API tools faq
paste
Guest User

Untitled

a guest
Mar 10th, 2024
24
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.29 KB | None | 0 0
raw download clone embed print report
  1. Bluetooth monitor ver 5.72
  2. = Note: Linux version 6.1.80 (aarch64) 0.479051
  3. = Note: Bluetooth subsystem version 2.22 0.479058
  4. = New Index: 00:C0:CA:B3:C5:3C (Primary,USB,hci0) [hci0] 0.479063
  5. = Open Index: 00:C0:CA:B3:C5:3C [hci0] 0.479064
  6. = Index Info: 00:C0:CA:B3:C5:3C (MediaTek, Inc.) [hci0] 0.479067
  7. @ MGMT Open: bluetoothd (privileged) version 1.22 {0x0001} 0.479069
  8. @ MGMT Open: bluetoothctl (privileged) version 1.22 {0x0002} 0.479071
  9. > HCI Event: Connect Request (0x04) plen 10 #1 [hci0] 32.396800
  10. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  11. Class: 0x5a020c
  12. Major class: Phone (cellular, cordless, payphone, modem)
  13. Minor class: Smart phone
  14. Networking (LAN, Ad hoc)
  15. Capturing (Scanner, Microphone)
  16. Object Transfer (v-Inbox, v-Folder)
  17. Telephony (Cordless telephony, Modem, Headset)
  18. Link type: ACL (0x01)
  19. < HCI Command: Accept Connection Request (0x01|0x0009) plen 7 #2 [hci0] 32.396866
  20. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  21. Role: Central (0x00)
  22. > HCI Event: Command Status (0x0f) plen 4 #3 [hci0] 32.397531
  23. Accept Connection Request (0x01|0x0009) ncmd 1
  24. Status: Success (0x00)
  25. > HCI Event: Role Change (0x12) plen 8 #4 [hci0] 32.477159
  26. Status: Success (0x00)
  27. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  28. Role: Central (0x00)
  29. > HCI Event: Connect Complete (0x03) plen 11 #5 [hci0] 32.480907
  30. Status: Success (0x00)
  31. Handle: 51
  32. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  33. Link type: ACL (0x01)
  34. Encryption: Disabled (0x00)
  35. < HCI Command: Read Remote Supported Features (0x01|0x001b) plen 2 #6 [hci0] 32.481044
  36. Handle: 51 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  37. @ RAW Open: btmon (privileged) version 2.22 {0x0003} 32.481116
  38. @ RAW Close: btmon {0x0003} 32.481129
  39. > HCI Event: Command Status (0x0f) plen 4 #7 [hci0] 32.481547
  40. Read Remote Supported Features (0x01|0x001b) ncmd 1
  41. Status: Success (0x00)
  42. > HCI Event: Max Slots Change (0x1b) plen 3 #8 [hci0] 32.485781
  43. Handle: 51 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  44. Max slots: 5
  45. > HCI Event: Read Remote Supported Features (0x0b) plen 11 #9 [hci0] 32.500906
  46. Status: Success (0x00)
  47. Handle: 51 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  48. Features: 0xff 0xfe 0x8f 0xfe 0xd8 0x3f 0x5b 0x87
  49. 3 slot packets
  50. 5 slot packets
  51. Encryption
  52. Slot offset
  53. Timing accuracy
  54. Role switch
  55. Hold mode
  56. Sniff mode
  57. Power control requests
  58. Channel quality driven data rate (CQDDR)
  59. SCO link
  60. HV2 packets
  61. HV3 packets
  62. u-law log synchronous data
  63. A-law log synchronous data
  64. CVSD synchronous data
  65. Paging parameter negotiation
  66. Power control
  67. Transparent synchronous data
  68. Broadcast Encryption
  69. Enhanced Data Rate ACL 2 Mbps mode
  70. Enhanced Data Rate ACL 3 Mbps mode
  71. Enhanced inquiry scan
  72. Interlaced inquiry scan
  73. Interlaced page scan
  74. RSSI with inquiry results
  75. Extended SCO link (EV3 packets)
