Develop Reference

How to send Read By Group Type request from Raspberry Pi?

I'm using Raspberry Pi to connect with Minew S1 Temperature and Humidity Sensor, in order to connect with my sensor I need to send some data to connect with sensor, so at first I tried connect with BeaconSet+ app with sensor, and I captured all those packets and tried to decode those using wireshark, so the first data sent from mobile to sensor is "Read By Group Type Request", what does it mean and how can I mirror it in Raspberry Pi using gatttool or bluetoothctl.
this link has packet screenshot
> HCI Event: Command Complete (0x0e) plen 4 #37 [hci0] 23.110065
LE Set Scan Enable (0x08|0x000c) ncmd 1
Status: Success (0x00)
< HCI Command: LE Create Connection (0x08|0x000d) plen 25 #38 [hci0] 23.110095
Scan interval: 60.000 msec (0x0060)
Scan window: 60.000 msec (0x0060)
Filter policy: White list is not used (0x00)
Peer address type: Public (0x00)
Peer address: AC:23:3F:AB:7B:D8 (Shenzhen Minew Technologies Co., Ltd.)
Own address type: Public (0x00)
Min connection interval: 30.00 msec (0x0018)
Max connection interval: 50.00 msec (0x0028)
Connection latency: 0 (0x0000)
Supervision timeout: 420 msec (0x002a)
Min connection length: 0.000 msec (0x0000)
Max connection length: 0.000 msec (0x0000)
> HCI Event: Command Status (0x0f) plen 4 #39 [hci0] 23.110613
LE Create Connection (0x08|0x000d) ncmd 1
Status: Success (0x00)
> HCI Event: LE Meta Event (0x3e) plen 19 #40 [hci0] 23.210757
LE Connection Complete (0x01)
Status: Success (0x00)
Handle: 64
Role: Master (0x00)
Peer address type: Public (0x00)
Peer address: AC:23:3F:AB:7B:D8 (Shenzhen Minew Technologies Co., Ltd.)
Connection interval: 48.75 msec (0x0027)
Connection latency: 0 (0x0000)
Supervision timeout: 420 msec (0x002a)
Master clock accuracy: 0x00
# MGMT Event: Device Connected (0x000b) plen 37 {0x0001} [hci0] 23.210785
LE Address: AC:23:3F:AB:7B:D8 (Shenzhen Minew Technologies Co., Ltd.)
Flags: 0x00000000
Data length: 24
Flags: 0x06
LE General Discoverable Mode
BR/EDR Not Supported
16-bit Service UUIDs (complete): 1 entry
Unknown (0xffe1)
Service Data (UUID 0xffe1): a101641cfd48e6d87bab3f23ac
< HCI Command: LE Read Remote Used Features (0x08|0x0016) plen 2 #41 [hci0] 23.210905
Handle: 64
> HCI Event: Command Status (0x0f) plen 4 #42 [hci0] 23.211771
LE Read Remote Used Features (0x08|0x0016) ncmd 1
Status: Success (0x00)
> HCI Event: Command Complete (0x0e) plen 14 #43 [hci0] 23.211775
LE Read Remote Used Features (0x08|0x0016) ncmd 1
Status: Success (0x00)
00 00 00 00 00 00 00 00 00 00 ..........
> HCI Event: LE Meta Event (0x3e) plen 12 #44 [hci0] 23.337233
LE Read Remote Used Features (0x04)
Status: Success (0x00)
Handle: 64
Features: 0x21 0x00 0x00 0x00 0x00 0x00 0x00 0x00
LE Encryption
LE Data Packet Length Extension
< ACL Data TX: Handle 64 flags 0x00 dlen 7 #45 [hci0] 23.337677
ATT: Exchange MTU Request (0x02) len 2
Client RX MTU: 517
> ACL Data RX: Handle 64 flags 0x02 dlen 7 #46 [hci0] 23.532018
ATT: Exchange MTU Response (0x03) len 2
Server RX MTU: 23
< ACL Data TX: Handle 64 flags 0x00 dlen 7 #47 [hci0] 23.532452
ATT: Read Request (0x0a) len 2
Handle: 0x0003
> HCI Event: Number of Completed Packets (0x13) plen 5 #48 [hci0] 23.580957
Num handles: 1
Handle: 64
Count: 2
> ACL Data RX: Handle 64 flags 0x02 dlen 10 #49 [hci0] 23.629552
ATT: Read Response (0x0b) len 5
Value: 6e52463578
< ACL Data TX: Handle 64 flags 0x00 dlen 7 #50 [hci0] 23.629713
ATT: Read Request (0x0a) len 2
Handle: 0x0005
> ACL Data RX: Handle 64 flags 0x02 dlen 7 #51 [hci0] 23.727010
ATT: Read Response (0x0b) len 2
Value: 0000
< ACL Data TX: Handle 64 flags 0x00 dlen 7 #52 [hci0] 23.727179
ATT: Read Request (0x0a) len 2
Handle: 0x0027
> HCI Event: Number of Completed Packets (0x13) plen 5 #53 [hci0] 23.775948
Num handles: 1
Handle: 64
Count: 2
> HCI Event: Disconnect Complete (0x05) plen 4 #54 [hci0] 32.502249
Status: Success (0x00)
Handle: 64
Reason: Remote User Terminated Connection (0x13)
# MGMT Event: Device Disconnected (0x000c) plen 8 {0x0001} [hci0] 32.502320
LE Address: AC:23:3F:AB:7B:D8 (Shenzhen Minew Technologies Co., Ltd.)
Reason: Connection terminated by remote host (0x03)
Thank you.

