This Bluetooth GATT Course Is A Must Watch

October 4, 2024 by Arya Voronova 6 Comments

Bluetooth is a backbone technology for innumerable off-the-shelf and hacker devices. You should know how to work with it – in particular, nowadays you will certainly be working at the Bluetooth GATT (Generic Attribute) layer. This two-part project by [V. Hunter Adams] of Cornell fame spares no detail in making sure you learn Bluetooth GATT for all your hacking needs – not only will you find everything you could want to know, you also get example GATT server and client application codebases to use in your projects, designed to work with the commonly available Pi Pico W!

What’s better than a visual demonstration? The video below shows the GATT server running on a Pico W – handling six different parameters at once. [Hunter] pokes at the server’s characteristics with a smartphone app – sending string data back and forth, switching an LED, and even changing parameters of audio or video color output by the Pico. Flash the server code into your Pico W, play with it, read through it, and follow the tutorial to learn what makes it tick.
Continue reading “This Bluetooth GATT Course Is A Must Watch” →

Diagram from the blog post, showing how GATT communication capture works

Hacking BLE To Liberate Your Exercise Equipment

January 4, 2024 by Arya Voronova 17 Comments

It’s a story we’ve heard many times before: if you want to get your data from the Domyos EL500 elliptical trainer, you need to use a proprietary smartphone application that talks to the device over Bluetooth Low-Energy (BLE). To add insult to injury, the only way to the software will export your workout information is by producing a JPG image of a graph. This just won’t do, so [Juan Carlos Jiménez] gives us yet another extensive write-up, which provides an excellent introduction to practical BLE hacking.

He walks us through BLE GATT (Generic Attribute Profile), the most common way such devices work, different stages of the connection process, and the tools you can use for sniffing an active connection. Then [Juan] shows us a few captured messages, how to figure out packet types, and moves into the tastiest part — using an ESP32 to man-in-the-middle (MITM) the connection.

Continue reading “Hacking BLE To Liberate Your Exercise Equipment” →

Hackaday

gatt

2 Articles

This Bluetooth GATT Course Is A Must Watch

Hacking BLE To Liberate Your Exercise Equipment

Search

Never miss a hack

If you missed it

The Rogue Emperor, And What To Do About Them

Mechanisms: Tension Control Bolts

What Happens If You Speedrun Making A CPU?

Flirting With Kessler: Why Space Debris Physics Make It Such An Orbital Pain

Supercon 2024: Badge Add-On Winners

Our Columns

The Badge Hacks Of Supercon

Hackaday Podcast Episode 295: Circuit Graver, Zinc Creep, And Video Tubes

This Week In Security: Linux VMs, Real AI CVEs, And Backscatter TOR DoS

Ask Hackaday: How Much Would You Stake On An Online Retailer

2023 Hackaday Supercon: One Year Of Progress For Project Boondock Echo

Search

Never miss a hack

Subscribe

If you missed it

Our Columns