• State Not Answered
  • Replies 3 replies
  • Subscribers 66 subscribers
  • Views 163 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 331498
Options

Problem to configure nRF Sniffer in Wireshark

Higo

I am following the steps to configure the Bluetooth BE Sniffer in Wireshark, but I am having difficulties. I tried both on Windows and Untuntu (Linux).

Setting up nRF Sniffer for Bluetooth LE - Nordic Developer Academy (nordicsemi.com)

Nordic Semiconductor Infocenter

I installed the requirements (pyserial >= 3.5 and psutil)

I put the files indicated in the tutorial in the "Global Extcap path"

I refresh Wireshark (Capture > Refresh Interfaces or pressing F5)

But the nRF hardware interface does not appear as an option in Wireshark.

Parents
  • 0

    Hello Hung Bui, thanks for your support.

    I'm trying in windows and Ubuntu, 

    I'm putting bellow.

    Verification on Windows

    In Devine Manager from Windows, I can see the nRF52840 in the COM33 

    but the return of command "nrf_sniffer_ble.bat --extcap-interfaces" is bellow, don't show the interface or COM

    C:\Users\higo.f\AppData\Roaming\Wireshark\extcap>nrf_sniffer_ble.bat --extcap-interfaces
    extcap {version=4.1.1}{display=nRF Sniffer for Bluetooth LE}{help=www.nordicsemi.com/.../nRF-Sniffer-for-Bluetooth-LE}
    control {number=0}{type=selector}{display=Device}{tooltip=Device list}
    control {number=1}{type=selector}{display=Key}{tooltip=}
    control {number=2}{type=string}{display=Value}{tooltip=6 digit passkey or 16 or 32 bytes encryption key in hexadecimal starting with '0x', big endian format.If the entered key is shorter than 16 or 32 bytes, it will be zero-padded in front'}{validation=\b^(([0-9]{6})|(0x[0-9a-fA-F]{1,64})|([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2}) (public|random))$\b}
    control {number=3}{type=string}{display=Adv Hop}{default=37,38,39}{tooltip=Advertising channel hop sequence. Change the order in which the sniffer switches advertising channels. Valid channels are 37, 38 and 39 separated by comma.}{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}
    control {number=7}{type=button}{display=Clear}{tooltop=Clear or remove device from Device list}
    control {number=4}{type=button}{role=help}{display=Help}{tooltip=Access user guide (launches browser)}
    control {number=5}{type=button}{role=restore}{display=Defaults}{tooltip=Resets the user interface and clears the log file}
    control {number=6}{type=button}{role=logger}{display=Log}{tooltip=Log per interface}
    value {control=0}{value= }{display=All advertising devices}{default=true}
    value {control=0}{value=[00,00,00,00,00,00,0]}{display=Follow IRK}
    value {control=1}{value=0}{display=Legacy Passkey}{default=true}
    value {control=1}{value=1}{display=Legacy OOB data}
    value {control=1}{value=2}{display=Legacy LTK}
    value {control=1}{value=3}{display=SC LTK}
    value {control=1}{value=4}{display=SC Private Key}
    value {control=1}{value=5}{display=IRK}
    value {control=1}{value=6}{display=Add LE address}
    value {control=1}{value=7}{display=Follow LE address}

    C:\Users\higo.f\AppData\Roaming\Wireshark\extcap>python --version
    Python 3.8.0

    Verification on Ubuntu (Linux)

    in ubuntu is same case

    higor.albuquerque@mdl-51stm0992:~/.config/wireshark/extcap$ ./nrf_sniffer_ble.sh --extcap-interfaces
    extcap {version=4.1.1}{display=nRF Sniffer for Bluetooth LE}{help=www.nordicsemi.com/.../nRF-Sniffer-for-Bluetooth-LE}control {number=0}{type=selector}{display=Device}{tooltip=Device list}
    control {number=1}{type=selector}{display=Key}{tooltip=}
    control {number=2}{type=string}{display=Value}{tooltip=6 digit passkey or 16 or 32 bytes encryption key in hexadecimal starting with '0x', big endian format.If the entered key is shorter than 16 or 32 bytes, it will be zero-padded in front'}{validation=\b^(([0-9]{6})|(0x[0-9a-fA-F]{1,64})|([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2}) (public|random))$\b}
    control {number=3}{type=string}{display=Adv Hop}{default=37,38,39}{tooltip=Advertising channel hop sequence. Change the order in which the sniffer switches advertising channels. Valid channels are 37, 38 and 39 separated by comma.}{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}
    control {number=7}{type=button}{display=Clear}{tooltop=Clear or remove device from Device list}
    control {number=4}{type=button}{role=help}{display=Help}{tooltip=Access user guide (launches browser)}
    control {number=5}{type=button}{role=restore}{display=Defaults}{tooltip=Resets the user interface and clears the log file}
    control {number=6}{type=button}{role=logger}{display=Log}{tooltip=Log per interface}
    value {control=0}{value= }{display=All advertising devices}{default=true}
    value {control=0}{value=[00,00,00,00,00,00,0]}{display=Follow IRK}
    value {control=1}{value=0}{display=Legacy Passkey}{default=true}
    value {control=1}{value=1}{display=Legacy OOB data}
    value {control=1}{value=2}{display=Legacy LTK}
    value {control=1}{value=3}{display=SC LTK}
    value {control=1}{value=4}{display=SC Private Key}
    value {control=1}{value=5}{display=IRK}
    value {control=1}{value=6}{display=Add LE address}
    value {control=1}{value=7}{display=Follow LE address}
    higor.albuquerque@mdl-51stm0992:~/.config/wireshark/extcap$ python --version
    Python 3.9.16+

    I hope you can give me new options to solve it

Reply
  • 0

    Hello Hung Bui, thanks for your support.

