Latest revision as of 23:17, 3 February 2014

Intro

Common requirements

libbtbb

BT baseband library

git clone git://git.code.sf.net/p/libbtbb/code libbtbb-code
make
sudo make install

ubertooth tools

git clone git://ubertooth.git.sourceforge.net/gitroot/ubertooth/ubertooth

Flashing

Take latest release ubertooth-2012-10-R1.tar.xz

tar xf ubertooth-2012-10-R1.tar.xz

We'll need ubertooth-2012-10-R1/ubertooth-one-firmware-bin/bluetooth_rxtx.dfu
But flasher of ubertooth-2012-10-R1 is buggy so let's take the one from git.

./ubertooth-dfu --write bluetooth_rxtx.dfu

Spectrum analysis

ubertooth/host/specan_ui

apt-get install python-pyside.qtgui python-numpy libusb-dev

needs pyusb 1.0 -> from git

git clone https://github.com/walac/pyusb.git
cd pyusb
python setup.py install

Or move pyusb/usb to host/specan_ui

./ubertooth-specan-ui

spectools

git clone https://www.kismetwireless.net/spectools.git
cd spectools
./configure
make
./spectool_gtk

Excellent spectrum view both for BT & Wi-Fi activity

Click on Wi-Fi channels at the bottom to highlight some

Sniffing

ubertooth/host/bluetooth_rxtx

make
./ubertooth_lap         # LAP sniffer
./ubertooth_uap -l LAP  # guess byte to get UAP

Kismet

At writing, latest release was kismet-2011-03-R2

./configure
make
sudo make suidinstall

See next to get ubertooth plugin

When asked to add an input, specify interface "ubertooth"

Test with "scan for devices" -> a lot of packets from "00:00:00:9E:8B:33"

ubertooth/host/kismet/plugin-ubertooth

KIS_SRC_DIR=.../kismet-2011-03-R2 make
sudo bash
# KIS_SRC_DIR=.../kismet-2011-03-R2 make install

Supposed to dump content to .pcapdump file but file seems always pretty empty...

Wireshark

Not tried (see before) but there is a wireshark plugin in libbtbb-core/wireshark/plugins

BLE

http://blog.lacklustre.net/posts/BLE_Fun_With_Ubertooth:_Sniffing_Bluetooth_Smart_and_Cracking_Its_Crypto/

Difference between revisions of "Ubertooth"