tcp-check expect binary response in second packet in a row

I am trying to build a TCP checking on my backend servers using HAProxy version 1.5.8.
The behavior should be as follows:
Send binary data to server
Receive ACK as first packet
Receive confirmation data in second packet
So I need to check that after sending binary data I received ACK and after that other binary data in a second packet in a row.
Is it possible to do it with HAProxy.
I am trying to find it in documentation and also trying to create different configurations, unsuccessfully:
option tcp-check
tcp-check connect
tcp-check send-binary 303030303030
tcp-check expect binary 303030303030
Every time I received back from server ACK, connection is terminated by HAProxy with the result that the backend server is down.
EDIT:
I will receive the following:
First packet after sending data
0000 a0 66 10 09 2e 46 9c af ca bb aa 47 08 00 45 00  f...F.¯Ê»ªG..E.
0010 00 28 40 58 40 00 3e 06 d7 04 0a 1e 0b 34 0a 02 .(#X#.>.×....4..
0020 06 20 25 1c d5 80 91 0a f8 87 db 03 25 8f 50 10 . %.Õ...ø.Û.%.P.
0030 01 c9 03 d6 00 00 00 00 00 00 00 00 .É.Ö........
Second packet right after the above
0000 a0 66 10 09 2e 46 9c af ca bb aa 47 08 00 45 00  f...F.¯Ê»ªG..E.
0010 00 39 40 59 40 00 3e 06 d6 f2 0a 1e 0b 34 0a 02 .9#Y#.>.Öò...4..
0020 06 20 25 1c d5 80 91 0a f8 87 db 03 25 8f 50 18 . %.Õ...ø.Û.%.P.
0030 01 c9 2d 2e 00 00 00 0f 30 30 30 30 30 30 42 33 .É-.....000000B3
0040 30 30 43 48 45 43 4b 00CHECK
The first is without any data and I need to check that the second contains 000000.
EDIT2:
PCAP provided:
Normal behavior when communication goes directly from client to server, without HAProxy:
Normal behavior - client to server
Using HAProxy as load balancer, connecting to the same server and checking with the same command, failing to check:
failing check - HAProxy to server
backend configuration:
backend nodes
mode tcp
balance roundrobin
default-server inter 10s fall 3 rise 2
option tcp-check
tcp-check connect
tcp-check send-binary 303030303030423230303035434845434b
tcp-check expect binary 000f30303030303042333030434845434b
server server1 10.30.11.52:9500 check
server server2 10.30.11.52:9501 check
server server3 10.30.11.52:9502 check

