This repository is for my Honours Project at Edinburgh Napier University for Cybersecurity and Forensics.
-
Download project zip by going to Code > Download ZIP
-
Extract the contents of the ZIP to a new folder.
-
Install Python 3 from https://www.python.org/downloads/, during installation under "Advanced Options", make sure you tick "Add Python to environment variables.
-
Install Wireshark from https://www.wireshark.org/download.html, keep default settings and make sure "Install TShark" is ticked during install.
-
Install the Python modules inputting the following commands below in either PowerShell or Command Line (cmd)
python -m pip install PySimpleGUI
python -m pip install pyshark
python -m pip install plotly
python -m pip install networkx
python -m pip install pandas
python -m pip install matplotlib
-
Launch the Application by running
py Bluetooth_Analyser.py
in PowerShell or Command Line (cmd) from within the "bluetooth_analyser-main" folder.
I recommend you do this by first deselecting any items in the folder, Shift + Right Clicking an empty area of the folder and selecting "Open PowerShell window here". This will open a PowerShell window within the directory.
- Run "Bluetooth Analyser.py" with Python 3 ("py Bluetooth Analyser.py" in Powershell)
- Press "Import PCAP" and select the file you wish to import.
- Click a packet to discover more information regarding the data and structure.
- Clicking the advertising data allows you to analyse the data entries for that advertising packet.
- Download extcap extension for Wireshark by going to the following link and downloading the latest version zip file: https://www.nordicsemi.com/Software-and-tools/Development-Tools/nRF-Sniffer-for-Bluetooth-LE/Download
- Open Wireshark and go to Help > About Wireshark > Folders Tab. Take note of the directory for "Global Extcap path".
- Open the zip file and copy/merge the "extcap" folder to the extcap folder you took note of previously.
- The extcap folder in Wireshark should now contain various files and a folder called "SnifferAPI".
- Plug in your LE Sniffer into a usb port on your system.
- Run the application and press "Live Capture", imput the amount of seconds you wish to run the capture for.
- Press "Capture" and let the application run Wireshark, conduct the capture and automatically close Wireshark.
- Once the capture is finished and Wireshark closes, the capture will be imported to be analysed as usual.
- If you wish to export the capture for later analysis, press the "Export PCAP" button and choose a file name and location.
Required for all functionality except live capture.
- Windows 10.
- Python 3 Installed. (https://www.python.org/downloads/)
- Wireshark Installed. (https://www.wireshark.org/download.html)
- TShark Installed. (Installed by default during Wireshark installation)
- Python Modules Installed:
- PySimpleGUI
- pyshark
- plotly
- networkx
- numpy (Installed with pandas)
- pandas
- matplotlib
Only required if you want to perform live captures.
- Bluefruit LE Sniffer. (found at https://www.adafruit.com/product/2269)