Ubertooth – Bluetooth Sniffing Updated for 2014!
Earlier I noticed this tweet on my twitter feed:
Ubertooth release: https://t.co/cCYHNf34Yc I know it’s been a long time coming, I promise not to leave it so long next time.
— Dominic Spill (@dominicgs) February 20, 2014
So I thought I would walk you through the update, which has improved Operating System support, improved Bluetooth Low Energy (BTLE) support, and GitHub integration to make community development easier….
Highlights
- Bluetooth Smart (Low Energy) Support
- Promiscuous and follow modes
- Pcap format packet logging
- Pairing / encryption support when paired with crackle
- Credit for BLE features goes to Mike Ryan
- Unified host tool for monitoring Basic Rate
- ubertooth-rx replaces -lap, -uap, -hop tools
- Once UAP is discovered, ubertooth-rx automatically tries to find clock values and begin hopping
- Thanks to Will Code for working on this
- Survey tool – ubertooth-scan
- Combining both Ubertooth and a standard Bluetooth dongle
- Ubertooth scans for non-discoverable master devices
- Dongle probes devices for piconet information and features
- Cmake now used for the build system
- Improves support for non-Linux operating systems
- More sensible handling of dependencies
- Packaging (Experimental)
- Early stage support for packaging systems
- libbtbb in Homebrew repository, Ubertooth coming soon
- MacPorts availability is under test
- Release already available in Pentoo
- GitHub migration
- libbtbb, Ubertooth and gr-bluetooth all hosted on GitHub
- Allows for more open development and collaboration model
- Already seeing an increase in issue reporting and pull requests
Installation
Gentoo/Pentoo
Libbtbb
git clone https://github.com/greatscottgadgets/libbtbb.git cd libbtbb mkdir build cd build cmake .. sudo make install
Ubertooth tools
git clone https://github.com/greatscottgadgets/ubertooth.git cd ubertooth/host mkdir build cd build cmake .. sudo make install
or if you want ubertooth-follow and ubertooth-scan – enable debug mode, by altering the last command to:
sudo make clock_debug=true install
OSX
Preparation
sudo port install libusb wget py-pyusb-devel cmake
Download
git clone https://github.com/greatscottgadgets/libbtbb.git git clone https://github.com/greatscottgadgets/ubertooth.git cd libbtbb mkdir build cd build cmake .. sudo make install cd ../.. cd ubertooth/host/ mkdir build cd build cmake ..
Now I have not got any appropriate bluetooth header files for OSX (Any hints?) so for now I have edited a CMakeLists.txt file, to remove ubertooth-follow and ubertooth-scan, the other binaries will install correctly.
nano ../ubertooth-tools/src/CMakeLists.txt
change line 59 from
LIST(APPEND TOOLS ubertooth-follow ubertooth-scan)
to
LIST(APPEND TOOLS )
Then continue installing ubertooth
sudo make install
Debian
PyUSB 1.0 is not yet available from the Debian, Ubuntu or Homebrew repositories, if you don’t already have it installed you will need to fetch and build it as follows:
wget https://github.com/walac/pyusb/archive/1.0.0b1.tar.gz -O pyusb-1.0.0b1.tar.gz tar xvf pyusb-1.0.0b1.tar.gz cd pyusb-1.0.0b1 sudo python setup.py install
Libbtbb
Next the Bluetooth baseband library (libbtbb) needs to be built for the Ubertooth tools to decode Bluetooth packets:
wget https://github.com/greatscottgadgets/libbtbb/archive/2014-02-R2.tar.gz -O libbtbb-2014-02-R2.tar.gz tar xf libbtbb-2014-02-R2.tar.gz cd libbtbb-2014-02-R2 mkdir build cd build cmake .. make sudo make install
Ubertooth Tools
The Ubertooth repository contains host code for sniffing Bluetooth packets, configuring the Ubertooth and updating firmware. All three are built and installed by default using the following method:
wget https://github.com/greatscottgadgets/ubertooth/archive/2014-02-R2.tar.gz -O ubertooth-2014-02-R2.tar.gz tar xf ubertooth-2014-02-R2.tar.gz cd ubertooth-2014-02-R2/host mkdir build cd build cmake .. make sudo make install
Ubertooth Tools-dev ++
If using the ubertooth-follow tool, the Bluetooth library headers are required and the tools need to be built with the “clock_debug” flag set:
sudo apt-get install libbluetooth-dev cd ubertooth-2014-02-R2/host/build make clock_debug=true sudo make clock_debug=true install
Other
Kismet
wget https://kismetwireless.net/code/kismet-2013-03-R1b.tar.xz tar xf kismet-2013-03-R1b.tar.xz cd kismet-2013-03-R1b ln -s ../ubertooth-2014-02-R2/host/kismet/plugin-ubertooth . ./configure make && make plugins sudo make suidinstall sudo make plugins-install Add "pcapbtbb" to the "logtypes=..." line in kismet.conf
Wireshark
Go back to the folder where you downloaded the libbtbb git repository
cd libbtbb cd wireshark/plugins
in turn visit each directory: btatt btbb btle bdsm
cd build cmake .. sudo make install cd ../..
Firmware Update 2014-02-R1
Backup Existing Firmware
$ sudo ubertooth-dfu --read ubertooth-one-bin-firmware-2012-10-R1.dfu ................................................................................................................................ Read complete
You may get the following message:
No DFU devices found - attempting to find Ubertooth devices 1) Found 'Ubertooth One' with address 0x1d50 0x6002 Select a device to flash (default:1, exit:0):
Select your device, to put your device in dfu-mode.
Then you may need to re-issue the command.
Note: If you performing this over a Virtual Machine, the Ubertooth in dfu mode has a different USB VID:PID, so you may need to reattach the dongle through the USB menu.
How To Flash 2014-02-R1 Firmware
First, grab the latest firmware from the Ubertooth release page. At the time of this writing, this is version 2014-02-R1.
You may then run the ubertooth-dfu command like so:
$ ubertooth-dfu --write ubertooth-one-bin-firmware.dfu Checking firmware signature ................................................................................................................................ Write complete
Press enter, and the device will automatically enter DFU mode and flash the firmware. When done, you can return it into regular operation mode by unplugging and replugging it, or running
ubertooth-dfu --detach
Check Which Version You are Running?
In non-DFU mode, you can obtain firmware information with ubertooth-util -v. The latest release (2014-02-R1) will appear like this:
$ ubertooth-util -v Firmware revision: git-4412704 $ ubertooth-util -V ubertooth 2014-02-R1 (dominicgs@mercury) Wed Jan 29 23:10:46 GMT 2014