问题描述
我对这个问题感到困惑。我有以下设备(它是中国智能手表),其 MAC 地址显示在 blueman 和 Bettercap 上,但没有显示在 hcitool 上。
我使用:
sudo hcitool lescan
LE Scan ...
C0:28:8D:D6:66:EA
C0:28:8D:D6:66:EA (unknown)
但 Q1 EB:15:0C:38:C9:B0 的设备 MAC 地址没有显示。
我尝试了 Bettercap:
sudo bettercap
» ble.recon on
» [12:01:38] [ble.device.new] new BLE device Q1 detected as EB:15:0C:38:C9:B0 -77 dBm.
但是,我也得到:
当我这样做时:
» ble.show
│ -76 dBm │ eb:15:0c:38:c9:b0 │ │ Limited Discoverable,BR/EDR Not Supported │ ✔ │ 12:05:38 │
» ble.enum eb:15:0c:38:c9:b0
[12:07:06] [sys.log] [inf] ble.recon connecting to eb:15:0c:38:c9:b0 ...
»
┌──────────────┬───────────────────────────────────────────────────────┬──────────────────────────────────────────────────┬────────────────────────────────────────────────┐
│ Handles │ Service > Characteristics │ Properties │ Data │
├──────────────┼───────────────────────────────────────────────────────┼──────────────────────────────────────────────────┼────────────────────────────────────────────────┤
│ 0001 -> 0004 │ Generic Attribute (1801) │ │ │
│ 0003 │ Service Changed (2a05) │ BCAST,READ,WRITE,NOTIFY,INDICATE,SIGN WRITE │ 00000000 │
│ │ │ │ │
│ 0005 -> 000f │ Generic Access (1800) │ │ │
│ 0007 │ Device Name (2a00) │ READ │ Q1 │
│ 0009 │ Appearance (2a01) │ READ │ Unknown │
│ 000b │ Peripheral Privacy Flag (2a02) │ READ │ Privacy Disabled │
│ 000d │ Peripheral Preferred Connection Parameters (2a04) │ READ │ Connection Interval: 224 -> 240 │
│ │ │ │ Slave Latency: 4 │
│ │ │ │ Connection Supervision Timeout Multiplier: 500 │
│ 000f │ 2aa6 │ READ │ 00 │
│ │ │ │ │
│ 0010 -> 0015 │ 6e400001b5a3f393e0a9e50e24dcca9e │ │ │
│ 0012 │ 6e400003b5a3f393e0a9e50e24dcca9e │ NOTIFY │ │
│ 0015 │ 6e400002b5a3f393e0a9e50e24dcca9e │ WRITE │ │
│ │ │ │ │
│ 0016 -> 002d │ Human Interface Device (1812) │ │ │
│ 0018 │ Protocol Mode (2a4e) │ READ,WRITE │ insufficient encryption │
│ 001a │ Report (2a4d) │ READ,NOTIFY │ insufficient encryption │
│ 001e │ Report (2a4d) │ READ,NOTIFY │ insufficient encryption │
│ 0022 │ Report (2a4d) │ READ,NOTIFY │ insufficient encryption │
│ 0026 │ Report Map (2a4b) │ READ │ insufficient encryption │
│ 0028 │ Boot Mouse Input Report (2a33) │ READ,NOTIFY │ insufficient encryption │
│ 002b │ HID Information (2a4a) │ READ │ insufficient encryption │
│ 002d │ HID Control Point (2a4c) │ WRITE │ │
│ │ │ │ │
│ 002e -> 0037 │ fee7 │ │ │
│ 0030 │ fec9 │ READ,NOTIFY │ ë150c8É° │
│ 0033 │ fea1 │ READ,INDICATE │ 07a001009e0100a00100 │
│ 0036 │ fea2 │ READ,INDICATE │ Ð │
│ │ │ │ │
└──────────────┴───────────────────────────────────────────────────────┴──────────────────────────────────────────────────┴────────────────────────────────────────────────┘
但是我不确定这一切意味着什么。我发现 Bettercap 非常难以理解。
» ^D
Are you sure you want to quit this session? y/n y
[12:08:07] [sys.log] [inf] ble.recon stopping scan ...
