feat: Linux WiFi + BLE + HS Capture bridge (no ESP32 required)

[FusedStamen]

Background

Running WatchDogsGo on a uConsole CM4 with HackerGadgets AIO v1 with no ESP32/C5 available. Built a Python bridge script (wdg_wifi_bridge.py) that emulates the projectZero serial protocol over a PTY, enabling full game functionality using the host's native Linux WiFi and Bluetooth adapters.

wdg_wifi_bridge.py

How it works

The bridge creates a PTY at /tmp/esp32-pty and symlinks it so the game can be launched with:

sudo ./run.sh /tmp/esp32-pty

It intercepts game serial commands and handles them natively on Linux:

Command | Handler -- | -- scan_networks | iw dev wlan1 scan scan_bt | bleak BLE scanner on hci adapter start_sniffer | tcpdump in monitor mode → pcapng start_handshake / start_handshake_serial | airodump-ng + hcxpcapngtool polling

Hardware tested on

• uConsole CM4, HackerGadgets AIO v1
• AC1200 WiFi card (wlan1) — wardriving + BLE
• AWUS036ACM / MT7612U (wlan2) — packet sniff + HS capture
• Internal UART Bluetooth (hci1) — BLE scanning

HS Capture approach

airodump-ng handles the mt76x2u driver better than hcxdumptool on kernel 6.12.x (radiotap header compatibility). The bridge polls the capture file every 10 seconds with hcxpcapngtool to detect new EAPOL/PMKID hashes and fires the game's handshake event (SSID:{name} AP:{bssid}) which triggers 200 XP, the handshake_hunter badge, and map marker.

Systemd service

ini

[Unit]
Description=WatchDogsGo WiFi + BLE Bridge
After=network.target bluetooth.target

[Service]
ExecStart=/home/fusedstamen/python/WatchDogsGo/.venv/bin/python3 /home/fusedstamen/python/WatchDogsGo/wdg_wifi_bridge.py --iface wlan1 --bt-iface hci1 --sniffer-iface wlan2 --no-monitor --loot-dir /home/fusedstamen/python/WatchDogsGo/loot
Restart=always
RestartSec=3

[Install]
WantedBy=multi-user.target

Notes

• You mentioned in issue uConsole Wardriving without ESP32 #1 you'd consider landing a sanitised bridge script under extras/ with a proper security review pass — happy to work on that if useful
• The script is in my fork at github.com/FusedStamen/WatchDogsGo
• Dependencies: bleak, airodump-ng, hcxpcapngtool, tcpdump, iw

[FusedStamen]

UPDATED BRIDGE SCRIPT

wdg_wifi_bridge.py

BLE fast-fail detection — _do_ble_scan now times each scan and logs a warning if it completes in under 2 seconds with 0 results, indicating the Bluetooth adapter has dropped out

Packet sniffer — start_sniffer / stop_sniffer commands put wlan2 (AWUS036ACM) in monitor mode and capture to pcapng via tcpdump, saved to loot directory

Handshake capture — start_handshake / start_handshake_serial commands use airodump-ng on wlan2 for WPA handshake and PMKID capture; polls with hcxpcapngtool every 10 seconds to detect new hashes and fires the game's handshake event (SSID/AP format for 200 XP + badge)

wlan1 restore on HS stop — after stopping handshake capture, wlan1 is brought back up since hcxdumptool/airodump-ng can bring it down

--sniffer-iface — new argument for dedicated capture interface (default wlan2), separate from wardriving interface (wlan1)

--loot-dir — new argument to specify where captures are saved