virtualabs
commented
1 year ago This is a known problem, connection becomes encrypted in the pairing process (using STK) in order to transfer a LTK. So expect the communication to be sniffed properly first and then crappy packets once encryption is enabled (as the whole link-layer is encrypted).
I am trying to sniff a new Connection from my smartphone to a smart Lock.
My setup is a Kali Linux Laptop (No VM) 3 Micro:Bits and the 2 devices. I typed into my console "btlejack -c any -o newCon.pcap". And when i look into the new File that got created I see a lot of Packages, but i would say at least 50 % are Malformed or Unknown. My Plan was to read the STK that has to get transferred and via crackle this should be rather easy. If the File would be good.
Am I doing something wrong or is this a known Problem?