Ask Your Question
0

Error parsing BT HCI trace created with btsnooz.py

asked 2021-01-09 23:47:02 +0000

dandreye gravatar image

updated 2021-01-10 00:13:28 +0000

Hi All,

I've just used these instructions and python script btsnooz.py from there to extract BT HCI log (trace) from the bug report zip produced by my Samsung SM-A320FL smartphone running Android 8 Oreo: https://source.android.com/devices/bl...

Unfortunately Wireshark only displays the first 5 packets and returns the following error: "The capture file appears to be damaged or corrupt. (btsnoop: File has 117440512-byte packet, bigger than maximum of 262144)". I understand that this trace is of some type (extension) ".cfa" but others can still open theirs with Wireshark and I can open theirs too. Assuming extension as such doesn't matter I gave mine extension .pcap as .cfa doesn't seem to be associated with anything.

Although I should probably be asking Android Engineering that instead, just wondering if I'm doing something obvious wrong by chance? Here's the trace in question: https://drive.google.com/file/d/1TpNn...

Wireshark build is current stable 3.4.2 (v3.4.2-0-ga889cf1b1bf9).

Many thanks in anticipation!

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2021-01-10 23:14:56 +0000

dandreye gravatar image

Apparently that python script btsnooz.py is implied for use with Linux: just verified it on Ubuntu with python v2.7 and it produces correct pcap files parsed by Wireshark w/o any such errors.

edit flag offensive delete link more

Comments

I doubt the platform is relevant, maybe the Python versions used? Anyway, the script would need some work either way.

Jaap gravatar imageJaap ( 2021-01-11 12:15:15 +0000 )edit

Thanks for your comment. Further research revealed that when used on Windows it writes 0D0A instead of every 0A, causing those Wireshark parsing errors. Replacing those 0D0A "back" with 0A in a hex editor fixed those errors in my case. As for the python version, I've just tried checking it on my W10x64 using "python --version" and it can't even find such app, so no idea how the script managed to run..

dandreye gravatar imagedandreye ( 2021-01-11 12:20:49 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2021-01-09 23:47:02 +0000

Seen: 867 times

Last updated: Jan 10 '21

Related questions

Problems decoding BLE capture from another Wireshark program

Capture file appears to be damaged or corrupt

Is there a way to differentiate between aptx and aptx hd codec

What is a good solution to capture Bluetooth traffic?

Identifying which Bluetooth packets include the actual information that is sent between devices

When I work with BLE sniffer can I use filters by advertising data?

BTmesh dissector not decrypting

How can I capture Bluetooth packets without any dongle by macOS?

Ubertooth bash script returns DLT_USER error

Why is there no bluetooth-monitor device on Linux Mint?

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2