SDP query failed 0x04, retrying...

[nocomp]

hi
regardless of the target type i always get this message:

Starting RFCOMM Query
TX --> BT_Baseband / Raw
SDP query failed 0x04, retrying...
TX --> BT_Baseband / Raw
SDP query failed 0x04, retrying...
TX --> BT_Baseband / Raw
SDP query failed 0x04, retrying...
TX --> BT_Baseband / Raw
SDP query failed 0x04, retrying...
TX --> BT_Baseband / Raw

does it means that remote device is patched?

[Matheus-Garbelini]

Hi @nocomp , from your logs, it appears no connection is possible to your target.
Perhaps check if your target is really a BT classic device and if the BDAddress is correct.

[nocomp]

Bonjour matheus,
thx for your reply,
i ve tried smart bands, bt rubki s cube, watch, phone, always the same behaviour, quite weird no?
is there a sort of vuln bt emulator that exist in order to test if it s all ok in my conf?
best regards

[Matheus-Garbelini]

Hi @nocomp does the braktooth PoC works for you instead? If you try scanning targets from the PoC with the --scan argument, do you get something?
Also, what ESP32 dev. board are you using?

[nocomp]

hi matheus,
braktooth doesn t work cause of bandwith issues of my adapter Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks#2

i use the adaptater in picture on code page, the esp32 doit dev kit

this is what i get so far:

nocomp@sdrbox:~/tools/bt/esp32_bluetooth_classic_sniffer$ ./BTSnifferBREDR.py
[!] Bridge will start without BT host stack
Using options:
Serial Port: /dev/ttyUSB0
Serial Baud: 921600
BT Host Program: None
Host BDAddress: e0:d4:e8:19:c7:68
Target BDAddress: None
[!] Reset Done! EN pin toggled HIGH->LOW->HIGH
[!] Waiting 0.8s...
[ESP32BT] Firmware version: 1.4.1
sh: 1: setserial: not found
HCI Bridge started on /dev/pts/2
ESP32BT driver started on /dev/ttyUSB0@921600

nocomp@sdrbox:~/tools/bt/esp32_bluetooth_classic_sniffer$ ./BTSnifferBREDR.py --live-terminal
Using options:
Serial Port: /dev/ttyUSB0
Serial Baud: 921600
BT Host Program: ./host_stack/spp_counter
Host BDAddress: e0:d4:e8:19:c7:68
Target BDAddress: None
[!] Reset Done! EN pin toggled HIGH->LOW->HIGH
[!] Waiting 0.8s...
[ESP32BT] Firmware version: 1.4.1
sh: 1: setserial: not found
HCI Bridge started on /dev/pts/2
ESP32BT driver started on /dev/ttyUSB0@921600
Starting ['./host_stack/spp_counter', '-u', '/dev/pts/2', '-a', 'None']
Packet Log: logs/hci_dump.pklg
H4 device: /dev/pts/2
SDP service record size: 95
Local version information:

• HCI Version 0x0008
• HCI Revision 0x030e
• LMP Version 0x0008
• LMP Subversion 0x030e
• Manufacturer 0x0060
  Local name:
  TX --> BT_Baseband / Raw
  TX --> BT_Baseband / Raw
  BTstack up and running at E0:D4:E8:19:C7:68

hcitool lescan gives me
E3:81:1A:03:F8:01 GoCube_01F803_1

then

nocomp@sdrbox:~/tools/bt/esp32_bluetooth_classic_sniffer$ ./BTSnifferBREDR.py --target=E3:81:1A:03:F8:01 --live-terminal
Using options:
Serial Port: /dev/ttyUSB0
Serial Baud: 921600
BT Host Program: ./host_stack/sdp_rfcomm_query
Host BDAddress: e0:d4:e8:19:c7:68
Target BDAddress: e3:81:1a:03:f8:01
[!] Reset Done! EN pin toggled HIGH->LOW->HIGH
[!] Waiting 0.8s...
[ESP32BT] Firmware version: 1.4.1
sh: 1: setserial: not found
HCI Bridge started on /dev/pts/2
ESP32BT driver started on /dev/ttyUSB0@921600
Starting ['./host_stack/sdp_rfcomm_query', '-u', '/dev/pts/2', '-a', 'E3:81:1A:03:F8:01']
Packet Log: logs/hci_dump.pklg
H4 device: /dev/pts/2
address=E3:81:1A:03:F8:01
Local version information:

• HCI Version 0x0008
• HCI Revision 0x030e
• LMP Version 0x0008
• LMP Subversion 0x030e
• Manufacturer 0x0060
  Local name:
  BTstack up and running at E0:D4:E8:19:C7:68
  Starting RFCOMM Query
  TX --> BT_Baseband / Raw
  SDP query failed 0x04, retrying...
  TX --> BT_Baseband / Raw

gettin despaired

thank you for your time

[zece14zece]

the same issue....

[zece14zece]

@Matheus-Garbelini pls help, was checked with smart braslets and headphones

[thisguy23]

Any idea what caused this? I had no problems running sniffer then installed the brak tool and now even after fresh vm wont run