• State Not Answered
  • Replies 8 replies
  • Subscribers 87 subscribers
  • Views 2740 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 272211
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Can't setup the nRF BLE Sniffer

RTMerkel

Howdy,

I'm evaluating the nRF Sniffer + nRF52840 dongle as a stop gap BLE sniffer solution, but I'm having a lot of issues setting it up.

Re: Installing nRF Sniffer (https://infocenter.nordicsemi.com/index.jsp?topic=%2Fug_sniffer_ble%2FUG%2Fsniffer_ble%2Faction_paired.html&cp=10_5_4_3)

  • nRF52840 dongle
  • Windows 10 Enterprise
  • Python 3.9.5, Py 3.7.8

Step: Programming the nRF Sniffer firmware (infocenter.nordicsemi.com/.../programming_firmware.html)

Using the nRF Connect Desktop (Windows) > Programmer 3.6.1, I get "Nordic DFU Trigger Interface was not found" after writing the hex file to the dongle. Here's the log:

     2021-06-23T01:28:45.490Z INFO Target device closed.
     2021-06-23T01:32:13.938Z INFO DFU trigger interface found, changing to bootloader...
     2021-06-23T01:32:14.619Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:32:14.623Z INFO Protocol Version:  1 found
     2021-06-23T01:32:14.625Z INFO Hardware: 52840 found
     2021-06-23T01:32:14.629Z INFO Firmware: Bootloader found
     2021-06-23T01:32:14.629Z INFO Firmware: SoftDevice found
     2021-06-23T01:32:14.629Z INFO Firmware: Application found
     2021-06-23T01:32:32.121Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:32:32.122Z INFO Hash is generated by SHA256
     2021-06-23T01:32:32.123Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:32:32.127Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:32:36.928Z INFO DFU for Application completed successfully!
     2021-06-23T01:32:36.929Z INFO 0 dfu package(s) left.
     2021-06-23T01:32:36.929Z INFO Waiting for device
     2021-06-23T01:32:41.929Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:32:41.929Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:32:41.930Z ERROR Device not found due to failure during DFU
     2021-06-23T01:32:42.973Z INFO Target device closed.
     2021-06-23T01:32:59.994Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:32:59.998Z INFO Protocol Version:  1 found
     2021-06-23T01:32:59.999Z INFO Hardware: 52840 found
     2021-06-23T01:33:00.002Z INFO Firmware: Bootloader found
     2021-06-23T01:33:00.002Z INFO Firmware: Application found
     2021-06-23T01:33:03.674Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:33:03.675Z INFO Hash is generated by SHA256
     2021-06-23T01:33:03.677Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:33:03.681Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:33:08.480Z INFO DFU for Application completed successfully!
     2021-06-23T01:33:08.480Z INFO 0 dfu package(s) left.
     2021-06-23T01:33:08.480Z INFO Waiting for device
     2021-06-23T01:33:13.481Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:33:13.481Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:33:13.481Z ERROR Device not found due to failure during DFU
     2021-06-23T01:33:14.523Z INFO Target device closed.
     2021-06-23T01:33:36.508Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:33:36.512Z INFO Protocol Version:  1 found
     2021-06-23T01:33:36.513Z INFO Hardware: 52840 found
     2021-06-23T01:33:36.516Z INFO Firmware: Bootloader found
     2021-06-23T01:33:36.516Z INFO Firmware: Application found
     2021-06-23T01:33:58.650Z INFO Parsing HEX file:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:33:58.651Z INFO File was last modified at  11/10/2020, 8:40:38 PM
     2021-06-23T01:34:02.048Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:34:02.049Z INFO Hash is generated by SHA256
     2021-06-23T01:34:02.050Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:34:02.055Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:34:06.855Z INFO DFU for Application completed successfully!
     2021-06-23T01:34:06.855Z INFO 0 dfu package(s) left.
     2021-06-23T01:34:06.855Z INFO Waiting for device
     2021-06-23T01:34:11.856Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:34:11.856Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:34:11.857Z ERROR Device not found due to failure during DFU
     2021-06-23T01:34:12.901Z INFO Target device closed.
     2021-06-23T01:37:15.411Z INFO DFU trigger interface found, changing to bootloader...