我也试过 gattool:
sudo gatttool -t random -b EB:15:0C:38:C9:B0 -I
[EB:15:0C:38:C9:B0][LE]> sec-level low
[EB:15:0C:38:C9:B0][LE]> connect
Attempting to connect to EB:15:0C:38:C9:B0
Error: connect to EB:15:0C:38:C9:B0: Device or resource busy (16)
[EB:15:0C:38:C9:B0][LE]>
我很抱歉,但我不知道该怎么做。如果可能的话,我想读写这个设备。我使用的是 Fedora 33 Linux。
在此先感谢您的帮助!
感谢您提供有关 bluetoothctl 的信息。所以,我试试这个并得到:
$ sudo bluetoothctl
Agent registered
[Q1]# devices
Device EB:15:0C:38:C9:B0 Q1
Device E0:7B:1F:EB:C1:6C LH719
Device A4:C1:1C:F6:02:92 MS1020
[Q1]# connect EB:15:0C:38:C9:B0
Attempting to connect to EB:15:0C:38:C9:B0
Connection successful
但是从这里阅读:https://budimir.cc/2020/02/27/ble-on-linux-with-bluetoothctl/ 看来我应该得到比上面更多的信息。
但是,我补充说:
[Q1]# menu gatt
Menu gatt:
Available commands:
-------------------
list-attributes [dev/local] List attributes
select-attribute <attribute/UUID> Select attribute
attribute-info [attribute/UUID] Select attribute
read [offset] Read attribute value
write <data=xx xx ...> [offset] [type] Write attribute value
acquire-write Acquire Write file descriptor
release-write Release Write file descriptor
acquire-notify Acquire Notify file descriptor
release-notify Release Notify file descriptor
notify <on/off> Notify attribute value
clone [dev/attribute/UUID] Clone a device or attribute
register-application [UUID ...] Register profile to connect
unregister-application Unregister profile
register-service <UUID> [handle] Register application service.
unregister-service <UUID/object> Unregister application service
register-includes <UUID> [handle] Register as Included service in.
unregister-includes <Service-UUID><Inc-UUID> Unregister Included service.
register-characteristic <UUID> <Flags=read,write,notify...> [handle] Register application characteristic
unregister-characteristic <UUID/object> Unregister application characteristic
register-descriptor <UUID> <Flags=read,write...> [handle] Register application descriptor
unregister-descriptor <UUID/object> Unregister application descriptor
back Return to main menu
version Display version
quit Quit program
exit Quit program
help Display help about this program
export Print environment variables
并且似乎确实得到了一个服务列表(我现在将调查):
[Q1]# list-attributes
Primary Service (Handle 0x0100)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e
0000fee7-0000-1000-8000-00805f9b34fb
Tencent Holdings Limited.
Characteristic (Handle 0x7da4)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0035
0000fea2-0000-1000-8000-00805f9b34fb
Intrepid Control Systems,Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0035/desc0037
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Characteristic (Handle 0x9248)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0032
0000fea1-0000-1000-8000-00805f9b34fb
Intrepid Control Systems,Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0032/desc0034
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Characteristic (Handle 0xaf18)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char002f
0000fec9-0000-1000-8000-00805f9b34fb
Apple,Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char002f/desc0031
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Primary Service (Handle 0x9d80)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010
6e400001-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART Service
Characteristic (Handle 0xd894)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0014
6e400002-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART TX
Characteristic (Handle 0xd894)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0011
6e400003-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART RX
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0011/desc0013
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Primary Service (Handle 0x9d80)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001
00001801-0000-1000-8000-00805f9b34fb
Generic Attribute Profile
Characteristic (Handle 0xff84)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001/char0002
00002a05-0000-1000-8000-00805f9b34fb
Service Changed
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001/char0002/desc0004
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
[Q1]#
解决方法
hcitool 和 gatttool 是 2017 年 deprecated by the BlueZ 项目中的一些工具。如果您正在学习使用它们的教程,则它可能已经过时。现在要使用的正确工具是 bluetoothctl。
如果您不熟悉蓝牙,那么使用像 nRF Connect 这样的通用蓝牙低功耗扫描和探索工具可能更有助于了解正在发生的事情。阅读 BLE GATT 服务的工作原理有助于了解 service > Characteristics 信息。
一旦您可以读取和写入特征,您的下一个挑战将是弄清楚正在发送/接收的二进制数据意味着什么,因为它们看起来像是使用了许多自定义特征。
设置时间 控制面板
错误1:Request method ‘DELETE‘ not supported 错误还原:...