int main(int argc, char *argv[]) { inquiry_info *ii = NULL; int i, opt, dev_id, dev_handle, len, flags, max_rsp, num_rsp, lap, timeout = 20; uint8_t uap, extended = 0; uint8_t scan = 0; char ubertooth_device = -1; char *bt_dev = "hci0"; char addr[19] = { 0 }; ubertooth_t* ut = NULL; btbb_piconet* pn; bdaddr_t bdaddr; while ((opt=getopt(argc,argv,"hU:t:e:xsb:")) != EOF) { switch(opt) { case 'U': ubertooth_device = atoi(optarg); break; case 'b': bt_dev = optarg; if (bt_dev == NULL) { perror(optarg); return 1; } break; case 't': timeout = atoi(optarg); break; case 'e': max_ac_errors = atoi(optarg); break; case 'x': extended = 1; break; case 's': scan = 1; break; case 'h': default: usage(); return 1; } } dev_id = hci_devid(bt_dev); if (dev_id < 0) { printf("error: Unable to find %s (%d)\n", bt_dev, dev_id); return 1; } dev_handle = hci_open_dev( dev_id ); if (dev_handle < 0) { perror("HCI device open failed"); return 1; } ut = ubertooth_start(ubertooth_device); if (ut == NULL) { usage(); return 1; } /* Set sweep mode - otherwise AFH map is useless */ cmd_set_channel(ut->devh, 9999); if (scan) { /* Equivalent to "hcitool scan" */ printf("HCI scan\n"); len = 8; max_rsp = 255; flags = IREQ_CACHE_FLUSH; ii = (inquiry_info*)malloc(max_rsp * sizeof(inquiry_info)); num_rsp = hci_inquiry(dev_id, len, max_rsp, NULL, &ii, flags); if( num_rsp < 0 ) perror("hci_inquiry"); for (i = 0; i < num_rsp; i++) { ba2str(&(ii+i)->bdaddr, addr); print_name_and_class(dev_handle, dev_id, &(ii+i)->bdaddr, addr, extended); } free(ii); } /* Now find hidden piconets with Ubertooth */ printf("\nUbertooth scan\n"); btbb_init_survey(); rx_live(ut, NULL, timeout); ubertooth_stop(ut); while((pn=btbb_next_survey_result()) != NULL) { lap = btbb_piconet_get_lap(pn); if (btbb_piconet_get_flag(pn, BTBB_UAP_VALID)) { uap = btbb_piconet_get_uap(pn); sprintf(addr, "00:00:%02X:%02X:%02X:%02X", uap, (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); str2ba(addr, &bdaddr); /* Printable version showing that the NAP is unknown */ sprintf(addr, "??:??:%02X:%02X:%02X:%02X", uap, (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); print_name_and_class(dev_handle, dev_id, &bdaddr, addr, extended); } else printf("??:??:??:%02X:%02X:%02X\n", (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); btbb_print_afh_map(pn); }
int main(int argc, char *argv[]) { inquiry_info *ii = NULL; int i, opt, dev_id, sock, len, flags, max_rsp, num_rsp, lap, timeout = 20; uint8_t extended = 0; uint8_t scan = 0; char ubertooth_device = -1; char *bt_dev = "hci0"; char addr[19] = { 0 }; char name[248] = { 0 }; struct libusb_device_handle *devh = NULL; btbb_piconet *pn; bdaddr_t bdaddr; while ((opt=getopt(argc,argv,"ht:xsb:")) != EOF) { switch(opt) { case 'b': bt_dev = optarg; if (bt_dev == NULL) { perror(optarg); return 1; } break; case 't': timeout = atoi(optarg); break; case 'x': extended = 1; break; case 's': scan = 1; break; case 'h': default: usage(); return 1; } } dev_id = hci_devid(bt_dev); sock = hci_open_dev( dev_id ); if (dev_id < 0 || sock < 0) { perror("opening socket"); return 1; } devh = ubertooth_start(ubertooth_device); if (devh == NULL) { usage(); return 1; } /* Set sweep mode - otherwise AFH map is useless */ cmd_set_channel(devh, 9999); if (scan) { len = 8; max_rsp = 255; flags = IREQ_CACHE_FLUSH; ii = (inquiry_info*)malloc(max_rsp * sizeof(inquiry_info)); num_rsp = hci_inquiry(dev_id, len, max_rsp, NULL, &ii, flags); if( num_rsp < 0 ) perror("hci_inquiry"); /* Equivalent to "hcitool scan" */ printf("HCI scan\n"); for (i = 0; i < num_rsp; i++) { ba2str(&(ii+i)->bdaddr, addr); memset(name, 0, sizeof(name)); if (hci_read_remote_name(sock, &(ii+i)->bdaddr, sizeof(name), name, 0) < 0) strcpy(name, "[unknown]"); printf("%s %s\n", addr, name); } free(ii); } /* Now find hidden piconets with Ubertooth */ printf("\nUbertooth scan\n"); btbb_init_survey(); rx_live(devh, NULL, timeout); ubertooth_stop(devh); while((pn=btbb_next_survey_result()) != NULL) { lap = btbb_piconet_get_lap(pn); if (btbb_piconet_get_flag(pn, BTBB_UAP_VALID)) { lap = btbb_piconet_get_lap(pn); sprintf(addr, "00:00:%02X:%02X:%02X:%02X", btbb_piconet_get_uap(pn), (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); str2ba(addr, &bdaddr); memset(name, 0, sizeof(name)); if (hci_read_remote_name(sock, &bdaddr, sizeof(name), name, 0) < 0) strcpy(name, "[unknown]"); printf("%s %s\n", addr, name); if (extended) extra_info(sock, dev_id, &bdaddr); } else printf("00:00:00:%02X:%02X:%02X\n", (lap >> 16) & 0xFF, (lap >> 8) & 0xFF, lap & 0xFF); btbb_print_afh_map(pn); }