Bluetooth

Primer

Here is a pretty good primer on the fundamentals of Bluetooth.

Bluetooth comes in two flavors, Bluetooth Classic and Bluetooth Low Energy (BLE).

Bluetooth Low Energy (BLE)

Here is a pretty good video introduction to BLE.

For more information on how to analyze BLE traffic, check out the Analyzing BLE page.

Bluetooth MITM

Bluetooth can be intercepted with a couple of Bluetooth USB dongles and software such as GATTacker or BtleJuice, as detailed in Melamed, An active man-in-the-middle attack on bluetooth smart devices, 2018 and Melamed, Hack-a-ble: Hacking BLE Smart Devices, 2017. We can also use the Ubertooth One to intercept Bluetooth signals from your target.

SweynTooth

Some interesting new vulnerabilities were discovered in February 2020. More information here.

Ubertooth

The Ubertooth Project is an open-source platform used to experiment with Bluetooth. It can be used to capture and demodulate Bluetooth packets, and can be combined with packet analyzer tools such as Kismet or Wireshark.

The latest version is the Ubertooth One. The lab has two such devices that you can either try out at the lab or borrow for a project. The Ubertooth One is mainly used to sniff BLE, but can in some cases also be used with Bluetooth Classic.

Ubertooth One [1]

Check out this page to find our guide to the Ubertooth One.

References

[1] Ubertooth One. Great Scott Gadgets. https://greatscottgadgets.com/ubertoothone/. (Fetched 2021-06-03)