• State Not Answered
  • Replies 8 replies
  • Subscribers 87 subscribers
  • Views 2739 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 272211
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Can't setup the nRF BLE Sniffer

RTMerkel

Howdy,

I'm evaluating the nRF Sniffer + nRF52840 dongle as a stop gap BLE sniffer solution, but I'm having a lot of issues setting it up.

Re: Installing nRF Sniffer (https://infocenter.nordicsemi.com/index.jsp?topic=%2Fug_sniffer_ble%2FUG%2Fsniffer_ble%2Faction_paired.html&cp=10_5_4_3)

  • nRF52840 dongle
  • Windows 10 Enterprise
  • Python 3.9.5, Py 3.7.8

Step: Programming the nRF Sniffer firmware (infocenter.nordicsemi.com/.../programming_firmware.html)

Using the nRF Connect Desktop (Windows) > Programmer 3.6.1, I get "Nordic DFU Trigger Interface was not found" after writing the hex file to the dongle. Here's the log:

     2021-06-23T01:28:45.490Z INFO Target device closed.
     2021-06-23T01:32:13.938Z INFO DFU trigger interface found, changing to bootloader...
     2021-06-23T01:32:14.619Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:32:14.623Z INFO Protocol Version:  1 found
     2021-06-23T01:32:14.625Z INFO Hardware: 52840 found
     2021-06-23T01:32:14.629Z INFO Firmware: Bootloader found
     2021-06-23T01:32:14.629Z INFO Firmware: SoftDevice found
     2021-06-23T01:32:14.629Z INFO Firmware: Application found
     2021-06-23T01:32:32.121Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:32:32.122Z INFO Hash is generated by SHA256
     2021-06-23T01:32:32.123Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:32:32.127Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:32:36.928Z INFO DFU for Application completed successfully!
     2021-06-23T01:32:36.929Z INFO 0 dfu package(s) left.
     2021-06-23T01:32:36.929Z INFO Waiting for device
     2021-06-23T01:32:41.929Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:32:41.929Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:32:41.930Z ERROR Device not found due to failure during DFU
     2021-06-23T01:32:42.973Z INFO Target device closed.
     2021-06-23T01:32:59.994Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:32:59.998Z INFO Protocol Version:  1 found
     2021-06-23T01:32:59.999Z INFO Hardware: 52840 found
     2021-06-23T01:33:00.002Z INFO Firmware: Bootloader found
     2021-06-23T01:33:00.002Z INFO Firmware: Application found
     2021-06-23T01:33:03.674Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:33:03.675Z INFO Hash is generated by SHA256
     2021-06-23T01:33:03.677Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:33:03.681Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:33:08.480Z INFO DFU for Application completed successfully!
     2021-06-23T01:33:08.480Z INFO 0 dfu package(s) left.
     2021-06-23T01:33:08.480Z INFO Waiting for device
     2021-06-23T01:33:13.481Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:33:13.481Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:33:13.481Z ERROR Device not found due to failure during DFU
     2021-06-23T01:33:14.523Z INFO Target device closed.
     2021-06-23T01:33:36.508Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:33:36.512Z INFO Protocol Version:  1 found
     2021-06-23T01:33:36.513Z INFO Hardware: 52840 found
     2021-06-23T01:33:36.516Z INFO Firmware: Bootloader found
     2021-06-23T01:33:36.516Z INFO Firmware: Application found
     2021-06-23T01:33:58.650Z INFO Parsing HEX file:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:33:58.651Z INFO File was last modified at  11/10/2020, 8:40:38 PM
     2021-06-23T01:34:02.048Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:34:02.049Z INFO Hash is generated by SHA256
     2021-06-23T01:34:02.050Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:34:02.055Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:34:06.855Z INFO DFU for Application completed successfully!
     2021-06-23T01:34:06.855Z INFO 0 dfu package(s) left.
     2021-06-23T01:34:06.855Z INFO Waiting for device
     2021-06-23T01:34:11.856Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:34:11.856Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:34:11.857Z ERROR Device not found due to failure during DFU
     2021-06-23T01:34:12.901Z INFO Target device closed.
     2021-06-23T01:37:15.411Z INFO DFU trigger interface found, changing to bootloader...
     2021-06-23T01:37:16.081Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:37:16.086Z INFO Protocol Version:  1 found
     2021-06-23T01:37:16.088Z INFO Hardware: 52840 found
