bluetooth low energy

45 Articles

Hacking The Bluetooth-Enabled Anker Prime Power Bank

August 14, 2025 by 33 Comments

Selling power banks these days isn’t easy, as you can only stretch the reasonable limits of capacity and output wattage so far. Fortunately there is now a new game in town, with ‘smart’ power banks, like the Anker one that [Aaron Christophel] recently purchased for reverse-engineering. It features Bluetooth (BLE), a ‘smart app’ and a rather fancy screen on the front with quite a bit of information. This also means that there’s a lot to hack here beyond basic battery management system (BMS) features.

As detailed on the GitHub project page, after you get past the glue-and-plastic-clip top, you will find inside a PCB with a GD32F303 MCU, a Telink TLSR8253 BLE IC and the 240×240 ST7789 LCD in addition to a few other ICs to handle BMS functions, RTC and such. Before firmware version 1.6.2 you can simply overwrite the firmware, but Anker added a signature check to later firmware updates.

The BLE feature is used to communicate with the Anker app, which the official product page advertises as being good for real-time stats, smart charging and finding the power bank by making a loud noise. [Aaron] already reverse-engineered the protocol and offers his own alternative on the project page. Naturally updating the firmware is usually also done via BLE.

Although the BLE and mobile app feature is decidedly a gimmick, hacking it could allow for some interesting UPS-like and other features. We just hope that battery safety features aren’t defined solely in software, lest these power banks can be compromised with a nefarious or improper firmware update.

Continue reading “Hacking The Bluetooth-Enabled Anker Prime Power Bank”

A photo of the circuit board with components soldered on

A Solar-Only, Battery-Free Device That Harvests Energy From A BPW34 Photodiode

August 10, 2025 by 21 Comments

Normally when you think solar projects, you think of big photovoltaic cells. But a photodiode is just an inefficient, and usually much smaller, PV cell. Since [Pocket Concepts]’s Solar_nRF has such a low power budget, it can get away with using BPW34 photodiodes in place of batteries. (Video, embedded below.)

The BPW34 silicon PIN photodiode feeds a small voltage into a BQ25504 ultra-low-power boost converter energy harvester which stores power in a capacitor. When the capacitor is fully charged the battery-good pin is toggled which drives a MOSFET that powers everything downstream.

When it’s powered on, the Nordic nRF initializes, reads the current temperature from an attached I2C thermometer, and then sends out a Bluetooth Low Energy (BLE) advertising packet containing the temperature data. When the capacitor runs out of energy, the battery-good pin is turned off and downstream electronics become unpowered and the cycle begins again.

Continue reading “A Solar-Only, Battery-Free Device That Harvests Energy From A BPW34 Photodiode”

A photo of the circuitry in its case

GarageMinder: Automatic Garage Door

July 19, 2025 by 12 Comments

After getting a new car, [Solo Pilot] missed the automatic garage door opening and closing system their old car had. So they set about building their own, called GarageMinder. On the project page you will find a bill of materials, schematics, and some notes about the approach taken in various versions of the software. [Solo Pilot] also made the software available.

The basic hardware centers around a Raspberry Pi Zero W, but there are plans to switch to an ESP32. From the car side of things there are built-in continuous Bluetooth Low Energy (BLE) advertisement broadcasts, which the Raspberry Pi can detect. Building a reliable system on top of these unreliable signals is difficult and you can read about some of the challenges and approaches that were taken during development. This is a work in progress and additional techniques and approaches are going to be trialed in future.

If you’re interested in Bluetooth garage door openers be sure to read about using a Bluetooth headset as a garage door opener for your Android device.

Intercepting And Decoding Bluetooth Low Energy Data For Victron Devices

May 26, 2025 by 12 Comments

[ChrisJ7903] has created two Ardiuno programs for reading Victron solar controller telemetry data advertised via BLE. If you’re interested in what it takes to use an ESP32 to sniff Bluetooth Low Energy (BLE) transmissions, this is a master class.