     2021-06-23T01:37:16.081Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:37:16.086Z INFO Protocol Version:  1 found
     2021-06-23T01:37:16.088Z INFO Hardware: 52840 found
     2021-06-23T01:37:16.098Z INFO Firmware: Bootloader found
     2021-06-23T01:37:16.098Z INFO Firmware: SoftDevice found
     2021-06-23T01:37:16.098Z INFO Firmware: Application found
     2021-06-23T01:37:24.644Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:37:24.645Z INFO Hash is generated by SHA256
     2021-06-23T01:37:24.646Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:37:24.651Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:37:29.452Z INFO DFU for Application completed successfully!
     2021-06-23T01:37:29.452Z INFO 0 dfu package(s) left.
     2021-06-23T01:37:29.452Z INFO Waiting for device
     2021-06-23T01:37:34.454Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:37:34.454Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:37:34.455Z ERROR Device not found due to failure during DFU
     2021-06-23T01:37:35.499Z INFO Target device closed.
     2021-06-23T01:39:51.595Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:39:51.599Z INFO Protocol Version:  1 found
     2021-06-23T01:39:51.600Z INFO Hardware: 52840 found
     2021-06-23T01:39:51.603Z INFO Firmware: Bootloader found
     2021-06-23T01:39:51.603Z INFO Firmware: Application found
     2021-06-23T01:39:56.643Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:39:56.644Z INFO Hash is generated by SHA256
     2021-06-23T01:39:56.645Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:39:56.649Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:40:01.450Z INFO DFU for Application completed successfully!
     2021-06-23T01:40:01.450Z INFO 0 dfu package(s) left.
     2021-06-23T01:40:01.450Z INFO Waiting for device
     2021-06-23T01:40:06.452Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:40:06.452Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:40:06.453Z ERROR Device not found due to failure during DFU
     2021-06-23T01:40:07.495Z INFO Target device closed.
     2021-06-23T01:47:47.371Z INFO Parsing HEX file:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:47:47.372Z INFO File was last modified at  11/10/2020, 8:40:38 PM
     2021-06-23T01:48:59.348Z INFO DFU trigger interface found, changing to bootloader...
     2021-06-23T01:49:00.012Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:49:00.020Z INFO Protocol Version:  1 found
     2021-06-23T01:49:00.023Z INFO Hardware: 52840 found
     2021-06-23T01:49:00.047Z INFO Firmware: Bootloader found
     2021-06-23T01:49:00.047Z INFO Firmware: SoftDevice found
     2021-06-23T01:49:00.047Z INFO Firmware: Application found
     2021-06-23T01:50:16.220Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:50:16.221Z INFO Hash is generated by SHA256
     2021-06-23T01:50:16.223Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:50:16.227Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:50:21.031Z INFO DFU for Application completed successfully!
     2021-06-23T01:50:21.031Z INFO 0 dfu package(s) left.
     2021-06-23T01:50:21.031Z INFO Waiting for device
     2021-06-23T01:50:26.033Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:50:26.033Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:50:26.034Z ERROR Device not found due to failure during DFU
     2021-06-23T01:50:27.078Z INFO Target device closed.
     2021-06-23T01:53:00.097Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:53:00.101Z INFO Protocol Version:  1 found
     2021-06-23T01:53:00.102Z INFO Hardware: 52840 found
     2021-06-23T01:53:00.104Z INFO Firmware: Bootloader found
     2021-06-23T01:53:00.104Z INFO Firmware: Application found
     2021-06-23T01:53:36.011Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:53:36.012Z INFO Hash is generated by SHA256
     2021-06-23T01:53:36.015Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:53:36.019Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:53:40.821Z INFO DFU for Application completed successfully!
     2021-06-23T01:53:40.822Z INFO 0 dfu package(s) left.
     2021-06-23T01:53:40.822Z INFO Waiting for device
     2021-06-23T01:53:45.823Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:53:45.824Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:53:45.824Z ERROR Device not found due to failure during DFU
     2021-06-23T01:53:46.867Z INFO Target device closed.

