[deprecated – see newer post]

The code to get a teensy++ pair a bluetooth device with a PS3 is available there.


  • use it at your own risk
  • the vendor id and the product id are the property of Sony

To get it working, the following changes have to be done:

In sixaxis_pair_emu.c, edit the following lines:

uint8_t EEMEM DeviceBdaddr[6] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06};
uint16_t EEMEM VendorId = 0x03EB;
uint16_t EEMEM ProductId = 0x2042;

If your bdaddr is 11:22:33:44:55:66 then replace {0x01, 0x02, 0x03, 0x04, 0x05, 0x06 } with {0x11, 0x22, 0x33, 0x44, 0x55, 0x66 }.
The vendor id of a sixaxis is 0x054c, and the product id is 0x0268.

For now, you have to compile the firmware yourself.

Enhancements that I planned to do:

  • make the PS3 bdaddr be learnt by the device (but not persistent) done
  • write the variables that have to be modified in the eeprom done
  • make a specific usb request to modify them done
  • make a definitive firmware
  • make a linux/windows gui app

Pair any bluetooth device with a PS3 as a Sixaxis!

I have just paired my broadcom dongle with my PS3 as a Sixaxis :-p

I did this without modifying the dongle: this dongle is built on a broadcom chipset, which does not allow bdaddr modification!

I lately have been looking for ways to do that:
– I tried to modify the bdaddr of a sixaxis so as to make it pair the bdaddr of a dongle (you never know, it could have worked – and testing that was very easy)
– I tried to emulate a sixaxis with a usb development board

The development board is a Teensy++, but the code written for this device can be ported to any other atmel usb development board supported by the LUFA framework, such as the bumble-b for example.

Steps of the work:

1/ I wrote the usb hid layer and the “sixpair interface” (3 host to device requests: set master bdaddr, get master bdaddr, and get device bdaddr), and got the usb exchanges with a Linux host (sniffed with Wireshark/usbmon) be identical

=>pairing failed

2/ I bombed a real sixaxis whith “get report” control requests so as to see all the wValue that give responses, and implemented these request responses

=>failed too

3/ I connected my jtagice mkii debugger to my teensy++, made the teensy++ write some request logs in memory, and inspected them.
I identified the request that was blocking, did the same request to a real sixaxis, and saw the response it should give.


The sixaxis can now be emulated with any bluetooth device!

Another way to pair a dongle with the PS3 as a Sixaxis – 2

A usb device (such as a teensy++, a bumble-b or an atmel chip+vusb) can talk to the PS3 as an “unpaired” sixaxis.

I think it has to have the following characteristics:

  • the same vendor id and product id
  • the same hid descriptor
  • after a small delay, the device sends a PS3 button press
  • when the PS3 requests for the bdaddr, reply with the bdaddr we want to pair
  • when the PS3 sends its bdaddr, reply “ok”

Another way to pair a dongle with a PS3 as a Sixaxis?

Another way to pair a dongle with the PS3 as a Sixaxis could be to change the bdaddr of a Sixaxis with the bdaddr of a dongle, and pair that Sixaxis with the PS3.

It seems that the bluetooth module of the sixaxis is composed of a CSR chip and an additional chip (flash memory?), so that there is a little chance that the bdaddr can be changed.

The bdaddr of the bluetooth master can be get/set with usb commands (as seen with sixpair utility). I’ll try to do the same with the bdaddr of the sixaxis (it is already known that there is a get command).

– any bluetooth dongle could be used
– using a widcomm compatible dongle could make possible to port the sixaxis emulator to windows
– the sixaxis bdaddr could be reset to its original value so that the sixaxis and the sixaxis emulator could be used at the same time

– none

This method doesn’t work, the command just fails.

Compatible CSR bluetooth dongles

Edit 24/06: Bluecore4-ROM dongles may work too!

It is quite difficult to tell if a usb dongle will work or not (even for CSR chips).

And not to make it easier, dongle manufacturers can change the chip without changing the product name… So be careful about hardware revisions!

I suggest CSR chips such as BlueCore2-ext and BlueCore4-ext. There is no guaranty it will work.

Older CSR chips may work (as the dongle I’m using – Cellink BTA-3000).

There is valuable information about BlueCore2-ext dongles and BlueCore4-ext dongles on that blog and that forum thread.

A list of dongles with BlueCore2-ext can be found there (p.98-104).