https://wiki.wireshark.org/Bluetooth As per the above link, it sounds like Wireshark can decode all HSP Packets (Rfcomm + SCO/eSCO) when used with Ubertooth One. Can I analyze all BT HSP Packets (Rfcomm + SCO/eSCO) communication between my Smart Phone and COTS Headset using Ubertooth One + Wireshark? If so, could you please explain how? asked 16 Apr '16, 18:17  Manoj Prasad |
One Answer:
Hello, You probably need to know how to capture Bluetooth traffic by Ubertooth. Unfortunately I never be able to capture Bluetooth traffic by Ubertooth (expect Low Energy), so please ask Ubertooth team: https://github.com/greatscottgadgets/ubertooth/wiki/Getting-Help Then if you back with logs then Wireshark should show you everything you want, however decoding SCO may be not perfect (most implementations do not allow to capture e/SCO). HSP (RFCOMM) is fully supported, if you do not see it try to use "Decode as" for L2CAP to RFCOMM then RFCOMM to HSP. But please remember that Ubertooth does not support EDR, so if your device use it, you cannot capture HSP at all. Most devices use EDR... answered 06 Sep '16, 06:25  Michał Łabędzki |
