Sponsors of Wiimoteproject.com
IR Pens for Wiimote Whiteboard
Wiimote Project » Hardware Support » Bluetooth & Connectivity Knowledge Center » Perminant Wiimote Sync (Do you know how to directly enter a hexadecimal passkey)
Pages: [1] 2
  Print  
Author Topic: Perminant Wiimote Sync (Do you know how to directly enter a hexadecimal passkey)  (Read 37617 times)
0 Members and 2 Guests are viewing this topic.
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« on: December 24, 2008, 01:54:56 PM »

Wiimote Friends

Wiibrew have made some significant advances in knowledge on Wiimote Pairing.

The "syncing" of a Wii Remote involves standard Bluetooth pairing. When the Sync button is pressed on the remote, it will accept pairing requests. The required PIN is the hosts's Bluetooth address, backwards (last byte first), in binary (6 bytes). Most current Bluetooth implementations don't deal with this correctly, as they usually consider the PIN to be a regular ASCII string (no 00 bytes, etc). Any further steps that need to be taken after the Wii Remote is paired have not been reverse engineered yet.

Once the Wii Remote is synced, when a button is pressed, it will actively seek out its paired host and try to connect to it, instead of the other way around.


http://wiibrew.org/wiki/Wiimote

This is important for programers as it may mean we can advance the connection protocols to make pairing possible removing the need for constant reconection.

benpaddlejones Smiley
« Last Edit: January 09, 2009, 07:46:41 AM by benpaddlejones » Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
*
Karma: +0/-0
Posts: 2
Offline Offline
View Profile Email
« Reply #1 on: January 06, 2009, 12:20:48 AM »

Most current Bluetooth implementations don't deal with this correctly, as they usually consider the PIN to be a regular ASCII string (no 00 bytes, etc).

So this means that we cant use Bluesoleil Embarrassed
What bluetooth software does support binary pairing?
Logged
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« Reply #2 on: January 06, 2009, 03:39:02 AM »

Bringer
This is new research from the reverse engineering of the Wiimote. All BT stacks allow pairing that is the process sync predominantly a piece of hardware wirelessly with it host so both can be turned on/off at leisure and still connect.

The Wiimote is designed to sync with a pairing code, we have ever have worked around this hence the need to connect with every session.

My understanding of this is we could convert the Bluetooth Host Address (found: control panel/bluetooth configuration/diagnostics, it looks something like 00:19:5B:5B:E3:81) using the below instructs to create a pin that will permanently sync the wiimote.

What I'm waiting for is someone who know binary to provide input to explain how to convert host addresses into six figure binary backwards!

benpaddlejones Smiley
Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
*
Karma: +0/-0
Posts: 12
Offline Offline
View Profile Email
« Reply #3 on: January 06, 2009, 05:10:21 AM »

I understand binary like I understand women, so don't quote me on this, but I found a binary converter that seems to be working (and will even invert the bits for you!)

It's a Trial (but who cares for testing purposes for now):
http://www.aquariussoft.com/pc-binary-converter/

So to convert my Wiimote's MAC which is 00:17:ab:3a:2e:69 , you need to remove the colons which gives you 0017ab3a2e69.

Converted to Binary that gives us: 1011110101011001110100010111001101001
And from the "Invert Bits" button we have: 0100001010100110001011101000110010110

Which sounds just about right.

If you want to implement this as code, a good starting point in Wikipedia would be:
http://en.wikipedia.org/wiki/Hexadecimal (for a chart from Hex to Binary) and
http://en.wikipedia.org/wiki/MAC_address (for a good visual cue of how MAC addresses are built).

I'm not sure just how much this helps you, I'm not a programmer so I can't really go further than this.
Logged
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« Reply #4 on: January 06, 2009, 06:14:49 AM »

LucasNovae
I'm not sure just how much this helps you, I'm not a programmer so I can't really go further than this.
Neither am I

I am hoping the binary code can be entered as the pairing code during the connection process permanently syncing the wiimote?

