Matheus-Garbelini
commented
5 years ago @virtualabs I was wondering then, how legitimate devices can keep the connection with the master? Is the slave device listening for channel map updates from the master? If so, why the sniffer can't keep a normal connection? Is this because the sniffer is not decrypting packets such as LL_CONNECTION_UPDATE_REQ ?
Do you know if encryption/decryption features is a hardware feature or software libraries that could be extracted from nordic SDKs?
Channel map update recovery based on channel mapping can take some time, and sometimes this process fails and give the user no other way to synchronize btlejack with an existing connection.
Implementing a dedicated channel map update sniffer, iterating over all the possible channels, would help capturing this type of packet if it is sent frequently by a master device.