  76. AFH capable peripheral
  77. AFH classification peripheral
  78. LE Supported (Controller)
  79. 3-slot Enhanced Data Rate ACL packets
  80. 5-slot Enhanced Data Rate ACL packets
  81. Sniff subrating
  82. Pause encryption
  83. AFH capable central
  84. AFH classification central
  85. Enhanced Data Rate eSCO 2 Mbps mode
  86. Extended Inquiry Response
  87. Simultaneous LE and BR/EDR (Controller)
  88. Secure Simple Pairing
  89. Encapsulated PDU
  90. Non-flushable Packet Boundary Flag
  91. Link Supervision Timeout Changed Event
  92. Inquiry TX Power Level
  93. Enhanced Power Control
  94. Extended features
  95. < HCI Command: Read Remote Extended Features (0x01|0x001c) plen 3 #10 [hci0] 32.500945
  96. Handle: 51 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  97. Page: 1
  98. > HCI Event: Command Status (0x0f) plen 4 #11 [hci0] 32.501283
  99. Read Remote Extended Features (0x01|0x001c) ncmd 1
  100. Status: Success (0x00)
  101. > HCI Event: IO Capability Response (0x32) plen 9 #12 [hci0] 32.503408
  102. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  103. IO capability: DisplayYesNo (0x01)
  104. OOB data: Authentication data not present (0x00)
  105. Authentication: Dedicated Bonding - MITM required (0x03)
  106. > HCI Event: IO Capability Request (0x31) plen 6 #13 [hci0] 32.503530
  107. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  108. > HCI Event: Connection Packet Type Changed (0x1d) plen 5 #14 [hci0] 32.504532
  109. Status: Success (0x00)
  110. Handle: 51 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  111. Packet type: 0xcc18
  112. DM1 may be used
  113. DH1 may be used
  114. DM3 may be used
  115. DH3 may be used
  116. DM5 may be used
  117. DH5 may be used
  118. > HCI Event: Read Remote Extended Features (0x23) plen 13 #15 [hci0] 32.505907
  119. Status: Success (0x00)
  120. Handle: 51 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  121. Page: 1/2
  122. Features: 0x0b 0x00 0x00 0x00 0x00 0x00 0x00 0x00
  123. Secure Simple Pairing (Host Support)
  124. LE Supported (Host)
  125. Secure Connections (Host Support)
  126. < HCI Command: Remote Name Request (0x01|0x0019) plen 10 #16 [hci0] 32.505946
  127. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  128. Page scan repetition mode: R2 (0x02)
  129. Page scan mode: Mandatory (0x00)
  130. Clock offset: 0x0000
  131. < ACL Data TX: Handle 51 flags 0x00 dlen 10 #17 [hci0] 32.505963
  132. L2CAP: Information Request (0x0a) ident 1 len 2
  133. Type: Extended features supported (0x0002)
  134. > HCI Event: Command Status (0x0f) plen 4 #18 [hci0] 32.506406
  135. Remote Name Request (0x01|0x0019) ncmd 1
  136. Status: Success (0x00)
  137. > ACL Data RX: Handle 51 flags 0x02 dlen 10 #19 [hci0] 32.508261
  138. L2CAP: Information Request (0x0a) ident 2 len 2
  139. Type: Extended features supported (0x0002)
  140. < ACL Data TX: Handle 51 flags 0x00 dlen 16 #20 [hci0] 32.508281
  141. L2CAP: Information Response (0x0b) ident 2 len 8
  142. Type: Extended features supported (0x0002)
  143. Result: Success (0x0000)
  144. Features: 0x000002b8
  145. Enhanced Retransmission Mode
  146. Streaming Mode
  147. FCS Option
  148. Fixed Channels
  149. Unicast Connectionless Data Reception
  150. > HCI Event: Remote Name Req Complete (0x07) plen 255 #21 [hci0] 32.517779
  151. Status: Success (0x00)