I'm going to play now and see what happens.

benpaddlejones Smiley
Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« Reply #5 on: January 06, 2009, 06:44:18 AM »

Update:
No luck yet
My BT Address is: 00:19:5B:5B:E3:81
Removed colons 00195B5BE381
Using converter: http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp

Created the binary for:
  • 00195B5BE381 - as is
  • 183EB5B59100 - Backwards
  • 00195B5BE381 - as is then inverted binary
  • 183EB5B59100 - Backwards then inverted binary

I am running Widdcom v5 on XP (given Broadcom made BT infrastructure in Wii and they make Widcomm I assume this is most likely to be successful.

Using normal connection sequence only start with red internal sync button instead of skip I enter the binary.

All return no connection!

Any thoughts?

benpaddlejones Smiley
Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
*
Karma: +0/-0
Posts: 12
Offline Offline
View Profile Email
« Reply #6 on: January 06, 2009, 04:00:37 PM »

My BT Address is: 00:19:5B:5B:E3:81
Using converter: http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp

Any thoughts?

benpaddlejones Smiley

Well, I'm not getting the same Binary result when I try to convert using your page than when I try with the converter I downloaded - so maybe that's the issue. When I tried to google for a MAC address binary converter, I got the very strong impression that the MAC address is a "Hexadecimal" address, meaning if you just convert with ASCII it's just not the same thing!

Here's the difference:
MAC: 00195B5BE381
From HEX to BINARY: 1100101011011010110111110001110000001
From ASCII to BINARY: 001100000011000000110001001110010011010

I'm fairly convinced that this is the problem you're having.

Also remember that "inverting bits" doesn't mean flipping the whole sequence around and reconverting that. I'm not sure how you did it, but if I do a bit inversion with the Aquarius PC Binary Converter I get "6A4A41C7E" for the inverted bits, with 0011010100100101001000001110001111110 as inverted bits binary.

I'm using my internal Dell Inspiron bluetooth adapter (which I believe is the TrueBlue mobile adapter) which works great with the default Vista stack. I'm not sure I completely understand how I should enter the binary code... Is it just supposed to be the Passkey in the bluetooth device configuration?
Logged
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« Reply #7 on: January 06, 2009, 04:40:21 PM »

Is it just supposed to be the Passkey in the bluetooth device configuration?

Thats what I'm hoping!

I will try your converter tomorrow. Perhaps you could have a few tests too see if you get a result.

benpaddlejones Smiley
Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« Reply #8 on: January 06, 2009, 04:42:57 PM »

LucasNovae

I'm not sure on the definition of backwards too? SO I'm trying lots of different ways.

benpaddljones
Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
*
Karma: +0/-0
Posts: 12
Offline Offline
View Profile Email
« Reply #9 on: January 06, 2009, 06:46:56 PM »

Ack, now I'm confused too! Wiibrew should really think about putting an example of how they do a backwards bit thing, because I'm not sure anymore. But here's what I think...

You start with your binary (from my MAC: 0017AB3A2E69)
1011110101011001110100010111001101001
(I just realized that the Aquarius software remotes all the trailing zeroes, the idiot!, so it's actually:
000000000001011110101011001110100010111001101001 )

Because a "byte" is 8 bits, and each number is a binary bit, a byte is basically 8 binary numbers. So 6 bytes:
00000000 00010111 10101011 00111010 00101110 01101001

Backwards (Last byte First) is:
01101001 00101110 00111010 10101011 00010111 00000000
which is 692E3AAB1700 in HEX

For your mac, that's:
00000000 00011001 01011011 01011011 11100011 10000001

Backwards:
10000001 11100011 01011011 01011011 00011001 00000000
In HEX: 81E35B5B1900

I just tried putting in the MAC in HEX, backwards bytes (692E3AAB1700) and I get a message that the device has refused the passkey because the passkey was wrong... Maybe because as wiibrew says, common BT stacks don't support this properly, so the internal Vista and XP stacks are most likely culprits.

I wonder if this could be circumvented in another way through programming?
Logged
*
Karma: +10/-0
Posts: 134
Offline Offline
View Profile WWW
« Reply #10 on: January 06, 2009, 09:40:56 PM »

Hi, I'm sorry to say but you two (Ben and Lucas) seem to be missing something here.

