Link Search Menu Expand Document

Bluetooth

Primer

Here is a pretty good primer on the fundamentals of Bluetooth.

Bluetooth comes in two flavors, Bluetooth Classic and Bluetooth Low Energy (BLE).

Here is a pretty good video introduction to BLE.

Bluetooth MITM

Bluetooth can be intercepted with a couple of Bluetooth USB dongles and software such as GATTacker or BtleJuice, as detailed in Melamed, An active man-in-the-middle attack on bluetooth smart devices, 2018 and Melamed, Hack-a-ble: Hacking BLE Smart Devices, 2017. We can also use the Ubertooth One to intercept Bluetooth signals from your target.

SweynTooth

Some interesting new vulnerabilities were discovered in February 2020. More information here.

Ubertooth

The Ubertooth Project is an open-source platform used to experiment with Bluetooth. It can be used to capture and demodulate Bluetooth packets, and can be combined with packet analyzer tools such as Kismet or Wireshark.

The latest version is the Ubertooth One. The lab has two such devices that you can either try out at the lab or borrow for a project. The Ubertooth One is mainly used to sniff BLE, but can in some cases also be used with Bluetooth Classic.

Ubertooth One [1]

You can find the GitHub repository for the Ubertooth here. The repo also contains a wiki, which among other things holds the Build Guide, the FAQ, and a guide on how to use the Ubertooth One together with Wireshark.

References

[1] Ubertooth One. Great Scott Gadgets. https://greatscottgadgets.com/ubertoothone/. (Fetched 2021-06-03)


Division of Network and Systems Engineering | KTH