     2021-06-23T01:37:16.098Z INFO Firmware: Bootloader found
     2021-06-23T01:37:16.098Z INFO Firmware: SoftDevice found
     2021-06-23T01:37:16.098Z INFO Firmware: Application found
     2021-06-23T01:37:24.644Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:37:24.645Z INFO Hash is generated by SHA256
     2021-06-23T01:37:24.646Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:37:24.651Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:37:29.452Z INFO DFU for Application completed successfully!
     2021-06-23T01:37:29.452Z INFO 0 dfu package(s) left.
     2021-06-23T01:37:29.452Z INFO Waiting for device
     2021-06-23T01:37:34.454Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:37:34.454Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:37:34.455Z ERROR Device not found due to failure during DFU
     2021-06-23T01:37:35.499Z INFO Target device closed.
     2021-06-23T01:39:51.595Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:39:51.599Z INFO Protocol Version:  1 found
     2021-06-23T01:39:51.600Z INFO Hardware: 52840 found
     2021-06-23T01:39:51.603Z INFO Firmware: Bootloader found
     2021-06-23T01:39:51.603Z INFO Firmware: Application found
     2021-06-23T01:39:56.643Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:39:56.644Z INFO Hash is generated by SHA256
     2021-06-23T01:39:56.645Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:39:56.649Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:40:01.450Z INFO DFU for Application completed successfully!
     2021-06-23T01:40:01.450Z INFO 0 dfu package(s) left.
     2021-06-23T01:40:01.450Z INFO Waiting for device
     2021-06-23T01:40:06.452Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:40:06.452Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:40:06.453Z ERROR Device not found due to failure during DFU
     2021-06-23T01:40:07.495Z INFO Target device closed.
     2021-06-23T01:47:47.371Z INFO Parsing HEX file:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:47:47.372Z INFO File was last modified at  11/10/2020, 8:40:38 PM
     2021-06-23T01:48:59.348Z INFO DFU trigger interface found, changing to bootloader...
     2021-06-23T01:49:00.012Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:49:00.020Z INFO Protocol Version:  1 found
     2021-06-23T01:49:00.023Z INFO Hardware: 52840 found
     2021-06-23T01:49:00.047Z INFO Firmware: Bootloader found
     2021-06-23T01:49:00.047Z INFO Firmware: SoftDevice found
     2021-06-23T01:49:00.047Z INFO Firmware: Application found
     2021-06-23T01:50:16.220Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:50:16.221Z INFO Hash is generated by SHA256
     2021-06-23T01:50:16.223Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:50:16.227Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:50:21.031Z INFO DFU for Application completed successfully!
     2021-06-23T01:50:21.031Z INFO 0 dfu package(s) left.
     2021-06-23T01:50:21.031Z INFO Waiting for device
     2021-06-23T01:50:26.033Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:50:26.033Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:50:26.034Z ERROR Device not found due to failure during DFU
     2021-06-23T01:50:27.078Z INFO Target device closed.
     2021-06-23T01:53:00.097Z INFO Using USB SDFU protocol to communicate with target
     2021-06-23T01:53:00.101Z INFO Protocol Version:  1 found
     2021-06-23T01:53:00.102Z INFO Hardware: 52840 found
     2021-06-23T01:53:00.104Z INFO Firmware: Bootloader found
     2021-06-23T01:53:00.104Z INFO Firmware: Application found
     2021-06-23T01:53:36.011Z INFO Does not need to be reloaded:  C:\Users\310260622\OneDrive - Philips\Documents\nrf_sniffer_for_bluetooth_le_3.1.0_7cc811f\hex\sniffer_nrf52840dongle_nrf52840_7cc811f.hex
     2021-06-23T01:53:36.012Z INFO Hash is generated by SHA256
     2021-06-23T01:53:36.015Z INFO Performing DFU. This may take a few seconds
     2021-06-23T01:53:36.019Z INFO DFU procedure starts. This may take a few seconds.
     2021-06-23T01:53:40.821Z INFO DFU for Application completed successfully!
     2021-06-23T01:53:40.822Z INFO 0 dfu package(s) left.
     2021-06-23T01:53:40.822Z INFO Waiting for device
     2021-06-23T01:53:45.823Z ERROR Reopen device failed: Timeout while waiting for device  C3C1C9C1BF30 to be attached and enumerated
     2021-06-23T01:53:45.824Z INFO Nordic DFU Trigger Interface was not found.Please physically reset device.
     2021-06-23T01:53:45.824Z ERROR Device not found due to failure during DFU
     2021-06-23T01:53:46.867Z INFO Target device closed.

