Today my Ubertooth One arrived. I ordered this for a couple of reasons… but the main, pressing reason was I wanted to better understand Bluetooth Beacons and I need a way to packet capture in a promiscuous mode much like I can with WiFi. It seems that the Ubertooth One is the simplest and cheapest solution available - from what I found ultimately it was the only option. The Ubertooth One was created by Michael Ossmann and Dominic Spill from Great Scott Gadgets. There are a lot of instructions available… and as long as this isn’t your first time using the make command (http://linoxide.com/how-tos/linux-make-command-examples/) and you aren’t scared to type a few commands in to a terminal, command only, window then getting started isn’t too much work. If you aren’t a programmer then having some experience and patience in searching the Internet for answers then give it a go. There are some dependencies and I found this was the best place to get started: https://github.com/greatscottgadgets/ubertooth/wiki/Getting-Started but there are many other websites you will visit in the initial stages of getting your Ubertooth One going. I had to compile the firmware as the ready to go package was considered old for the host tools. https://github.com/greatscottgadgets/ubertooth/wiki/Firmware I found this out, because someone else had the issue: https://github.com/greatscottgadgets/ubertooth/issues/228 I used the latest GNU-ARM-Embedded toolchain https://developer.arm.com/open-source/gnu-toolchain/gnu-rm/downloads rather than the older one that was linked to elsewhere. Maybe this was good, maybe bad… It works! Here was a great piece of learning… Bluetooth packets start with a code that is based on the Lower Address Part (LAP) of a particular Bluetooth Device Address (BD_ADDR). The BD_ADDR is a 48 bit MAC address, just like the MAC address of an Ethernet device. The LAP consists of the lower 24 bits of the BD_ADDR and is the only part of the address that is transmitted with every packet. I was able to sniff these LAP’s simply with the Ubertooth One as soon as firmware was flashed and libraries and host tools installed.
Simply capturing Bluetooth in Wireshark https://github.com/greatscottgadgets/ubertooth/wiki/Capturing-BLE-in-Wireshark But the info didn’t contain what I was expecting… And then I found this… https://github.com/greatscottgadgets/libbtbb/issues/14 I need to compile some plugins for Wireshark so that it can decode the data coming from the Ubertooth correctly. It looks like there is a Mac OS bug. Next Stop Linux… More to come. Interesting reading and watching: Ubertooth Getting Started: https://github.com/greatscottgadgets/ubertooth/wiki/Getting-Started So you want to track people with Ubertooth: http://ubertooth.blogspot.com.au/2012/11/so-you-want-to-track-people-with.html I highly recommend watching this youtube video where Michael Ossmann discusses the difficulties of Bluetooth capture and more https://www.youtube.com/watch?v=KSd_1FE6z4Y Where to buy: https://www.ozhack.com/shop/bluetooth/ubertooth-one/ - For the Australian's https://greatscottgadgets.com/ubertoothone/ - for a whole range of international resellers
Comments
|
WifiHaxWe build and optimise networks. Continuous learning is our secret to being good. Along the learning journey we will share things here... Archives
May 2024
Categories
All
|