issue with crackle

Question

issue with crackle

michaelp123 opened this issue 8 years ago · 13 comments

Hello,
When using crackle I am always getting the following:

No connect packet found
No pairing request found
No pairing response found
No confirm values found, at least one is needed
Not enough random values found (0, need 2)
No LL_ENC_REQ found
No LL_ENC_RSP found
Giving up due to 7 errors

I sniffed the pairing process several times with ubertooth-btle and always get this result.

What could be the issue here?
TNX.

Answer 1 · 2016-04-16T14:41:46.000Z

I have the same error. Can help someone?

Answer 2 · 2016-05-18T11:00:07.000Z

I think this is your problem: #5 (same as the resolved).
You must capture the packets into a .pcapng
And be sure that you have all the packets, sometimes ubertooth doesn't capture all...

Answer 3 · 2016-06-03T06:14:18.000Z

Hi guys,
Did you solve your problem?

I got same error with crackle. Though I can see the connect request packet captured in my .pcap file, but the error is as following:

No connect packet found
No confirm values found (0, need 2)
Not enough random values found (1, need 2)
Giving up due to 3 errors.

Any advices please?
Thanks

Answer 4 · 2016-06-15T07:25:07.000Z

**i also have same problem.. plz try to solve this issue..

1st i captured this
$ubertooth-btle -p -c soundpot.pcapng**

and i got output...

systime=1465975233 freq=2402 addr=6f8e6c21 delta_t=2.801 ms
0d 00 1f a0 f9
Advertising / AA 6f8e6c21 (invalid)/ 0 bytes
Channel Index: 37
Type: UNKNOWN

Data: 
CRC:   1f a0 f9

systime=1465975233 freq=2402 addr=f057f51e delta_t=117.623 ms
09 00 5e f1 db
Advertising / AA f057f51e (invalid)/ 0 bytes
Channel Index: 37
Type: UNKNOWN

Data: 
CRC:   5e f1 db

systime=1465975234 freq=2402 addr=f9fb078f delta_t=426.439 ms
0d 00 b5 0e 23
Advertising / AA f9fb078f (invalid)/ 0 bytes
Channel Index: 37
Type: UNKNOWN

Data: 
CRC:   b5 0e 23

systime=1465975234 freq=2402 addr=f9fb078f delta_t=2.405 ms
0d 00 b5 0e 23
Advertising / AA f9fb078f (invalid)/ 0 bytes
Channel Index: 37
Type: UNKNOWN

Data: 
CRC:   b5 0e 23

systime=1465975234 freq=2402 addr=96bd603f delta_t=599.273 ms
05 00 c9 a9 dd
Advertising / AA 96bd603f (invalid)/ 0 bytes
Channel Index: 37
Type: CONNECT_REQ
InitA: 3c:e6:7e:dd:a9:c9 (public)
AdvA: 0f:ba:cb:6b:cc:04 (public)
AA: a8c1f087
CRCInit: 11f81b
WinSize: c2 (194)
WinOffset: 6160 (24928)
Interval: 44ef (17647)
Latency: 8b27 (35623)
Timeout: 34ec (13548)
ChM: 1f 67 9e 7c e9
Hop: 25
SCA: 6, 21 ppm to 30 ppm

Data: 
CRC:   c9 a9 dd

systime=1465975234 freq=2402 addr=96bd603f delta_t=2.401 ms
05 00 c9 a9 dd
Advertising / AA 96bd603f (invalid)/ 0 bytes
Channel Index: 37
Type: CONNECT_REQ
InitA: 99:ec:7e:dd:a9:c9 (public)
AdvA: e6:f4:0b:09:1f:6c (public)
AA: 19829c01
CRCInit: 6c9eb0
WinSize: 88 (136)
WinOffset: 8ad6 (35542)
Interval: c7cd (51149)
Latency: 1a18 (6680)
Timeout: c197 (49559)
ChM: cf 38 31 95 47
Hop: 15
SCA: 0, 251 ppm to 500 ppm

Data: 
CRC:   c9 a9 dd

systime=1465975235 freq=2402 addr=2b78b89f delta_t=624.900 ms
09 00 d0 dd b9
Advertising / AA 2b78b89f (invalid)/ 0 bytes
Channel Index: 37
Type: UNKNOWN