  152. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  153. Name: aptx.sniff.trojan.root.exploit
  154. @ MGMT Event: Device Connected (0x000b) plen 50 {0x0001} [hci0] 32.517796
  155. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  156. Flags: 0x00000000
  157. Data length: 37
  158. Name (complete): aptx.sniff.trojan.root.exploit
  159. Class: 0x5a020c
  160. Major class: Phone (cellular, cordless, payphone, modem)
  161. Minor class: Smart phone
  162. Networking (LAN, Ad hoc)
  163. Capturing (Scanner, Microphone)
  164. Object Transfer (v-Inbox, v-Folder)
  165. Telephony (Cordless telephony, Modem, Headset)
  166. @ MGMT Event: Device Connected (0x000b) plen 50 {0x0002} [hci0] 32.517796
  167. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  168. Flags: 0x00000000
  169. Data length: 37
  170. Name (complete): aptx.sniff.trojan.root.exploit
  171. Class: 0x5a020c
  172. Major class: Phone (cellular, cordless, payphone, modem)
  173. Minor class: Smart phone
  174. Networking (LAN, Ad hoc)
  175. Capturing (Scanner, Microphone)
  176. Object Transfer (v-Inbox, v-Folder)
  177. Telephony (Cordless telephony, Modem, Headset)
  178. > ACL Data RX: Handle 3837 flags 0x02 dlen 16 #22 [hci0] 43.543744
  179. Channel: 512 len 12 [PSM 0 mode Basic (0x00)] {chan 65535}
  180. 33 00 e2 d4 1f 00 00 00 66 37 00 00 3.......f7..
  181. > HCI Event: Disconnect Complete (0x05) plen 4 #23 [hci0] 43.751513
  182. Status: Success (0x00)
  183. Handle: 51 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  184. Reason: Remote User Terminated Connection (0x13)
  185. @ MGMT Event: Device Disconnected (0x000c) plen 8 {0x0001} [hci0] 43.751546
  186. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  187. Reason: Connection terminated by remote host (0x03)
  188. @ MGMT Event: Device Disconnected (0x000c) plen 8 {0x0002} [hci0] 43.751546
  189. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  190. Reason: Connection terminated by remote host (0x03)
  191. > HCI Event: Connect Request (0x04) plen 10 #24 [hci0] 48.560759
  192. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  193. Class: 0x5a020c
  194. Major class: Phone (cellular, cordless, payphone, modem)
  195. Minor class: Smart phone
  196. Networking (LAN, Ad hoc)
  197. Capturing (Scanner, Microphone)
  198. Object Transfer (v-Inbox, v-Folder)
  199. Telephony (Cordless telephony, Modem, Headset)
  200. Link type: ACL (0x01)
  201. < HCI Command: Accept Connection Request (0x01|0x0009) plen 7 #25 [hci0] 48.560830
  202. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  203. Role: Central (0x00)
  204. > HCI Event: Command Status (0x0f) plen 4 #26 [hci0] 48.561489
  205. Accept Connection Request (0x01|0x0009) ncmd 1
  206. Status: Success (0x00)
  207. > HCI Event: Role Change (0x12) plen 8 #27 [hci0] 48.641366
  208. Status: Success (0x00)
  209. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  210. Role: Central (0x00)
  211. > HCI Event: Connect Complete (0x03) plen 11 #28 [hci0] 48.645114
  212. Status: Success (0x00)
  213. Handle: 50
  214. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  215. Link type: ACL (0x01)
  216. Encryption: Disabled (0x00)
  217. < HCI Command: Read Remote Supported Features (0x01|0x001b) plen 2 #29 [hci0] 48.645247
  218. Handle: 50 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  219. @ RAW Open: btmon (privileged) version 2.22 {0x0003} 48.645325
