bluetooth low energy

42 Articles

Intercepting And Decoding Bluetooth Low Energy Data For Victron Devices

May 26, 2025 by 12 Comments

[ChrisJ7903] has created two Ardiuno programs for reading Victron solar controller telemetry data advertised via BLE. If you’re interested in what it takes to use an ESP32 to sniff Bluetooth Low Energy (BLE) transmissions, this is a master class.

The code is split into two main programs. One program is for the Victron battery monitor and the other is for any Victron solar controller. The software will receive, dissect, decrypt, decode, and report the data periodically broadcast from the devices over BLE.

The BLE data is transmitted in Link-Layer Protocol Data Units (PDUs) which are colloquially called “packets”. In this particular case the BLE functionality for advertising, also known as broadcasting, is used which means the overhead of establishing connections can be avoided thereby saving power.

Continue reading “Intercepting And Decoding Bluetooth Low Energy Data For Victron Devices”

Fighting To Keep Bluetooth Thermometers Hackable

January 16, 2025 by 39 Comments

Back in 2020, we first brought you word of the Xiaomi LYWSD03MMC — a Bluetooth Low Energy (BLE) temperature and humidity sensor that could be had from the usual sources for just a few dollars each. Capable of being powered by a single CR2032 battery for up to a year, the devices looked extremely promising for DIY smart home projects. There was only one problem, you needed to use Xiaomi’s app to read the data off of the things.

Enter [Aaron Christophel], who created an open source firmware for these units that could easily be flashed using a web-based tool from a smartphone in BLE range and opened up all sorts of advanced features. The firmware started getting popular, and a community developed around it. Everyone was happy. So naturally, years later, Xiaomi wants to put a stop to it.

Continue reading “Fighting To Keep Bluetooth Thermometers Hackable”

Diagram from the blog post, showing how GATT communication capture works

Hacking BLE To Liberate Your Exercise Equipment

January 4, 2024 by 17 Comments

It’s a story we’ve heard many times before: if you want to get your data from the Domyos EL500 elliptical trainer, you need to use a proprietary smartphone application that talks to the device over Bluetooth Low-Energy (BLE). To add insult to injury, the only way to the software will export your workout information is by producing a JPG image of a graph. This just won’t do, so [Juan Carlos Jiménez] gives us yet another extensive write-up, which provides an excellent introduction to practical BLE hacking.

He walks us through BLE GATT (Generic Attribute Profile), the most common way such devices work, different stages of the connection process, and the tools you can use for sniffing an active connection. Then [Juan] shows us a few captured messages, how to figure out packet types, and moves into the tastiest part — using an ESP32 to man-in-the-middle (MITM) the connection.

Continue reading “Hacking BLE To Liberate Your Exercise Equipment”

Bluetooth As Proxy For Occupancy

December 13, 2023 by 59 Comments

During [Matt]’s first year of college, he found in a roundabout way that he could avoid crowds in the dining hall by accessing publicly available occupancy data that the dining hall collected. Presumably this was data for the dining hall to use internally, but with the right API calls anyone could use the information to figure out the best times to eat. But when the dining hall switched providers, this information feed disappeared. Instead of resigning himself to live in a world without real-time data on the state of the dining hall, he recreated the way the original provider counted occupancy: by using Bluetooth as a proxy for occupancy.

Bluetooth devices like smartphones, fitness sensors, and other peripherals often send out advertising packets into the aether, to alert other devices to their presence and help initiate connections between devices. By sniffing these advertising packets, it’s possible to get a rough estimate of the number of people in one particular place, assuming most people in the area will be carrying a smartphone or something of that nature. [Matt]’s Bluetooth-sniffing device is based on the ESP32 set up to simply count the number of unique devices it finds. He had some trouble with large crowds, though, as the first ESP32 device he chose didn’t have enough RAM to store more than a few hundred IDs and would crash once the memory filled. Switching to a more robust module seems to have solved that issue, and with a few rounds of testing he has a workable prototype that can run for long periods and log at least as many Bluetooth devices passing by as there are within its range.

While [Matt] hasn’t deployed this to the dining hall yet, with this framework in place most of the work has been done that, at least in theory, one of these modules could be easily placed anywhere someone was interested in collecting occupancy data. He has plans to submit his project to the university, to research the topic further, and potentially sell these to businesses interested in that kind of data. This isn’t an idea limited to the ESP32, either. We’ve seen similar projects built using the Raspberry Pi’s wireless capabilities that perform similar tasks as this one.

