Pair any bluetooth device with a PS3 as a Sixaxis!

I have just paired my broadcom dongle with my PS3 as a Sixaxis :-p

I did this without modifying the dongle: this dongle is built on a broadcom chipset, which does not allow bdaddr modification!

I lately have been looking for ways to do that:
– I tried to modify the bdaddr of a sixaxis so as to make it pair the bdaddr of a dongle (you never know, it could have worked – and testing that was very easy)
– I tried to emulate a sixaxis with a usb development board

The development board is a Teensy++, but the code written for this device can be ported to any other atmel usb development board supported by the LUFA framework, such as the bumble-b for example.

Steps of the work:

1/ I wrote the usb hid layer and the “sixpair interface” (3 host to device requests: set master bdaddr, get master bdaddr, and get device bdaddr), and got the usb exchanges with a Linux host (sniffed with Wireshark/usbmon) be identical

=>pairing failed

2/ I bombed a real sixaxis whith “get report” control requests so as to see all the wValue that give responses, and implemented these request responses

=>failed too

3/ I connected my jtagice mkii debugger to my teensy++, made the teensy++ write some request logs in memory, and inspected them.
I identified the request that was blocking, did the same request to a real sixaxis, and saw the response it should give.


The sixaxis can now be emulated with any bluetooth device!

