pklaus
2020-12-06 17:51:05
There's nothing wrong with the output of the tool. It's your expectation of what to expect, that's incorrect: The output of the tool is binary content, not a text file.
The following command (not that the tool is called btsnooz, not btsnoop) redirects the binary output to a new file called btsnoop_hci.log:
$ python2 ./btsnooz.py ./bugreport-part.txt > btsnoop_hci.log
$ file btsnoop_hci.log
btsnoop_hci.log: BTSnoop version 1, HCI UART (H4)
The software Wireshark is perfectly able to interpret the produced BTSnoop logfile:
wireshark btsnoop_hci.log
A good filter to see only the relevant packets with CID 0x0004 is btl2cap.cid == 0x0004:
More hints on how to proceed can be found in this tutorial: Reverse Engineering BLE Devices - Application Protocol Reverse Engineering
This solves my issue, thank you. I only got btsnooz.py to run using Python2. There is some error though (btsnoop: File has 771751936-byte packet, bigger than maximum of 262144), which is probably because of specifics in my bugreport.
Glad, I was able to help. Yes, btsnooz.py is for Python2 as of the current version 082c2af. Besides, the error message you get - does it come from your call of btsnooz.py? I don't get such a message, when running it against the file you provided in your question ("bugreport-part.txt"). Do you call it on the file from a different
adb bugreportrun?