Thanks to [Adrian] for the tip!

Raspberry Pi Pico W Now Supports Bluetooth

June 15, 2023 by 11 Comments

What’s the best kind of upgrade a piece of consumer technology can get? A free one that doesn’t require you to do anything other than accept a new version of the software it’s running.

That’s precisely what every current (and future) owner of the Raspberry Pi Pico W just got with the addition of Bluetooth support to SDK 1.5.1. This is possible because the CYW43439 radio chipset used on the wireless version of the Pi Pico has always had Bluetooth capabilities, they just weren’t officially accessible from the C or MicroPython environments until now. In a corresponding blog post, [Eben Upton] explains that part of the delay was due to difficulties in getting both WiFi and Bluetooth connections to work simultaneously over the three-pin SPI bus that links the two chips on the board.

One thing that struck us as particularly interesting here is the use of BlueKitchen’s BTStack to provide support for both Bluetooth Classic and Low Energy profiles. This library is released under a modified version of the BSD 3-Clause license that otherwise specifically forbids commercial usage. That would be a problem for anyone who wanted to sell a gadget built around the Pico W, so Raspberry Pi Ltd negotiated — and presumably paid for — a special dispensation so commercial use is in the clear.

We should note that technically Bluetooth support was available in a beta state previously, albeit without this new license agreement made with BlueKitchen. Though anyone with a keen eye knew Bluetooth support was coming well before that, our own [Elliot Williams] called it when he first set eyes on the Pi Pico W back in 2022.

The BLE Datalogging Scale Of A Thousand Uses

March 29, 2023 by 7 Comments

Whether you’re making coffee or beer or complex chemicals, weighing your ingredients carefully and tracking them is key to getting good results. [Tech Dregs] decided to build a logging scale that would work seamlessly with his smartphone, and shared the design on YouTube.

The design begins with a Greater Goods manual electronic scale, which was chosen for its convenient design and 750 gram load cell. Once cracked open, [Tech Dregs] pulled out the original PCB to replace it with his own. Only the original buttons are used, with an Seed Xiao ESP32-C3 replacing the scale’s original brains. The original LCD screen was swapped out for an OLED display, and it also got a rechargeable lithium battery for better usability.

The real value of the project, though, is its communication capability. It’s able to talk to an Android smartphone over Bluetooth Low Energy. Thanks to a custom app, [Tech Dregs] is able to log weight readings from the scale over time and even graph them live on the smartphone. As a demonstration, the scale is used to log the weight of a cup as it fills with a shot of coffee, which should serve [Tech Dregs] well in his coffee automation projects.

We’ve seen bathroom scales hacked before, too, with similar connectivity upgrades.

Continue reading “The BLE Datalogging Scale Of A Thousand Uses”

Using GitHub Actions To Brew Coffee

December 10, 2022 by 27 Comments

It’s getting harder and harder to think of a modern premium-level appliance that doesn’t come with some level of Internet connectivity. These days it seems all but the cheapest refrigerators, air purifiers, and microwaves include wireless capabilities — unfortunately they’re often poorly implemented or behind a proprietary system. [Matt] recently purchased a high-end coffee maker with Bluetooth functionality which turned out to be nearly useless, and set to work reverse-engineering his coffee maker and adapting it to work by sending commands from GitHub.

Since the wireless connectivity and app for this coffee maker was so buggy and unreliable, [Matt] first needed to get deep into the weeds on Bluetooth Low Energy (BTLE). After sniffing traffic and identifying the coffee maker, he set about building an interface for it in Rust. Once he is able to send commands to it, the next step was to integrate it with GitHub, so that filing issues on the GitHub interface sends the commands from a nearby computer over Bluetooth to the coffee maker, with much more reliability than the coffee maker came with originally.

Using [Matt]’s methods, anyone stuck with one of these coffee makers, a Delonghi Dinamica Plus, should be able to reactivate the use of its wireless functionality. While we’d hope that anyone selling a premium product like this would take a tiny amount of time and make sure that the extra features actually work, this low bar seems to be oddly common for companies to surmount. But it’s not required to pick up an expensive machine like this just to remotely brew a cup of coffee. You can do that pretty easily with a non-luxury coffee maker and some basic wireless hardware.