Daniel Veilleux suggests that it actually worked as the log says "DFU for Application completed successfully!" If so, the instructions should note this.

Step: Installing the nRF Sniffer capture tool

2d, Double-click the location for teh Extcap path

The latest vertsion of Wireshark (3.4.6) has a Personal and Global Extcap path. I used the Global Extcap path. If that's correct, then the instructions should be updated.

3. Make sure that the nRF Sniffer files can be run correctly... nrf_sniffer_ble.bat –extcap-interfaces

Complains that import serial doesn't work. However, pip and pip3 says pyserial and serial are installed!

After digging arround, the issue was the BAT files was running

py -3 "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*

Note that

C:\Program Files\Wireshark\extcap>python --version
Python 3.9.5
C:\Program Files\Wireshark\extcap>python3 --version
Python 3.9.5
C:\Program Files\Wireshark\extcap>py --version
Python 3.7.8

I modified the BAT file to run python directly:

@echo off
rem Path to this batch file
set NRF_SNIFFER_BLE_PATH=%~dp0
rem Remove the "\" from the end of the path
set NRF_SNIFFER_BLE_PATH=%NRF_SNIFFER_BLE_PATH:~0,-1%
rem Activate virtualenv if present
if exist "%NRF_SNIFFER_BLE_PATH%\env\Scripts\activate.bat" call "%NRF_SNIFFER_BLE_PATH%\env\Scripts\activate.bat"

REM this line repaces those following
python "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*

REM rem Find out if the launcher is installed and available
REM where py > NUL 2>&1 
REM if %ERRORLEVEL% EQU 0 (
REM     py -3 "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*
REM ) else (
REM     python "%NRF_SNIFFER_BLE_PATH%\nrf_sniffer_ble.py" %*
REM )

Now I get a new error which makes me think that the Nordic python scripts are out of sync with the local version of [py]serial:

Traceback (most recent call last):
  File "C:\Program Files\Wireshark\extcap\nrf_sniffer_ble.py", line 51, in <module>
    from SnifferAPI import Sniffer, myVersion, Logger, UART, Devices, Pcap
  File "C:\Program Files\Wireshark\extcap\SnifferAPI\Sniffer.py", line 53, in <module>
    from . import SnifferCollector
  File "C:\Program Files\Wireshark\extcap\SnifferAPI\SnifferCollector.py", line 37, in <module>
    from serial import SerialException
ImportError: cannot import name 'SerialException' from 'serial' (C:\Users\310260622\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.9_qbz5n2kfra8p0\LocalCache\local-packages\Python39\site-packages\serial\__init__.py)

At this point I contacted Daniel who suggested a devzone ticket.

  • 0 in reply to RTMerkel

    Hi,

    It is good to see that you are up and running with the sniffer. Thanks for the comments on the documentation. I will forward those.

    You write that you use LESC, and then nRF Connect will not be able to decrypt the packets. The nRF Sniffer can decrypt packets if the paring procedure was LE legacy, as then pairing happens in clear text, and all the sniffer needs to do is to listen in on the pairing. However, LESC uses a Diffie–Hellman key exchange to prevent this, so that even if an attacker listens in on everything, he will not have a way to know the shared secret. So in this case you will only be able to see the encrypted packets after the link is secured.

    Regarding LESC debug keys, that is only usable if both devices are in debug mode. But even in that case, this is not supported by the nRF Sniffer (I think it should be possible to get Wireshark to parse the packets if you calculate and provide the LTK for the debug key, though).

  • 0 in reply to Einar Thorsrud

    Re: Regarding LESC debug keys, that is only usable if both devices are in debug mode.

    That's too bad, we hoped to use the nRF sniffer for cases where one, or the other, peer was using debug keys, i.e., nRF connection (iOS) and a peripheral running the debug LESC keys.

    Note that the Ellisys sniffer works when just one peer is running LESC debug keys, but of course it has to capture pairing. Are there any plans to add this ability to the nRF sniffer did the same?

    Thanks,

  • 0 in reply to RTMerkel

    You are right that using the debug key on one side is enough if the sniffer intercepts the LESC process (as then it gets the peers public key from air and have what it needs to calculate the shared secret). It is not supported by the current nRF Sniffer though.

    RTMerkel said:
    Are there any plans to add this ability to the nRF sniffer did the same?

    We are in fact working on a new version of the nRF sniffer for BLE (4.x.x), and this is intended to support input of DH Private Key to support sniffing LESC connections as well as inputting the LTK if that is known/calculated from before.

Related
Terms of service