Receive ACK as first packet
HA proxy does not work at the raw packet level but at the TCP level. At this level there is no such thing as an ACK as a single packet. There is not even the concept of a packet at this level. Instead there is only the concept of a data stream consisting of the received bytes.
Every time I received back from server ACK, connection is terminated by HAProxy with the result that the backend server is down.
Given that HA proxy does not care about packets with zero payload in the first place it is likely that your "ACK as first packet" is actually some packet which contains an ACK (as almost all TCP packets do) but also contains some payload, but not the one you expect with the "next packet". Since the payload does not match the payload you specify as expected the check fails.
Note that this is only an assumption made based on incomplete information about your "ACK as first packet". To prove the assumption one would actually need to see what is really going on on the wire, for example by having a packet capture.
EDIT#1: after the OP provided a some (undocumented) dump of the packets and some figuring out where the actual IP header in these packets starts (offset 14, i.e. prefixed with layer 2 ethernet header) it is clear that the first packet has no payload which means it gets completely ignored by the check. The second packet then has the following payload of 17 bytes:
0030 00 0f 30 30 30 30 30 30 42 33 ..000000B3
0040 30 30 43 48 45 43 4b 00CHECK
Given that the OP checks for binary 303030303030 but the actual payload is 00 0f 30 30 30 30 30 30 .... the given tcp-check expect ... does not match the actual payload and thus the check fails.
EDIT#2:
After the OP has provided the pcap of a connection without and with haproxy a difference in the behavior of both client/haproxy and server can be seen:
without haproxy:
client sends 2 bytes \x00\x11 to the server followed by 17 bytes \x30\x30....
server replies immediately with 17 bytes \x00\x0f\x30\x30....
with haproxy:
haproxy send 17 bytes \x30\x30... to the server. It does not send the initial 2 bytes \x00\x11 as done by the original server !!!
Server does not reply (except an ACK with no payload). After 6 seconds of inactivity haproxy closes the connection to the server and likely considers the check failed.
In summary: I think the haproxy check fails to send the proper request to the server, i.e. the first 2 bytes are missing. That's why the server will not respond at all and the check will fail after some timeout.

Nginx ALPN Support - Online test are correct?

I'm checking ALPN support on NGINX with latest libressl 2.5.3. I think I have all correctly setup, but when I try to test from:
https://tools.keycdn.com/http2-test
Tell me : Yeah! DOMAIN supports HTTP/2.0
"ALPN is not supported"
Instead when I try to test locally with opnessl we can see alpn is correct with version h2
#openssl s_client -alpn h2 -connect domain:port | grep ALPN
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = fbrqx.com
verify return:1
ALPN protocol: h2
What I'm doing wrong ?
Are correct the information provided by keycdn ?
Thanks.
Ricardo / Brqx.