    I'm trying in windows and Ubuntu, 

    I'm putting bellow.

    Verification on Windows

    In Devine Manager from Windows, I can see the nRF52840 in the COM33 

    but the return of command "nrf_sniffer_ble.bat --extcap-interfaces" is bellow, don't show the interface or COM

    C:\Users\higo.f\AppData\Roaming\Wireshark\extcap>nrf_sniffer_ble.bat --extcap-interfaces
    extcap {version=4.1.1}{display=nRF Sniffer for Bluetooth LE}{help=www.nordicsemi.com/.../nRF-Sniffer-for-Bluetooth-LE}
    control {number=0}{type=selector}{display=Device}{tooltip=Device list}
    control {number=1}{type=selector}{display=Key}{tooltip=}
    control {number=2}{type=string}{display=Value}{tooltip=6 digit passkey or 16 or 32 bytes encryption key in hexadecimal starting with '0x', big endian format.If the entered key is shorter than 16 or 32 bytes, it will be zero-padded in front'}{validation=\b^(([0-9]{6})|(0x[0-9a-fA-F]{1,64})|([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2}) (public|random))$\b}
    control {number=3}{type=string}{display=Adv Hop}{default=37,38,39}{tooltip=Advertising channel hop sequence. Change the order in which the sniffer switches advertising channels. Valid channels are 37, 38 and 39 separated by comma.}{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}
    control {number=7}{type=button}{display=Clear}{tooltop=Clear or remove device from Device list}
    control {number=4}{type=button}{role=help}{display=Help}{tooltip=Access user guide (launches browser)}
    control {number=5}{type=button}{role=restore}{display=Defaults}{tooltip=Resets the user interface and clears the log file}
    control {number=6}{type=button}{role=logger}{display=Log}{tooltip=Log per interface}
    value {control=0}{value= }{display=All advertising devices}{default=true}
    value {control=0}{value=[00,00,00,00,00,00,0]}{display=Follow IRK}
    value {control=1}{value=0}{display=Legacy Passkey}{default=true}
    value {control=1}{value=1}{display=Legacy OOB data}
    value {control=1}{value=2}{display=Legacy LTK}
    value {control=1}{value=3}{display=SC LTK}
    value {control=1}{value=4}{display=SC Private Key}
    value {control=1}{value=5}{display=IRK}
    value {control=1}{value=6}{display=Add LE address}
    value {control=1}{value=7}{display=Follow LE address}

    C:\Users\higo.f\AppData\Roaming\Wireshark\extcap>python --version
    Python 3.8.0

    Verification on Ubuntu (Linux)

    in ubuntu is same case

    higor.albuquerque@mdl-51stm0992:~/.config/wireshark/extcap$ ./nrf_sniffer_ble.sh --extcap-interfaces
    extcap {version=4.1.1}{display=nRF Sniffer for Bluetooth LE}{help=www.nordicsemi.com/.../nRF-Sniffer-for-Bluetooth-LE}control {number=0}{type=selector}{display=Device}{tooltip=Device list}
    control {number=1}{type=selector}{display=Key}{tooltip=}
    control {number=2}{type=string}{display=Value}{tooltip=6 digit passkey or 16 or 32 bytes encryption key in hexadecimal starting with '0x', big endian format.If the entered key is shorter than 16 or 32 bytes, it will be zero-padded in front'}{validation=\b^(([0-9]{6})|(0x[0-9a-fA-F]{1,64})|([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2}) (public|random))$\b}
    control {number=3}{type=string}{display=Adv Hop}{default=37,38,39}{tooltip=Advertising channel hop sequence. Change the order in which the sniffer switches advertising channels. Valid channels are 37, 38 and 39 separated by comma.}{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}
    control {number=7}{type=button}{display=Clear}{tooltop=Clear or remove device from Device list}
    control {number=4}{type=button}{role=help}{display=Help}{tooltip=Access user guide (launches browser)}
    control {number=5}{type=button}{role=restore}{display=Defaults}{tooltip=Resets the user interface and clears the log file}
    control {number=6}{type=button}{role=logger}{display=Log}{tooltip=Log per interface}
    value {control=0}{value= }{display=All advertising devices}{default=true}
    value {control=0}{value=[00,00,00,00,00,00,0]}{display=Follow IRK}
    value {control=1}{value=0}{display=Legacy Passkey}{default=true}
    value {control=1}{value=1}{display=Legacy OOB data}
    value {control=1}{value=2}{display=Legacy LTK}
    value {control=1}{value=3}{display=SC LTK}
    value {control=1}{value=4}{display=SC Private Key}
    value {control=1}{value=5}{display=IRK}
    value {control=1}{value=6}{display=Add LE address}
    value {control=1}{value=7}{display=Follow LE address}
    higor.albuquerque@mdl-51stm0992:~/.config/wireshark/extcap$ python --version
    Python 3.9.16+

    I hope you can give me new options to solve it

Children
Related