scapy.contrib.nrf_sniffer module
nRF sniffer
Firmware and documentation related to this module is available at: https://www.nordicsemi.com/Software-and-Tools/Development-Tools/nRF-Sniffer https://github.com/adafruit/Adafruit_BLESniffer_Python https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-nordic_ble.c
- class scapy.contrib.nrf_sniffer.NRF2_Packet_Event(_pkt, /, *, header_len=10, reserved=0, phy=None, mic=None, encrypted=None, direction=None, crc_ok=1, rf_channel=0, rssi=-256, event_counter=0, delta_time=0)[source]
Bases:
Packet
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HEADER LEN |R| PHY |M|E|D|C| RF CHANNEL | RSSI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | EVENT COUNTER | DELTA TIME | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. NRF2_Packet_Event
header_len
10
reserved
BitField
(1 bit)0
phy
None
mic
BitField
(1 bit)None
encrypted
BitField
(1 bit)None
direction
BitField
(1 bit)None
crc_ok
BitField
(1 bit)1
rf_channel
0
rssi
-256
event_counter
0
delta_time
0
- class scapy.contrib.nrf_sniffer.NRF2_Ping_Response(_pkt, /, *, version=None)[source]
Bases:
Packet
- aliastypes
- class scapy.contrib.nrf_sniffer.NRFS2_PCAP(_pkt, /, *, board_id=0)[source]
Bases:
Packet
PCAP headers for DLT_NORDIC_BLE.
Nordic’s capture scripts either stick the COM port number (yep!) or a random number at the start of every packet.
https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-nordic_ble.c
The only “rule” is that we can’t start packets with
BE EF
, otherwise it becomes a “0.9.7” packet. So we just set “0” here.- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | BOARD ID | +-+-+-+-+-+-+-+-+ Fig. NRFS2_PCAP
board_id
0
- payload_guess
Possible sublayers:
NRFS2_Packet
- class scapy.contrib.nrf_sniffer.NRFS2_Packet(_pkt, /, *, len=None, version=2, counter=None, type=None)[source]
Bases:
Packet
nRF Sniffer v2 Packet
- aliastypes
- fields_desc
Display RFC-like schema
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LEN | VERSION | COUNTER | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | TYPE | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fig. NRFS2_Packet
len
None
version
2
counter
None
type
None
- payload_guess
Possible sublayers:
NRF2_Packet_Event
,NRF2_Ping_Request
,NRF2_Ping_Response