hcitool 没有找到 ble 设备,但 blueman 找到了,bettercap 和 bluetoothctl 也找到了
hcitool does not find ble device but blueman does and so does bettercap and bluetoothctl
我对这个问题很困惑。我有以下设备(这是一款中国智能手表),MAC 地址显示在 blueman 和 bettercap 上,但没有显示在 hcitool 上。
我使用:
sudo hcitool lescan
LE Scan ...
C0:28:8D:D6:66:EA
C0:28:8D:D6:66:EA (unknown)
但是 Q1 EB:15:0C:38:C9:B0
的设备 MAC 地址没有出现。
我试试 bettercap:
sudo bettercap
» ble.recon on
» [12:01:38] [ble.device.new] new BLE device Q1 detected as EB:15:0C:38:C9:B0 -77 dBm.
不过,我也得到:
当我这样做时:
» ble.show
│ -76 dBm │ eb:15:0c:38:c9:b0 │ │ Limited Discoverable, BR/EDR Not Supported │ ✔ │ 12:05:38 │
» ble.enum eb:15:0c:38:c9:b0
[12:07:06] [sys.log] [inf] ble.recon connecting to eb:15:0c:38:c9:b0 ...
»
┌──────────────┬───────────────────────────────────────────────────────┬──────────────────────────────────────────────────┬────────────────────────────────────────────────┐
│ Handles │ Service > Characteristics │ Properties │ Data │
├──────────────┼───────────────────────────────────────────────────────┼──────────────────────────────────────────────────┼────────────────────────────────────────────────┤
│ 0001 -> 0004 │ Generic Attribute (1801) │ │ │
│ 0003 │ Service Changed (2a05) │ BCAST, READ, WRITE, NOTIFY, INDICATE, SIGN WRITE │ 00000000 │
│ │ │ │ │
│ 0005 -> 000f │ Generic Access (1800) │ │ │
│ 0007 │ Device Name (2a00) │ READ │ Q1 │
│ 0009 │ Appearance (2a01) │ READ │ Unknown │
│ 000b │ Peripheral Privacy Flag (2a02) │ READ │ Privacy Disabled │
│ 000d │ Peripheral Preferred Connection Parameters (2a04) │ READ │ Connection Interval: 224 -> 240 │
│ │ │ │ Slave Latency: 4 │
│ │ │ │ Connection Supervision Timeout Multiplier: 500 │
│ 000f │ 2aa6 │ READ │ 00 │
│ │ │ │ │
│ 0010 -> 0015 │ 6e400001b5a3f393e0a9e50e24dcca9e │ │ │
│ 0012 │ 6e400003b5a3f393e0a9e50e24dcca9e │ NOTIFY │ │
│ 0015 │ 6e400002b5a3f393e0a9e50e24dcca9e │ WRITE │ │
│ │ │ │ │
│ 0016 -> 002d │ Human Interface Device (1812) │ │ │
│ 0018 │ Protocol Mode (2a4e) │ READ, WRITE │ insufficient encryption │
│ 001a │ Report (2a4d) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 001e │ Report (2a4d) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 0022 │ Report (2a4d) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 0026 │ Report Map (2a4b) │ READ │ insufficient encryption │
│ 0028 │ Boot Mouse Input Report (2a33) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 002b │ HID Information (2a4a) │ READ │ insufficient encryption │
│ 002d │ HID Control Point (2a4c) │ WRITE │ │
│ │ │ │ │
│ 002e -> 0037 │ fee7 │ │ │
│ 0030 │ fec9 │ READ, NOTIFY │ ë150c8É° │
│ 0033 │ fea1 │ READ, INDICATE │ 07a001009e0100a00100 │
│ 0036 │ fea2 │ READ, WRITE, INDICATE │ Ð │
│ │ │ │ │
└──────────────┴───────────────────────────────────────────────────────┴──────────────────────────────────────────────────┴────────────────────────────────────────────────┘
但是我不确定这一切意味着什么。我发现 bettercap 很难理解。
» ^D
Are you sure you want to quit this session? y/n y
[12:08:07] [sys.log] [inf] ble.recon stopping scan ...
