On Mon, Oct 05, 2015 at 07:48:32AM -0400, Richard Smith wrote: > > Based on DEF CON 17 - Bluetooth Smells like Chicken video I have > watced with Dominic Spill, Michael Ossmann, and Mark Steward. All of > this seemed possible with the USRP. > > Has similar stuff been done with the hackrf one? > > Is there anyone here actively using hackrf one to sniff BT packets or > to follow a devices hopping pattern?
Most of our Bluetooth monitoring efforts have shifted from SDR to Ubertooth in recent years, but it should be possible to run gr-bluetooth with HackRF One. The aliasing trick for all-channel monitoring doesn't work on HackRF One, however. (Actually it partially works, but you can capture a maximum of about 31 channels that way, so you would still need multiple devices to capture all 79 channels.) Hopping along with Bluetooth connections by tuning the radio hardware has never been implemented in gr-bluetooth. We implemented it for Ubertooth, but it has not been as reliable as we hoped, so the benefit of porting that function to HackRF One would be limited. EDR decoding is possible with SDR, but it has not been implemented in gr-bluetooth. Every EDR packet starts with a Basic Rate header, so you'll get the header but not the payload. If capturing headers on a subset of Bluetooth channels is okay for you, then HackRF One with gr-bluetooth could be a good solution. If you need to capture and decode every packet on every channel, I suggest looking elsewhere. Mike _______________________________________________ HackRF-dev mailing list [email protected] https://pairlist9.pair.net/mailman/listinfo/hackrf-dev