  220. @ RAW Close: btmon {0x0003} 48.645339
  221. > HCI Event: Command Status (0x0f) plen 4 #30 [hci0] 48.645746
  222. Read Remote Supported Features (0x01|0x001b) ncmd 1
  223. Status: Success (0x00)
  224. > HCI Event: Max Slots Change (0x1b) plen 3 #31 [hci0] 48.658741
  225. Handle: 50 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  226. Max slots: 5
  227. > HCI Event: Read Remote Supported Features (0x0b) plen 11 #32 [hci0] 48.754991
  228. Status: Success (0x00)
  229. Handle: 50 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  230. Features: 0xff 0xfe 0x8f 0xfe 0xd8 0x3f 0x5b 0x87
  231. 3 slot packets
  232. 5 slot packets
  233. Encryption
  234. Slot offset
  235. Timing accuracy
  236. Role switch
  237. Hold mode
  238. Sniff mode
  239. Power control requests
  240. Channel quality driven data rate (CQDDR)
  241. SCO link
  242. HV2 packets
  243. HV3 packets
  244. u-law log synchronous data
  245. A-law log synchronous data
  246. CVSD synchronous data
  247. Paging parameter negotiation
  248. Power control
  249. Transparent synchronous data
  250. Broadcast Encryption
  251. Enhanced Data Rate ACL 2 Mbps mode
  252. Enhanced Data Rate ACL 3 Mbps mode
  253. Enhanced inquiry scan
  254. Interlaced inquiry scan
  255. Interlaced page scan
  256. RSSI with inquiry results
  257. Extended SCO link (EV3 packets)
  258. AFH capable peripheral
  259. AFH classification peripheral
  260. LE Supported (Controller)
  261. 3-slot Enhanced Data Rate ACL packets
  262. 5-slot Enhanced Data Rate ACL packets
  263. Sniff subrating
  264. Pause encryption
  265. AFH capable central
  266. AFH classification central
  267. Enhanced Data Rate eSCO 2 Mbps mode
  268. Extended Inquiry Response
  269. Simultaneous LE and BR/EDR (Controller)
  270. Secure Simple Pairing
  271. Encapsulated PDU
  272. Non-flushable Packet Boundary Flag
  273. Link Supervision Timeout Changed Event
  274. Inquiry TX Power Level
  275. Enhanced Power Control
  276. Extended features
  277. < HCI Command: Read Remote Extended Features (0x01|0x001c) plen 3 #33 [hci0] 48.755019
  278. Handle: 50 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  279. Page: 1
  280. > HCI Event: Command Status (0x0f) plen 4 #34 [hci0] 48.755362
  281. Read Remote Extended Features (0x01|0x001c) ncmd 1
  282. Status: Success (0x00)
  283. > HCI Event: IO Capability Response (0x32) plen 9 #35 [hci0] 48.756239
  284. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  285. IO capability: DisplayYesNo (0x01)
  286. OOB data: Authentication data not present (0x00)
  287. Authentication: Dedicated Bonding - MITM required (0x03)
  288. > HCI Event: IO Capability Request (0x31) plen 6 #36 [hci0] 48.756363
  289. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  290. > HCI Event: Connection Packet Type Changed (0x1d) plen 5 #37 [hci0] 48.758738
  291. Status: Success (0x00)
  292. Handle: 50 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  293. Packet type: 0xcc18
  294. DM1 may be used
  295. DH1 may be used
  296. DM3 may be used
  297. DH3 may be used
  298. DM5 may be used
  299. DH5 may be used
  300. > HCI Event: Read Remote Extended Features (0x23) plen 13 #38 [hci0] 48.795114
  301. Status: Success (0x00)
  302. Handle: 50 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  303. Page: 1/2
  304. Features: 0x0b 0x00 0x00 0x00 0x00 0x00 0x00 0x00