Today keycdn works and tell us ALPN is supported.
Here we can see libressl information ( so with 2.5.3 version [April 2017] you can test openssl ):
openssl version -a
LibreSSL 2.5.3
built on: date not available
platform: information not available
options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: information not available
OPENSSLDIR: "/PATH/libressl/libressl-2.5.3/.openssl/etc/ssl"
How to test server :
1.From server ( with openssl client )
openssl s_client -alpn h2 -connect DOMAIN:PORT -status
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
ALPN protocol: h2
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 1FB23766E93F4983F3218F3E1C0058947DD60BEEB414CA50BDDF9009299A273B
Session-ID-ctx:
Master-Key: BBCC316C78C85C90066F660A5C1018F5F71CEADFF13AC406758BA06B0D07A5FFCF21395657CFF1B42760C371EE70281D
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 06 48 61 b7 a7 63 23 ad-6a cf f9 47 39 49 c0 1a .Ha..c#.j..G9I..
0010 - b3 04 db ea 02 2e 46 a9-9a 6b 02 de b5 e9 bb c4 ......F..k......
0020 - 68 71 ba b2 62 27 08 76-f0 cb cb e6 e5 7d 4a 50 hq..b'.v.....}JP
0030 - f8 4d 40 24 2a 35 2a 7e-03 5b bc 27 73 7d 1a 14 .M#$*5*~.[.'s}..
0040 - f3 86 9d d9 33 42 49 c7-93 28 a0 f9 e3 4a cb 93 ....3BI..(...J..
0050 - 4d e7 43 bf 8d 8b 9d 3b-06 47 04 77 ca ca 0b 56 M.C....;.G.w...V
0060 - fc 6c ff 0d ac 69 7c b3-bb 6f fb 35 d5 75 7d aa .l...i|..o.5.u}.
0070 - d3 34 e1 04 f9 85 06 50-a2 3d 12 8d 69 39 53 32 .4.....P.=..i9S2
0080 - c7 c4 f3 84 93 fb 87 8c-48 a2 7b 8f 35 5a c0 4f ........H.{.5Z.O
0090 - 3c 58 39 3d 5d cf b1 10-b4 fa 19 9d 43 f2 09 c7 <X9=].......C...
Start Time: 1493112423
Timeout : 7200 (sec)
Verify return code: 0 (ok)
From client - Browser Google Chrome ( will tell us current connections what listen http2)
chrome://net-internals/#http2
This is the configuration on nginx :
server {
index index.html index.htm index.php;
# Direct http2
listen IP:PORT ssl http2;
# Haproxy redirection
listen IP:PORT http2 proxy_protocol;
...
And this one is the configuration on haproxy ( My idea is to use SSL layer between HA and Nginx so could be in different servers around the world).
frontend ABC
mode tcp
# Works with http11
# bind 0.0.0.0:PORT ssl crt /etc/haproxy/certs/DOMAIN.pem alpn http/1.1
# Works with http2 and http11
bind 0.0.0.0:PORT ssl crt /etc/haproxy/certs/DOMAIN.pem alpn h2,http/1.1 ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
reqadd X-Forwarded-Proto:\ https
use_backend proxy_nginx if { ssl_fc_alpn -i h2 }
default_backend nginx
backend nginx
mode tcp
server server_nginx IP:PORT check ssl verify none
backend proxy_nginx
mode tcp
server proxy_nginx IP:PORT check send-proxy
...
Now everybody could have working Haproxy, Nginx with libressl 2.5.3 using http2 and alpn.
Interesting URLs to check :
https://gist.github.com/thisismitch/7c91e9b2b63f837a0c4b
https://www.mare-system.de/blog/page/1405201517/
https://jve.linuxwall.info/blog/index.php?post/2015/10/04/SHA1/SHA256-certificate-switching-with-HAProxy
https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
Best regards.
Ricardo / Brqx.

Unix - Associate local IP to pts?

3 ppl (A B C) are connected to a local server (S1) through SSH (putty, or Unix console), with the same username (foobar). Is there a way to associate their own IP to the pts they create ?
For example, a command witch display that :
S1:/root# ls -l /dev/pts
crw------- 1 foobar tty 136, 0 16 apr 10:34 0 <-> 192.168.0.A
crw------- 1 foobar tty 136, 2 16 apr 10:22 2 <-> 192.168.0.B
crw------- 1 foobar tty 136, 3 16 apr 09:26 3 <-> 192.168.0.A
crw------- 1 foobar tty 136, 5 16 apr 09:26 5 <-> 192.168.0.C
Thanks !

"who" command shows you the association between pts-s and hostnames (or ip-s if there is no hostname). You can change the hostnames to IP using 'host' command (if this is a requirement for you).

Converting unknown binary data into series of numbers? (with a known example)

I'm trying to find a way to convert files in a little-used archaic file format into something human readable...
As an example, od -x myfile gives:
0000000 2800 4620 1000 461e c800 461d a000 461e
0000020 8000 461e 2800 461e 5000 461f b800 461e
0000040 b800 461d 4000 461c a000 461e 3800 4620
0000060 f800 4621 7800 462a e000 4622 2800 463c
0000100 2000 464a 1000 4654 8c00 4693 5000 4661
0000120 7000 46ac 6c00 46d1 a400 4695 3c00 470a
0000140 b000 46ca 7400 46e9 c200 471b 9400 469e
0000160 9c00 4709 cc00 4719 4000 46b0 6400 46cc
...
which I know corresponds to these integers:
10250 10116 10098 10152 10144 10122 10196 10158
10094 10000 10152 10254 10366 10910 10424 12042
12936 13572 18886 14420 22072 ...
but I have no idea how to convert one to the other!!
Many many thanks to anyone who can help.
If possible, general tips for what to try/where to begin in this situation would also be appreciated.
Update: I put the full binary file online here http://pastebin.com/YL2ApExG and the numbers it corresponds to here http://pastebin.com/gXNntsaJ
In the hex dump, it seems to alternate between four digits, presumably they correspond to the numbers I want? separated either by 4600 or 4700. Unfortunately, I don't know where to go from here!
Someone else asked below: the binary file is a .dat file generated by an old spectroscopy program... it's 1336 bytes and corresponds to 334 integers, so it's four bytes per integer.