我也试过 gattool:
sudo gatttool -t random -b EB:15:0C:38:C9:B0 -I
[EB:15:0C:38:C9:B0][LE]> sec-level low
[EB:15:0C:38:C9:B0][LE]> connect
Attempting to connect to EB:15:0C:38:C9:B0
Error: connect to EB:15:0C:38:C9:B0: Device or resource busy (16)
[EB:15:0C:38:C9:B0][LE]>
对不起,我不知道该怎么办。如果可能的话,我想读写这个设备。我在 Fedora 33 Linux.
在此先感谢您的帮助!
感谢您提供有关 bluetoothctl 的信息。所以,我试了一下,得到:
$ sudo bluetoothctl
Agent registered
[Q1]# devices
Device EB:15:0C:38:C9:B0 Q1
Device E0:7B:1F:EB:C1:6C LH719
Device A4:C1:1C:F6:02:92 MS1020
[Q1]# connect EB:15:0C:38:C9:B0
Attempting to connect to EB:15:0C:38:C9:B0
Connection successful
但是从这里阅读:https://budimir.cc/2020/02/27/ble-on-linux-with-bluetoothctl/ 看来我应该得到比上面更多的信息。
不过,我补充说:
[Q1]# menu gatt
Menu gatt:
Available commands:
-------------------
list-attributes [dev/local] List attributes
select-attribute <attribute/UUID> Select attribute
attribute-info [attribute/UUID] Select attribute
read [offset] Read attribute value
write <data=xx xx ...> [offset] [type] Write attribute value
acquire-write Acquire Write file descriptor
release-write Release Write file descriptor
acquire-notify Acquire Notify file descriptor
release-notify Release Notify file descriptor
notify <on/off> Notify attribute value
clone [dev/attribute/UUID] Clone a device or attribute
register-application [UUID ...] Register profile to connect
unregister-application Unregister profile
register-service <UUID> [handle] Register application service.
unregister-service <UUID/object> Unregister application service
register-includes <UUID> [handle] Register as Included service in.
unregister-includes <Service-UUID><Inc-UUID> Unregister Included service.
register-characteristic <UUID> <Flags=read,write,notify...> [handle] Register application characteristic
unregister-characteristic <UUID/object> Unregister application characteristic
register-descriptor <UUID> <Flags=read,write...> [handle] Register application descriptor
unregister-descriptor <UUID/object> Unregister application descriptor
back Return to main menu
version Display version
quit Quit program
exit Quit program
help Display help about this program
export Print environment variables
并且似乎确实获得了服务列表(我现在将对其进行调查):
[Q1]# list-attributes
Primary Service (Handle 0x0100)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e
0000fee7-0000-1000-8000-00805f9b34fb
Tencent Holdings Limited.
Characteristic (Handle 0x7da4)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0035
0000fea2-0000-1000-8000-00805f9b34fb
Intrepid Control Systems, Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0035/desc0037
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Characteristic (Handle 0x9248)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0032
0000fea1-0000-1000-8000-00805f9b34fb
Intrepid Control Systems, Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0032/desc0034
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Characteristic (Handle 0xaf18)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char002f
0000fec9-0000-1000-8000-00805f9b34fb
Apple, Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char002f/desc0031
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Primary Service (Handle 0x9d80)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010
6e400001-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART Service
Characteristic (Handle 0xd894)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0014
6e400002-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART TX
Characteristic (Handle 0xd894)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0011
6e400003-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART RX
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0011/desc0013
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Primary Service (Handle 0x9d80)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001
00001801-0000-1000-8000-00805f9b34fb
Generic Attribute Profile
Characteristic (Handle 0xff84)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001/char0002
00002a05-0000-1000-8000-00805f9b34fb
Service Changed
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001/char0002/desc0004
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
[Q1]#
hcitool 和 gatttool 是 2017 年 deprecated by the BlueZ 项目中的一些工具。如果您正在学习使用它们的教程,那么它可能已经过时了。现在要使用的正确工具是 bluetoothctl
.
如果您是蓝牙新手,那么使用像 nRF Connect 这样的通用蓝牙低功耗扫描和探索工具可能更有助于了解正在发生的事情。阅读 BLE GATT 服务的工作原理将有助于获得 service > Characteristics
信息。
一旦您可以使用这些特征进行读写,您的下一个挑战就是弄清楚 sent/received 中的二进制数据意味着什么,因为看起来它们使用了很多自定义特征。
我对这个问题很困惑。我有以下设备(这是一款中国智能手表),MAC 地址显示在 blueman 和 bettercap 上,但没有显示在 hcitool 上。
我使用:
sudo hcitool lescan
LE Scan ...
