decoder.c
nrf24-btle-decoder [-t nrf|btle] [-d 1|2|8] [-l len]
-t packet_type (nrf or btle), defaults to nrf. Using packet type btle implies -d 2
-d downsample_rate (1 for 2mbps, 2 for 1mbps, 8 for 256kbps), default to 2
-l len (1-32). Sets a fixed packet length
Important - this program input is a 2M samples per second bitstream generated by rtl_fm or equivalent e.g. rtl_fm.exe -f 428m -s 2000k | nrf24-btle-decoder.exe -t nrf -s 2
All of the code contained here is licensed by the MIT license.
Dmitry Grinberg, CRC and Whiten code for BTLE - http://goo.gl/G9m8Ud
Open Source Mobile Communication, RTL-SDR information - http://sdr.osmocom.org/trac/wiki/rtl-sdr
Steve Markgraf, RTL-SDR Library - https://github.com/steve-m/librtlsdr
Copyright (c) 2014 Omri Iluz (omri@il.uz / http://cyberexplorer.me / https://github.com/omriiluz)