Data: 
CRC:   d0 dd b9

systime=1465975235 freq=2402 addr=2b78b89f delta_t=2.399 ms
09 00 d0 dd b9
Advertising / AA 2b78b89f (invalid)/ 0 bytes
Channel Index: 37
Type: UNKNOWN

Data: 
CRC:   d0 dd b9

systime=1465975235 freq=2402 addr=6bfdc021 delta_t=23.622 ms
05 00 6f f8 5e
Advertising / AA 6bfdc021 (invalid)/ 0 bytes
Channel Index: 37
Type: CONNECT_REQ
InitA: ea:b4:98:5e:f8:6f (public)
AdvA: 41:3c:24:25:7f:94 (public)
AA: 113eceb0
CRCInit: 8e40ff
WinSize: a7 (167)
WinOffset: 371d (14109)
Interval: 6497 (25751)
Latency: f31e (62238)
Timeout: efa8 (61352)
ChM: f3 82 f2 c1 0f
Hop: 0
SCA: 4, 51 ppm to 75 ppm

Data: 
CRC:   6f f8 5e

root@osboxes:~# crackle -i soundpot.pcapng -o decrypted.pcap
No connect packet found
No pairing request found
No pairing response found
Not enough confirm values found (0, need 2)
Not enough random values found (0, need 2)
No LL_ENC_REQ found
No LL_ENC_RSP found
Giving up due to 7 errors

Answer 5 · 2016-06-19T15:35:50.000Z

@jsradhe you need to run ubertooth-btle -f, not -p.

@thamtnguyen can you please attach your PCAP file?

Answer 6 · 2016-06-19T23:55:29.000Z

@mikeryan here is the PACP file, that I captured the pairing between my iPhone 6 and Apple watch.
test_AppleWatch_2.pcap.zip

Thanks

Answer 7 · 2016-06-20T03:38:48.000Z

@thamtnguyen running the latest git master version of crackle against your PCAP file and got the following errors:

No confirm values found, at least one is needed
Not enough random values found (1, need 2)
Giving up due to 2 errors

This indicates that Ubertooth was unable to capture all the packets needed to crack the pairing. This unfortunately is somewhat expected behavior as Ubertooth does not have a 100% capture rate. In this scenario you must repeatedly pair and unpair, capturing each time until crackle does not give any errors such as the above.

Answer 8 · 2016-06-20T03:45:45.000Z

In fact, I tried many times capturing the pairing process by using
Ubertooth. However, I got the same errors...
I am trying the capturing with BLE Friend hardware. I will share you the
results.

Many thanks.

Answer 9 · 2016-08-18T12:21:32.000Z

I ran ubetooth-btle -f -r as well as -c both give me the following error

connect packet found
No pairing request found
No pairing response found
Not enough confirm values found (0, need 2)
Not enough random values found (0, need 2)
No LL_ENC_REQ found
No LL_ENC_RSP found
Giving up due to 7 errors

These are the captures;
captures.zip

Please help @mikeryan

Thanks in advance!

Answer 10 · 2016-08-18T13:48:34.000Z

@jsradhe Were you able to successfully run your capture?

Answer 11 · 2016-08-18T19:21:33.000Z

I tried crackle again with no success. This was a different file that I was sure I had enough data captured in. Got the exact the same error.
capture2.zip

Answer 12 · 2016-09-01T00:06:07.000Z

In a useful capture you will find these packets:

Connection packets:
https://imageshack.us/i/poFb1eZup

Pairing packets; Feature exchange, TK and STK generation:
https://imageshack.us/i/pmOiJgqpp

Finally, the link is encrypted with STK:
https://imageshack.us/i/pld7ehbZp

In these screenshots of wireshark you can see all the packets:

connect packet found
Pairing_Req: No pairing request found
Pairing_Rsp: No pairing response found
Pairing Confirm: Not enough confirm values found (0, need 2)
Pairing Random: Not enough random values found (0, need 2)
No LL_ENC_REQ found
No LL_ENC_RSP found

Answer 13 · 2016-11-05T01:53:48.000Z

Hello all, I've just pushed a major update to the code that should help explain some of the errors you're seeing. Please pull from master and try running that against your capture files. If you're still having problems with the new code, please reopen individual tickets for your issues.