I'm currently trying to capture the BLE communication packets sent between the smartband and my phone after connecting them. I have tried the nRF sniffer for Bluetooth LE of Nordic semiconductor, but it only worked if I clicked start capturing packets and selected my device in the device list before I connected my smartband to my phone. If I connected the two devices first, the smartband won't send advertising packets and won't show up in the device list. And then I click start caputring packets, the wireshark could not capture any packets.
I've read the documentation of Nordic(https://infocenter.nordicsemi.com/index.jsp?topic=%2Fug_sniffer_ble%2FUG%2Fsniffer_ble%2Fintro.html) and tried using "add LE address" field to add my miband to the device list, even though I find my miband in the device list after adding it, I still couldn't capture packets. So is there any other ways that I can capture the packets sent between the two devices when I start capturing packets after I connect the two devices?
No. You need to start listen while the device is advertising, so that the sniffer captures the CONNECT_IND packet. It contains necessary information so that the sniffer can follow the connection, such as connection interval, access address, channel selection algorithm and hop interval. Note that the BLE address is only present in the advertising packets and not in a packet in an ongoing connection.
In particular, the nRF radio hardware needs an access address when listening to a packet, as a mandatory filter. Even if it could listen to an arbitrary data channel and receive a packet, it does not know when or on what channel the next connection event will happen. In that case, you would basically need one receiver antenna/radio per BLE channel.