I'm new to reading Bluetooth device (BLE) data, and tried to follow this Medium tutorial (my Bluetooth Device is an Amazfit Bip).
I got stuck with finding the btsnoop_hci.log file (from a Samsung Galaxy S7), so I ran adb bugreport anewbugreportfolder
as recommended in this Stack Overflow answer here.
In order for reproducibility, I uploaded the relevant part of my bugreport to Dropbox here.
My issue is: when I try to run btsnoop.py
(can be found here) as recommended in the Stack Overflow answer linked above, I get very strange output that can't possibly be intended (for example, it starts with ��^D#}
and contains lots of those weird question mark characters).
Is there some parts of the Python script that need to be adjusted for it to work correctly, for example encodings (none of the standard ones seem to give better results)? I am using Python 3.7. Alternatively, might it be about my Bluetooth device?
There's nothing wrong with the output of the tool. It's your expectation of what to expect, that's incorrect: The output of the tool is binary content, not a text file.
The following command (not that the tool is called btsnooz, not btsnoop) redirects the binary output to a new file called btsnoop_hci.log
:
$ python2 ./btsnooz.py ./bugreport-part.txt > btsnoop_hci.log
$ file btsnoop_hci.log
btsnoop_hci.log: BTSnoop version 1, HCI UART (H4)
The software Wireshark is perfectly able to interpret the produced BTSnoop logfile:
wireshark btsnoop_hci.log
A good filter to see only the relevant packets with CID 0x0004 is btl2cap.cid == 0x0004
:
More hints on how to proceed can be found in this tutorial: Reverse Engineering BLE Devices - Application Protocol Reverse Engineering
This solves my issue, thank you. I only got btsnooz.py to run using Python2. There is some error though (btsnoop: File has 771751936-byte packet, bigger than maximum of 262144), which is probably because of specifics in my bugreport.
Glad, I was able to help. Yes, btsnooz.py is for Python2 as of the current version 082c2af. Besides, the error message you get - does it come from your call of btsnooz.py? I don't get such a message, when running it against the file you provided in your question ("bugreport-part.txt"). Do you call it on the file from a different
adb bugreport
run?