The code is split into two main programs. One program is for the Victron battery monitor and the other is for any Victron solar controller. The software will receive, dissect, decrypt, decode, and report the data periodically broadcast from the devices over BLE.

The BLE data is transmitted in Link-Layer Protocol Data Units (PDUs) which are colloquially called “packets”. In this particular case the BLE functionality for advertising, also known as broadcasting, is used which means the overhead of establishing connections can be avoided thereby saving power.

Continue reading “Intercepting And Decoding Bluetooth Low Energy Data For Victron Devices”

Fighting To Keep Bluetooth Thermometers Hackable

January 16, 2025 by 39 Comments

Back in 2020, we first brought you word of the Xiaomi LYWSD03MMC — a Bluetooth Low Energy (BLE) temperature and humidity sensor that could be had from the usual sources for just a few dollars each. Capable of being powered by a single CR2032 battery for up to a year, the devices looked extremely promising for DIY smart home projects. There was only one problem, you needed to use Xiaomi’s app to read the data off of the things.

Enter [Aaron Christophel], who created an open source firmware for these units that could easily be flashed using a web-based tool from a smartphone in BLE range and opened up all sorts of advanced features. The firmware started getting popular, and a community developed around it. Everyone was happy. So naturally, years later, Xiaomi wants to put a stop to it.

Continue reading “Fighting To Keep Bluetooth Thermometers Hackable”

Diagram from the blog post, showing how GATT communication capture works

Hacking BLE To Liberate Your Exercise Equipment

January 4, 2024 by 17 Comments

It’s a story we’ve heard many times before: if you want to get your data from the Domyos EL500 elliptical trainer, you need to use a proprietary smartphone application that talks to the device over Bluetooth Low-Energy (BLE). To add insult to injury, the only way to the software will export your workout information is by producing a JPG image of a graph. This just won’t do, so [Juan Carlos JimĂ©nez] gives us yet another extensive write-up, which provides an excellent introduction to practical BLE hacking.

He walks us through BLE GATT (Generic Attribute Profile), the most common way such devices work, different stages of the connection process, and the tools you can use for sniffing an active connection. Then [Juan] shows us a few captured messages, how to figure out packet types, and moves into the tastiest part — using an ESP32 to man-in-the-middle (MITM) the connection.

Continue reading “Hacking BLE To Liberate Your Exercise Equipment”

Bluetooth As Proxy For Occupancy

December 13, 2023 by 59 Comments

During [Matt]’s first year of college, he found in a roundabout way that he could avoid crowds in the dining hall by accessing publicly available occupancy data that the dining hall collected. Presumably this was data for the dining hall to use internally, but with the right API calls anyone could use the information to figure out the best times to eat. But when the dining hall switched providers, this information feed disappeared. Instead of resigning himself to live in a world without real-time data on the state of the dining hall, he recreated the way the original provider counted occupancy: by using Bluetooth as a proxy for occupancy.

Bluetooth devices like smartphones, fitness sensors, and other peripherals often send out advertising packets into the aether, to alert other devices to their presence and help initiate connections between devices. By sniffing these advertising packets, it’s possible to get a rough estimate of the number of people in one particular place, assuming most people in the area will be carrying a smartphone or something of that nature. [Matt]’s Bluetooth-sniffing device is based on the ESP32 set up to simply count the number of unique devices it finds. He had some trouble with large crowds, though, as the first ESP32 device he chose didn’t have enough RAM to store more than a few hundred IDs and would crash once the memory filled. Switching to a more robust module seems to have solved that issue, and with a few rounds of testing he has a workable prototype that can run for long periods and log at least as many Bluetooth devices passing by as there are within its range.

While [Matt] hasn’t deployed this to the dining hall yet, with this framework in place most of the work has been done that, at least in theory, one of these modules could be easily placed anywhere someone was interested in collecting occupancy data. He has plans to submit his project to the university, to research the topic further, and potentially sell these to businesses interested in that kind of data. This isn’t an idea limited to the ESP32, either. We’ve seen similar projects built using the Raspberry Pi’s wireless capabilities that perform similar tasks as this one.

Thanks to [Adrian] for the tip!