  305. Secure Simple Pairing (Host Support)
  306. LE Supported (Host)
  307. Secure Connections (Host Support)
  308. < HCI Command: Remote Name Request (0x01|0x0019) plen 10 #39 [hci0] 48.795154
  309. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  310. Page scan repetition mode: R2 (0x02)
  311. Page scan mode: Mandatory (0x00)
  312. Clock offset: 0x0000
  313. < ACL Data TX: Handle 50 flags 0x00 dlen 10 #40 [hci0] 48.795168
  314. L2CAP: Information Request (0x0a) ident 1 len 2
  315. Type: Extended features supported (0x0002)
  316. > HCI Event: Command Status (0x0f) plen 4 #41 [hci0] 48.795612
  317. Remote Name Request (0x01|0x0019) ncmd 1
  318. Status: Success (0x00)
  319. > ACL Data RX: Handle 50 flags 0x02 dlen 10 #42 [hci0] 48.797436
  320. L2CAP: Information Request (0x0a) ident 2 len 2
  321. Type: Extended features supported (0x0002)
  322. < ACL Data TX: Handle 50 flags 0x00 dlen 16 #43 [hci0] 48.797460
  323. L2CAP: Information Response (0x0b) ident 2 len 8
  324. Type: Extended features supported (0x0002)
  325. Result: Success (0x0000)
  326. Features: 0x000002b8
  327. Enhanced Retransmission Mode
  328. Streaming Mode
  329. FCS Option
  330. Fixed Channels
  331. Unicast Connectionless Data Reception
  332. > HCI Event: Remote Name Req Complete (0x07) plen 255 #44 [hci0] 48.840736
  333. Status: Success (0x00)
  334. Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  335. Name: aptx.sniff.trojan.root.exploit
  336. @ MGMT Event: Device Connected (0x000b) plen 50 {0x0001} [hci0] 48.840756
  337. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  338. Flags: 0x00000000
  339. Data length: 37
  340. Name (complete): aptx.sniff.trojan.root.exploit
  341. Class: 0x5a020c
  342. Major class: Phone (cellular, cordless, payphone, modem)
  343. Minor class: Smart phone
  344. Networking (LAN, Ad hoc)
  345. Capturing (Scanner, Microphone)
  346. Object Transfer (v-Inbox, v-Folder)
  347. Telephony (Cordless telephony, Modem, Headset)
  348. @ MGMT Event: Device Connected (0x000b) plen 50 {0x0002} [hci0] 48.840756
  349. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  350. Flags: 0x00000000
  351. Data length: 37
  352. Name (complete): aptx.sniff.trojan.root.exploit
  353. Class: 0x5a020c
  354. Major class: Phone (cellular, cordless, payphone, modem)
  355. Minor class: Smart phone
  356. Networking (LAN, Ad hoc)
  357. Capturing (Scanner, Microphone)
  358. Object Transfer (v-Inbox, v-Folder)
  359. Telephony (Cordless telephony, Modem, Headset)
  360. > ACL Data RX: Handle 3837 flags 0x02 dlen 16 #45 [hci0] 59.808396
  361. Channel: 256 len 12 [PSM 0 mode Basic (0x00)] {chan 65535}
  362. 32 00 30 a0 20 00 00 00 66 37 00 00 2.0. ...f7..
  363. > HCI Event: Disconnect Complete (0x05) plen 4 #46 [hci0] 60.014342
  364. Status: Success (0x00)
  365. Handle: 50 Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  366. Reason: Remote User Terminated Connection (0x13)
  367. @ MGMT Event: Device Disconnected (0x000c) plen 8 {0x0001} [hci0] 60.014376
  368. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  369. Reason: Connection terminated by remote host (0x03)
  370. @ MGMT Event: Device Disconnected (0x000c) plen 8 {0x0002} [hci0] 60.014376
  371. BR/EDR Address: 4C:02:20:92:13:5C (OUI 4C-02-20)
  372. Reason: Connection terminated by remote host (0x03)
  373.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!