App for controlling a BLE toy cars from a Sailfish OS device
- The Android app is a bloatware:
- Heats up the phone (maybe due to the 3D graphics)
- Loads very slowly
- The Nissan app available with throttle on the left mode (left handed by default??)
- Aliendalvik has no Bluetooth support on SFOS
- Reverse engineering is fun!
- Planning support for USB-OTG game controllers
- Selectable right/left handed operation (I hated hardcoded left handed mode Brandbase app!)
- Gadget uptime/runtime calculation
- Nissan Formula E manufactured by Brandbase used by Shell in promotional campagin
- Ferrari models manufactured by Bburago sold by the Shell in a promotional campaign
The Brandbase implementation is based on @scrool's work
The Bburago implementation is more simple: it does not have AES encryption on payloads (neither on the command nor the battery notificaition). It had been reverse engineered by using frida and optiv's blemon frida plugin.
Protocol is quite simple:
Command is sent in 8 byte to the "0000fff1-0000-1000-8000-00805f9b34fb" characteristics see this code for details.
The battery notification is sent periodically through the "00002a19-0000-1000-8000-00805f9b34fb" characteristic in a single byte in percentage format. (You need to enable notifications to this characteristics see: here
- DJI Tello drone
- Parrot Sumo "drone"