Daniel Veilleux suggests that it actually worked as the log says "DFU for Application completed successfully!" If so, the instructions should note this.

Step: Installing the nRF Sniffer capture tool

2d, Double-click the location for teh Extcap path

The latest vertsion of Wireshark (3.4.6) has a Personal and Global Extcap path. I used the Global Extcap path. If that's correct, then the instructions should be updated.

3. Make sure that the nRF Sniffer files can be run correctly... nrf_sniffer_ble.bat –extcap-interfaces

Complains that import serial doesn't work. However, pip and pip3 says pyserial and serial are installed!

After digging arround, the issue was the BAT files was running

py -3 "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*

Note that

C:\Program Files\Wireshark\extcap>python --version
Python 3.9.5
C:\Program Files\Wireshark\extcap>python3 --version
Python 3.9.5
C:\Program Files\Wireshark\extcap>py --version
Python 3.7.8

I modified the BAT file to run python directly:

@echo off
rem Path to this batch file
set NRF_SNIFFER_BLE_PATH=%~dp0
rem Remove the "\" from the end of the path
set NRF_SNIFFER_BLE_PATH=%NRF_SNIFFER_BLE_PATH:~0,-1%
rem Activate virtualenv if present
if exist "%NRF_SNIFFER_BLE_PATH%\env\Scripts\activate.bat" call "%NRF_SNIFFER_BLE_PATH%\env\Scripts\activate.bat"

REM this line repaces those following
python "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*

REM rem Find out if the launcher is installed and available
REM where py > NUL 2>&1 
REM if %ERRORLEVEL% EQU 0 (
REM     py -3 "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*
REM ) else (
REM     python "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*
REM )

Now I get a new error which makes me think that the Nordic python scripts are out of sync with the local version of [py]serial:

Traceback (most recent call last):
  File "C:\Program Files\Wireshark\extcap\nrf_sniffer_ble.py", line 51, in <module>
    from SnifferAPI import Sniffer, myVersion, Logger, UART, Devices, Pcap
  File "C:\Program Files\Wireshark\extcap\SnifferAPI\Sniffer.py", line 53, in <module>
    from . import SnifferCollector
  File "C:\Program Files\Wireshark\extcap\SnifferAPI\SnifferCollector.py", line 37, in <module>
    from serial import SerialException
ImportError: cannot import name 'SerialException' from 'serial' (C:\Users\310260622\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\serial\__init__.py)

At this point I contacted Daniel who suggested a devzone ticket.

Parents
  • 0

    Hi Randy,

    Daniel Veilleux suggests that it actually worked as the log says "DFU for Application completed successfully!" If so, the instructions should note this.

    Daniel is right, you will get this error as long as the new firmware does not have the DFU trigger library. I agree that should be stated, though.

    I will forward the needs for improving the documentation. There is another set of instructions here, which is unofficial but quite good: How to install BLE Sniffer on nRF52840 Dongle and run it.

    py should normally point to the default python version in your system. I am not sure exactly why this causes problems but it seems you are getting issues because you have two python 3 versions installed at the same time. Can you first make sure you only have a single python 3 install before going forward?

    Einar

  • 0 in reply to Einar Thorsrud

    Hi Einar!

    I'll take a look at the unofficial instructions to day.

    My py points to Python 3.7.8 while "python" runs 3.9.5. My guess is that "pip3 install -r requirements.txt" is updating 3.9.5.

    Any suggestions on debugging "ImportError: cannot import name 'SerialException' from 'serial'"? My guess is that the Philips scripts are out of date with the [py]serial installed by pip3.

  • 0 in reply to RTMerkel

    I tried the link - it's to a private website which requires a password.