C0:28:8D:D6:66:EA
C0:28:8D:D6:66:EA (unknown)
但是 Q1 EB:15:0C:38:C9:B0
的设备 MAC 地址没有出现。
我试试 bettercap:
sudo bettercap
» ble.recon on
» [12:01:38] [ble.device.new] new BLE device Q1 detected as EB:15:0C:38:C9:B0 -77 dBm.
不过,我也得到:
当我这样做时:
» ble.show
│ -76 dBm │ eb:15:0c:38:c9:b0 │ │ Limited Discoverable, BR/EDR Not Supported │ ✔ │ 12:05:38 │
» ble.enum eb:15:0c:38:c9:b0
[12:07:06] [sys.log] [inf] ble.recon connecting to eb:15:0c:38:c9:b0 ...
»
┌──────────────┬───────────────────────────────────────────────────────┬──────────────────────────────────────────────────┬────────────────────────────────────────────────┐
│ Handles │ Service > Characteristics │ Properties │ Data │
├──────────────┼───────────────────────────────────────────────────────┼──────────────────────────────────────────────────┼────────────────────────────────────────────────┤
│ 0001 -> 0004 │ Generic Attribute (1801) │ │ │
│ 0003 │ Service Changed (2a05) │ BCAST, READ, WRITE, NOTIFY, INDICATE, SIGN WRITE │ 00000000 │
│ │ │ │ │
│ 0005 -> 000f │ Generic Access (1800) │ │ │
│ 0007 │ Device Name (2a00) │ READ │ Q1 │
│ 0009 │ Appearance (2a01) │ READ │ Unknown │
│ 000b │ Peripheral Privacy Flag (2a02) │ READ │ Privacy Disabled │
│ 000d │ Peripheral Preferred Connection Parameters (2a04) │ READ │ Connection Interval: 224 -> 240 │
│ │ │ │ Slave Latency: 4 │
│ │ │ │ Connection Supervision Timeout Multiplier: 500 │
│ 000f │ 2aa6 │ READ │ 00 │
│ │ │ │ │
│ 0010 -> 0015 │ 6e400001b5a3f393e0a9e50e24dcca9e │ │ │
│ 0012 │ 6e400003b5a3f393e0a9e50e24dcca9e │ NOTIFY │ │
│ 0015 │ 6e400002b5a3f393e0a9e50e24dcca9e │ WRITE │ │
│ │ │ │ │
│ 0016 -> 002d │ Human Interface Device (1812) │ │ │
│ 0018 │ Protocol Mode (2a4e) │ READ, WRITE │ insufficient encryption │
│ 001a │ Report (2a4d) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 001e │ Report (2a4d) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 0022 │ Report (2a4d) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 0026 │ Report Map (2a4b) │ READ │ insufficient encryption │
│ 0028 │ Boot Mouse Input Report (2a33) │ READ, WRITE, NOTIFY │ insufficient encryption │
│ 002b │ HID Information (2a4a) │ READ │ insufficient encryption │
│ 002d │ HID Control Point (2a4c) │ WRITE │ │
│ │ │ │ │
│ 002e -> 0037 │ fee7 │ │ │
│ 0030 │ fec9 │ READ, NOTIFY │ ë150c8É° │
│ 0033 │ fea1 │ READ, INDICATE │ 07a001009e0100a00100 │
│ 0036 │ fea2 │ READ, WRITE, INDICATE │ Ð │
│ │ │ │ │
└──────────────┴───────────────────────────────────────────────────────┴──────────────────────────────────────────────────┴────────────────────────────────────────────────┘
但是我不确定这一切意味着什么。我发现 bettercap 很难理解。
» ^D
Are you sure you want to quit this session? y/n y
[12:08:07] [sys.log] [inf] ble.recon stopping scan ...
我也试过 gattool:
sudo gatttool -t random -b EB:15:0C:38:C9:B0 -I
[EB:15:0C:38:C9:B0][LE]> sec-level low
[EB:15:0C:38:C9:B0][LE]> connect
Attempting to connect to EB:15:0C:38:C9:B0
Error: connect to EB:15:0C:38:C9:B0: Device or resource busy (16)
[EB:15:0C:38:C9:B0][LE]>
对不起,我不知道该怎么办。如果可能的话,我想读写这个设备。我在 Fedora 33 Linux.