The required PIN is the hosts's Bluetooth address, backwards (last byte first), in binary (6 bytes).

That means the Bluetooth MAC address of the computer (e.g., USB dongle or internal module), not the Wiimote's.
Let's take Ben's address for example: 00:19:5B:5B:E3:81
As I understand it, you have to reverse it byte-wise: 81:E3:5B:5B:19:00

Most current Bluetooth implementations don't deal with this correctly, as they usually consider the PIN to be a regular ASCII string (no 00 bytes, etc).

That's the real problem here. When you for instance enter '0' into the passphrase field of the pairing assistant, this gets converted to the byte 00110000 (30 in Hex), because the '0' is interpreted as an ASCII character (http://www.asciitable.com). At least this is what Wiibrew suggests and it seems plausible to me.
As you'll notice, there is no ASCII character that is mapped to the byte 00000000. Thus it's impossible to enter Ben's MAC, and any other address that contains 00.

As far as I understand, you would need to hack the Bluetooth pairing assistant of your operating system to directly enter a binary (or hexadecimal) passphrase.


Uwe
Logged

Java WiimoteWhiteboard for Mac OS X, Windows and Linux.
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« Reply #11 on: January 07, 2009, 03:22:21 AM »

ujs

Thanks for your help (as you already now I'm no programmer). How hard is it to change (hack) the Mac address?

Do you think this worth further exploring or is it too hard basket???

benpaddlejones Smiley
« Last Edit: January 07, 2009, 03:32:53 AM by benpaddlejones » Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
*
Karma: +10/-0
Posts: 134
Offline Offline
View Profile WWW
« Reply #12 on: January 07, 2009, 06:53:40 PM »

How hard is it to change (hack) the Mac MAC address?

I'm not sure you meant it, but it might be possible to change the host Bluetooth device address (BDA) to something where an ASCII sequence exists, and then do the pairing. At least I found this article that explains how to change the BDA on Linux.

For example one could change the BDA to 30:30:30:30:30:30 and then use the passkey '000000' to do the pairing with the Wiimote.

However, the problem is that you change the BDA which will confuse all your previously paired Bluetooth devices (like cellphones). They'll all need to be paired again to the computer. And I guess strange things would happen if two devices with the same BDA tried to connect.
There is, after all, a good reason why the BDA is unique (first 3 bytes identify the vendor, see http://www.coffer.com/mac_find/ to check your own).


The other option would be to leave the BDA as it is, and then enter the passkey directly in hexadecimal while pairing the Wimote. Paring is usually done by some sort of connection assistant which would have to be changed to offer this option. I have no idea how hard it would be to do this...


Uwe
Logged

Java WiimoteWhiteboard for Mac OS X, Windows and Linux.
*
Karma: +0/-0
Posts: 12
Offline Offline
View Profile Email
« Reply #13 on: January 07, 2009, 11:01:10 PM »

Well the Pairing is depending on the stack, I assume - Bluesoleil has their own stack, etc.

So I'm supposing that someone would have to write a new stack for this, or we would need to find which one works and with which adapter...

This is very complex stuff!
Logged
Support Admin
*
Karma: +49/-0
Posts: 1178
Offline Offline
benpaddlejones@live.com.au View Profile WWW Email
« Reply #14 on: January 08, 2009, 03:36:57 AM »

ujs
Yeah I found heeps of research into Linux changing the BT MAC Address and lots of people asking if it can be done on MAC/Win but no answers.

The other option would be to leave the BDA as it is, and then enter the passkey directly in hexadecimal while pairing the Wimote. Paring is usually done by some sort of connection assistant which would have to be changed to offer this option. I have no idea how hard it would be to do this...

This would be ideal as once connected I just press the 'On' button then run my Wiimote Application.

Any programmers interested???

benpaddlejones Smiley
Logged


See my full profile and links on my Google Profile: http://www.google.com/profiles/benpaddlejones
Pages: [1] 2
  Print  
 
Jump to:  

Clicky Web Analytics