  • 0 in reply to RTMerkel

    I tried the following:

    >>> import serial
>>> dir(serial)
['__builtins__', '__cached__', '__doc__', '__file__', '__loader__', '__name__', '__package__', '__path__', '__spec__', 'abc', 'absolute_import', 'division', 'errors', 'generators', 'hooks', 'marshal', 'meta', 'model', 'nested_scopes', 'print_function', 'properties', 'request', 'test', 'unicode_literals', 'utilities', 'with_statement']

    And then, following the suggestions at https://stackoverflow.com/questions/33267070/no-module-named-serial:

    C:\Program Files\Wireshark\extcap>pip3 uninstall pyserial
Found existing installation: pyserial 3.5
Uninstalling pyserial-3.5:
  Would remove:
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\scripts\pyserial-miniterm.exe
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\scripts\pyserial-ports.exe
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\pyserial-3.5.dist-info\*
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\*
  Would not remove (might be manually added):
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\abc\__init__.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\abc\model.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\abc\properties.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\errors.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\hooks.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\marshal.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\meta.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\model.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\properties.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\request.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\test.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\utilities\__init__.py
    c:\users\310260622\appdata\local\packages\pythonsoftwarefoundation.python.3.9_qbz5n2kfra8p0\localcache\local-packages\python39\site-packages\serial\utilities\compatibility.py
Proceed (y/n)? y
  Successfully uninstalled pyserial-3.5

C:\Program Files\Wireshark\extcap>pip3 install pyserial
Collecting pyserial
  Using cached pyserial-3.5-py2.py3-none-any.whl (90 kB)
Installing collected packages: pyserial
  WARNING: The scripts pyserial-miniterm.exe and pyserial-ports.exe are installed in 'C:\Users\310260622\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\Scripts' which is not on PATH.
  Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location.
Successfully installed pyserial-3.5

C:\Program Files\Wireshark\extcap>python
Python 3.9.5 (tags/v3.9.5:0a7dcbd, May  3 2021, 17:27:52) [MSC v.1928 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import serial
>>> dir(serial)
['CR', 'EIGHTBITS', 'FIVEBITS', 'LF', 'PARITY_EVEN', 'PARITY_MARK', 'PARITY_NAMES', 'PARITY_NONE', 'PARITY_ODD', 'PARITY_SPACE', 'PortNotOpenError', 'SEVENBITS', 'SIXBITS', 'STOPBITS_ONE', 'STOPBITS_ONE_POINT_FIVE', 'STOPBITS_TWO', 'Serial', 'SerialBase', 'SerialException', 'SerialTimeoutException', 'Timeout', 'VERSION', 'XOFF', 'XON', '__builtins__', '__cached__', '__doc__', '__file__', '__loader__', '__name__', '__package__', '__path__', '__spec__', '__version__', 'absolute_import', 'basestring', 'importlib', 'io', 'iterbytes', 'os', 'protocol_handler_packages', 'serial_for_url', 'serialutil', 'serialwin32', 'sys', 'time', 'to_bytes', 'unicode', 'win32']

    Now the modified BAT file works:

    C:\Program Files\Wireshark\extcap>nrf_sniffer_ble.bat --extcap-interfaces
extcap {version=3.1.0}{display=nRF Sniffer for Bluetooth LE}{help=https://www.nordicsemi.com/Software-and-Tools/Development-Tools/nRF-Sniffer-for-Bluetooth-LE}
control {number=0}{type=selector}{display=Device}{tooltip=Device list}
control {number=1}{type=string}{display=Passkey / OOB key}{tooltip=6 digit temporary key or 16 byte Out-of-band (OOB) key in hexadecimal starting with '0x', big endian format. If the entered key is shorter than 16 bytes, it will be zero-padded in front'}{validation=\b^(([0-9]{6})|(0x[0-9a-fA-F]{1,32}))$\b}
control {number=2}{type=string}{display=Adv Hop}{default=37,38,39}{tooltip=Advertising channel hop sequence. Change the order in which the siffer switches advertising channels. Valid channels are 37, 38 and 39 separated by comma.}{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}
control {number=3}{type=button}{role=help}{display=Help}{tooltip=Access user guide (launches browser)}
control {number=4}{type=button}{role=restore}{display=Defaults}{tooltip=Resets the user interface and clears the log file}
control {number=5}{type=button}{role=logger}{display=Log}{tooltip=Log per interface}
value {control=0}{value= }{display=All advertising devices}{default=true}

    I'm not sure how this worked, but the linked to stack overflow says something about indexing.

