不同工具采集到的蓝牙日志不一致,缺乏测试环境
解析数据包
| 字段名 | 值 | 起始地址-结束地址 | 字段含义 | |
|---|---|---|---|---|
| Send Write Request Flag | 0x13 | [8] | Send Write Request | 从ble发送的数据 |
| Rcvd Read | 0x11 | [8] | Ecvd Read | 手机接受的数据 |
| Read By Type Response | 0x09 | [27] | Read By Type Response | 读取Handle与UUID映射的特征字段 |
| Length | [28] | Length | 每一组数据的长度 | |
| Opcode | 0x12 | [27] | Write Request | 是否是写请求 |
| Handle | [28:30] | |||
| UUID | Handle对UUID的映射 | |||
| Value | [30:-3] | Vale |
同一位置,不同数据包的字段含义不一样
通过Handle定位UUID
读取数据包的[8]的0x11(手机接受的数据),判断[27]是否是读取Handle与UUID映射的特征字段
每[28]为单位划分为一组,除[28]取有多少组UUID
判断UUID是否具有写属性
存储到UUIDS字典
# store uuid
UUIDS = {}
# read ble packets
def get_uuids(ble_filename):
# read file
pkts = rdpcap(ble_filename)
for packet in pkts:
p = packet.load
# find uuid by handle
if p[8] == 0x11 and p[27] == 0x09:
data_length = p[28]
Handles = p[29:-3]
chunks = [Handles[i:i+7] for i in range(0, len(Handles), 7)]
# write character
for chunk in chunks:
if chunk[2] & 0x08:
key = str(chunk[3:5][::-1]).replace('\\\\x', '').replace("'", '').replace('b', '')
value = str(chunk[5:][::-1]).replace('\\\\x', '').replace("'", '').replace('b', '')
UUIDS = {key: value}