Well this is what you can do -
Step I: Do the od -x of the file and redirect it to a temp file (eg. hexdump.txt)
od -x myfile > hexdump.txt
Step II: You will now have a text file that contains hexadecimal values which you can view using the cat command. Something like this -
[jaypal~/Temp]$ cat hexdump.txt
0000000 2800 4620 1000 461e c800 461d a000 461e
0000020 8000 461e 2800 461e 5000 461f b800 461e
0000040 b800 461d 4000 461c a000 461e 3800 4620
0000060 f800 4621 7800 462a e000 4622 2800 463c
0000100 2000 464a 1000 4654 8c00 4693 5000 4661
0000120 7000 46ac 6c00 46d1 a400 4695 3c00 470a
0000140 b000 46ca 7400 46e9 c200 471b 9400 469e
0000160 9c00 4709 cc00 4719 4000 46b0 6400 46cc
Step III: The first column isn't really important to you. Columns 2 thru 9 are important. We will now strip the file using AWK so that you can convert it to decimal. We will add space so that we can consider each value as an individual field. We will also add "0x" to it so that we can pass it as a hexadecimal value.
[jaypal~/Temp]$ awk '{for (i=2;i<=NF;i++) printf "0x"$i" "}' hexdump.txt > hexdump1.txt
[jaypal~/Temp]$ cat hexdump1.txt
0x2800 0x4620 0x1000 0x461e 0xc800 0x461d 0xa000 0x461e 0x8000 0x461e 0x2800 0x461e 0x5000 0x461f 0xb800 0x461e 0xb800 0x461d 0x4000 0x461c 0xa000 0x461e 0x3800 0x4620 0xf800 0x4621 0x7800 0x462a 0xe000 0x4622 0x2800 0x463c 0x2000 0x464a 0x1000 0x4654 0x8c00 0x4693 0x5000 0x4661 0x7000 0x46ac 0x6c00 0x46d1 0xa400 0x4695 0x3c00 0x470a 0xb000 0x46ca 0x7400 0x46e9 0xc200 0x471b 0x9400 0x469e 0x9c00 0x4709 0xcc00 0x4719 0x4000 0x46b0 0x6400 0x46cc
Step IV: Now we will convert each hexadecimal value into decimal using printf function with AWK.
[jaypal~/Temp]$ gawk --non-decimal-data '{ for (i=1;i<=NF;i++) printf ("%05d ", $i)}' hexdump1.txt > hexdump2.txt
[jaypal~/Temp]$ cat hexdump2.txt
10240 17952 04096 17950 51200 17949 40960 17950 32768 17950 10240 17950 20480 17951 47104 17950 47104 17949 16384 17948 40960 17950 14336 17952 63488 17953 30720 17962 57344 17954 10240 17980 08192 17994 04096 18004 35840 18067 20480 18017 28672 18092 27648 18129 41984 18069 15360 18186 45056 18122 29696 18153 49664 18203 37888 18078 39936 18185 52224 18201 16384 18096 25600 18124
Step V: Formatting to make it easily readable
[jaypal~/Temp]$ sed 's/.\{48\}/&\n/g' < hexdump2.txt > hexdump3.txt
[jaypal~/Temp]$ cat hexdump3.txt
10240 17952 04096 17950 51200 17949 40960 17950
32768 17950 10240 17950 20480 17951 47104 17950
47104 17949 16384 17948 40960 17950 14336 17952
63488 17953 30720 17962 57344 17954 10240 17980
08192 17994 04096 18004 35840 18067 20480 18017
28672 18092 27648 18129 41984 18069 15360 18186
45056 18122 29696 18153 49664 18203 37888 18078
39936 18185 52224 18201 16384 18096 25600 18124