    I'll continue with the official procedure and let you know how it works.

  • 0 in reply to RTMerkel

    Step: Adding a Wireshark profile for nRF Sniffer

    Between steps 5 and 6 should include that you have to manually install the profile.

    I'm sniffing... but not decrypting. Note that we use LESC and Just Works. I did the following:

    1. "Forgot" the peripheral on my iPhone
    2. Started capture and woke the peripheral. I can see advertising
    3. Connected to the peripheral from my iPhone, paired
    4. Disconnect, stop capture.

    But the sniffer isn't decrypting:

    3015    10.531    Master_0xaf9ab5d8    LE 2M    LE LL    1    29759µs    1    1    False    132    Encrypted packet decrypted incorrectly (bad MIC)

    Sniffing a connection between paired devices suggest that one of the devices must use the debug LESC keys. I ran a test with a Central that always uses the debug keys, but that doesn't bond

    "Encrypted packet decrypted incorrectly (bad MIC)

    Looking at devzone.nordicsemi.com/.../capture-le-secure-connection-occurs-bad-mic-after-successfully-sniffering-the-air-packets-for-a-while

  • 0 in reply to RTMerkel

    Hi,

    It is good to see that you are up and running with the sniffer. Thanks for the comments on the documentation. I will forward those.

    You write that you use LESC, and then nRF Connect will not be able to decrypt the packets. The nRF Sniffer can decrypt packets if the paring procedure was LE legacy, as then pairing happens in clear text, and all the sniffer needs to do is to listen in on the pairing. However, LESC uses a Diffie–Hellman key exchange to prevent this, so that even if an attacker listens in on everything, he will not have a way to know the shared secret. So in this case you will only be able to see the encrypted packets after the link is secured.

    Regarding LESC debug keys, that is only usable if both devices are in debug mode. But even in that case, this is not supported by the nRF Sniffer (I think it should be possible to get Wireshark to parse the packets if you calculate and provide the LTK for the debug key, though).

  • 0 in reply to Einar Thorsrud

    Re: Regarding LESC debug keys, that is only usable if both devices are in debug mode.

    That's too bad, we hoped to use the nRF sniffer for cases where one, or the other, peer was using debug keys, i.e., nRF connection (iOS) and a peripheral running the debug LESC keys.

    Note that the Ellisys sniffer works when just one peer is running LESC debug keys, but of course it has to capture pairing. Are there any plans to add this ability to the nRF sniffer did the same?

    Thanks,

Reply
  • 0 in reply to Einar Thorsrud

    Re: Regarding LESC debug keys, that is only usable if both devices are in debug mode.

    That's too bad, we hoped to use the nRF sniffer for cases where one, or the other, peer was using debug keys, i.e., nRF connection (iOS) and a peripheral running the debug LESC keys.

    Note that the Ellisys sniffer works when just one peer is running LESC debug keys, but of course it has to capture pairing. Are there any plans to add this ability to the nRF sniffer did the same?

    Thanks,

Children
  • 0 in reply to RTMerkel

    You are right that using the debug key on one side is enough if the sniffer intercepts the LESC process (as then it gets the peers public key from air and have what it needs to calculate the shared secret). It is not supported by the current nRF Sniffer though.

    RTMerkel said:
    Are there any plans to add this ability to the nRF sniffer did the same?

    We are in fact working on a new version of the nRF sniffer for BLE (4.x.x), and this is intended to support input of DH Private Key to support sniffing LESC connections as well as inputting the LTK if that is known/calculated from before.

Related
Terms of service