Skip to content

Bluetooth Sniffing

Sniffing is the process of capturing data packets passing through a given network using different tools. Sniffing attack refers to the theft of data packets using a sniffer. Sniffer could be an application or a Hardware network analyzer.

Tools

Ubertooth One

The Ubertooth one is an open-source Bluetooth monitoring and testing device by GreatScottGadgets.

(Image source: tindie.com)

Wundertooth

Wundertooth is a remix of Ubertooth one. It enhances several capabilities, including the addition of a JTAG header and enclosure. The Wundertooth can be used by applying the same guide as Ubertooth one.

Use of third party tools

Once the data has been sniffed it is possible to use third party tools in combination with Ubertooth to obtain critical info. One of the most famous third party tools includes the tool ([crackle]https://lacklustre.net/projects/crackle/).

You can install with the command :

$ sudo apt install crackle

After the installation process, the following command can be issued to obtain the keys :

$ crackle -i capture.pcap -o result.pcap

Other frameworks and tools include : bettercap and gattool.

A detailed procedure for installation, setup, sniffing, wireshark capture, followed by the use of crackle and gattool can be found on the website : Bluetooth Sniffing with Ubertooth: A Step-by-step guide