"Encrypted packet decrypted incorrectly (bad MIC)" - how to get LTK

Hi,

I am trying to sniff between my phone and a BLE device.

When I put the device in pairing mode, I can see it in the "advertising" list. Then I select it (but I don't know if I should select anything from the "legacy passkey", "legacy ltk", "follow le address") 

I can see packets from/to that device.

Then I make the pairing on my phone (no PIN is required)

But then I can't get any data , all is encrypted and all I see is "empty PDU" or "Encrypted packet decrypted incorrectly (bad MIC)"

What is the correct method ?

As far as aI remember from my past experiences, if I sniff within the pairing session , I should not need a LTK.

But if LTK will help, can you guide me how to get the LTK ?

Btw, if I do the pairing, I no longer see the device in "advertising" list. If I get the LTK and try to sniff after pairing, how do I filter that device ?

Parents Reply
  • I checked it now but it does not match with my scenario.

    First of all I am not using that board. I am trying to sniff some 3rd party device. And the communication is different. If you had checked my file mb.pcapng that I had attached in my previous post, you could understand. One side requests LTK but the other side does not send LTK.

    In this case how shall I get the LTK or how shall I decrypt without a LTK ?

    Please download my file and check. 

    Thanks.

Children
Related