Skip to content

Now I can announce that the HACKRF BTLE packet sniffer/scanner can follow hopping data channels automatically now (Many tests show good behaviours just like TI's sniffer.)!

Assets 2
  1. Add all channels support. Including both ADV channel and DATA channel. btle_tx and btle_rx are tested with TI's packet sniffer. They work correctly.
  2. Add verbose and raw option to btle_rx.

btle_rx -c chan -g gain -a access_addr -k crc_init -v -r

chan: Channel number. Default value 37 (one of ADV chan). Valid value 0~39 (all ADV and DATA chan).

gain: VGA gain. default value 6. valid value 0~62. LNA has been set to maximum 40dB internally. Gain should be tuned very carefully to ensure best performance under your circumstance. Suggest test from low gain, because high gain always causes severe distortion and get you nothing.

access_addr: Access address. Default 8e89bed6 for ADV channel 37 38 39. You should specify correct value for data channel according to captured connection setup procedure.

crc_init: Default 555555 for ADV channel. You should specify correct value for data channel according to captured connection setup procedure.

-v: Verbose mode. Print more information when there is error

-r: Raw mode. After access addr is detected, print out following raw 42 bytes (without descrambling, parsing)

Assets 2

fix btle_tx bug. now fastest tx interval is 8ms. tested on hackrf-2015.07.2.

New features:

  1. btle_rx is done.
  2. Bothe tx and rx algorithm are converted to fixed point. Low latency. Real-time processing.
  3. Add new packet type "Discovery" which can display any names and services in your App like LightBlue. ( I use this packet type in the "ADS-B BTLE Air Relay" http://sdr-x.github.io/abar/
  4. Some bugs are fixed.

ATTENTION: To support fast/realtime sender and scanner/sniffer, I have changed lib_device->transfer_count to 4 and lib_device->buffer_size to 4096 in hackrf driver: hackrf.c. If you want to use this tool, you'd better also do that change to your driver source code and re-compile, re-install as instructed in hackrf

Assets 2

New features:

  1. btle_rx is done.
  2. Bothe tx and rx algorithm are converted to fixed point. Low latency. Real-time processing.
  3. Add new packet type "Discovery" which can display any names and services in your App like LightBlue. ( I use this packet type in the "ADS-B BTLE Air Relay" http://sdr-x.github.io/abar/
  4. Some bugs are fixed.

ATTENTION: To support fast/realtime sender and scanner/sniffer, I have changed lib_device->transfer_count to 4 and lib_device->buffer_size to 4096 in hackrf driver: hackrf.c. If you want to use this tool, you'd better also do that change to your driver source code and re-compile, re-install as instructed in hackrf

Assets 2

@JiaoXianjun JiaoXianjun released this Oct 6, 2015 · 97 commits to master since this release

Previous release should have bugs. Now they are fixed. Please use this revision instead of previous one.

Assets 2

@JiaoXianjun JiaoXianjun released this Sep 5, 2015 · 135 commits to master since this release

See supported packet formats in README and packets.txt packets_discovery.txt packets_ibeacon.txt.

Assets 2
You can’t perform that action at this time.