在此先感谢您的帮助!
感谢您提供有关 bluetoothctl 的信息。所以,我试了一下,得到:
$ sudo bluetoothctl
Agent registered
[Q1]# devices
Device EB:15:0C:38:C9:B0 Q1
Device E0:7B:1F:EB:C1:6C LH719
Device A4:C1:1C:F6:02:92 MS1020
[Q1]# connect EB:15:0C:38:C9:B0
Attempting to connect to EB:15:0C:38:C9:B0
Connection successful
但是从这里阅读:https://budimir.cc/2020/02/27/ble-on-linux-with-bluetoothctl/ 看来我应该得到比上面更多的信息。
不过,我补充说:
[Q1]# menu gatt
Menu gatt:
Available commands:
-------------------
list-attributes [dev/local] List attributes
select-attribute <attribute/UUID> Select attribute
attribute-info [attribute/UUID] Select attribute
read [offset] Read attribute value
write <data=xx xx ...> [offset] [type] Write attribute value
acquire-write Acquire Write file descriptor
release-write Release Write file descriptor
acquire-notify Acquire Notify file descriptor
release-notify Release Notify file descriptor
notify <on/off> Notify attribute value
clone [dev/attribute/UUID] Clone a device or attribute
register-application [UUID ...] Register profile to connect
unregister-application Unregister profile
register-service <UUID> [handle] Register application service.
unregister-service <UUID/object> Unregister application service
register-includes <UUID> [handle] Register as Included service in.
unregister-includes <Service-UUID><Inc-UUID> Unregister Included service.
register-characteristic <UUID> <Flags=read,write,notify...> [handle] Register application characteristic
unregister-characteristic <UUID/object> Unregister application characteristic
register-descriptor <UUID> <Flags=read,write...> [handle] Register application descriptor
unregister-descriptor <UUID/object> Unregister application descriptor
back Return to main menu
version Display version
quit Quit program
exit Quit program
help Display help about this program
export Print environment variables
并且似乎确实获得了服务列表(我现在将对其进行调查):
[Q1]# list-attributes
Primary Service (Handle 0x0100)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e
0000fee7-0000-1000-8000-00805f9b34fb
Tencent Holdings Limited.
Characteristic (Handle 0x7da4)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0035
0000fea2-0000-1000-8000-00805f9b34fb
Intrepid Control Systems, Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0035/desc0037
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Characteristic (Handle 0x9248)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0032
0000fea1-0000-1000-8000-00805f9b34fb
Intrepid Control Systems, Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char0032/desc0034
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Characteristic (Handle 0xaf18)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char002f
0000fec9-0000-1000-8000-00805f9b34fb
Apple, Inc.
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service002e/char002f/desc0031
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Primary Service (Handle 0x9d80)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010
6e400001-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART Service
Characteristic (Handle 0xd894)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0014
6e400002-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART TX
Characteristic (Handle 0xd894)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0011
6e400003-b5a3-f393-e0a9-e50e24dcca9e
Nordic UART RX
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0010/char0011/desc0013
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
Primary Service (Handle 0x9d80)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001
00001801-0000-1000-8000-00805f9b34fb
Generic Attribute Profile
Characteristic (Handle 0xff84)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001/char0002
00002a05-0000-1000-8000-00805f9b34fb
Service Changed
Descriptor (Handle 0x0015)
/org/bluez/hci0/dev_EB_15_0C_38_C9_B0/service0001/char0002/desc0004
00002902-0000-1000-8000-00805f9b34fb
Client Characteristic Configuration
[Q1]#
hcitool 和 gatttool 是 2017 年 deprecated by the BlueZ 项目中的一些工具。如果您正在学习使用它们的教程,那么它可能已经过时了。现在要使用的正确工具是 bluetoothctl
.
如果您是蓝牙新手,那么使用像 nRF Connect 这样的通用蓝牙低功耗扫描和探索工具可能更有助于了解正在发生的事情。阅读 BLE GATT 服务的工作原理将有助于获得 service > Characteristics
信息。
一旦您可以使用这些特征进行读写,您的下一个挑战就是弄清楚 sent/received 中的二进制数据意味着什么,因为看起来它们使用了很多自定义特征。