Skip to content

Ubertooth – Bluetooth Sniffing Updated for 2014!

by on February 20, 2014

ubertooth-one-052-1024

Earlier I noticed this tweet on my twitter feed:

So I thought I would walk you through the update, which has improved Operating System support, improved Bluetooth Low Energy (BTLE) support, and GitHub integration to make community development easier….

Highlights

  • Bluetooth Smart (Low Energy) Support
    • Promiscuous and follow modes
    • Pcap format packet logging
    • Pairing / encryption support when paired with crackle
    • Credit for BLE features goes to Mike Ryan
  • Unified host tool for monitoring Basic Rate
    • ubertooth-rx replaces -lap, -uap, -hop tools
    • Once UAP is discovered, ubertooth-rx automatically tries to find clock values and begin hopping
    • Thanks to Will Code for working on this
  • Survey tool – ubertooth-scan
    • Combining both Ubertooth and a standard Bluetooth dongle
    • Ubertooth scans for non-discoverable master devices
    • Dongle probes devices for piconet information and features
  • Cmake now used for the build system
    • Improves support for non-Linux operating systems
    • More sensible handling of dependencies
  • Packaging (Experimental)
    • Early stage support for packaging systems
    • libbtbb in Homebrew repository, Ubertooth coming soon
    • MacPorts availability is under test
    • Release already available in Pentoo
  • GitHub migration
    • libbtbb, Ubertooth and gr-bluetooth all hosted on GitHub
    • Allows for more open development and collaboration model
    • Already seeing an increase in issue reporting and pull requests

Installation

Gentoo/Pentoo

Libbtbb

git clone https://github.com/greatscottgadgets/libbtbb.git
cd libbtbb
mkdir build
cd build
cmake ..
sudo make install

Ubertooth tools

git clone https://github.com/greatscottgadgets/ubertooth.git 
cd ubertooth/host
mkdir build
cd build 
cmake .. 
sudo make install

or if you want ubertooth-follow and ubertooth-scan – enable debug mode, by altering the last command to:

sudo make clock_debug=true install

OSX

Preparation

sudo port install libusb wget py-pyusb-devel cmake

Download

git clone https://github.com/greatscottgadgets/libbtbb.git
git clone https://github.com/greatscottgadgets/ubertooth.git

cd libbtbb
mkdir build
cd build
cmake ..
sudo make install
cd ../..
cd ubertooth/host/
mkdir build
cd build
cmake ..

Now I have not got any appropriate bluetooth header files for OSX (Any hints?) so for now I have edited a CMakeLists.txt file, to remove ubertooth-follow and ubertooth-scan, the other binaries will install correctly.

nano ../ubertooth-tools/src/CMakeLists.txt

change line 59 from

LIST(APPEND TOOLS ubertooth-follow ubertooth-scan)

to

LIST(APPEND TOOLS )

Then continue installing ubertooth

sudo make install

Debian

PyUSB 1.0 is not yet available from the Debian, Ubuntu or Homebrew repositories, if you don’t already have it installed you will need to fetch and build it as follows:

wget https://github.com/walac/pyusb/archive/1.0.0b1.tar.gz -O pyusb-1.0.0b1.tar.gz
tar xvf pyusb-1.0.0b1.tar.gz
cd pyusb-1.0.0b1
sudo python setup.py install

Libbtbb

Next the Bluetooth baseband library (libbtbb) needs to be built for the Ubertooth tools to decode Bluetooth packets:

wget https://github.com/greatscottgadgets/libbtbb/archive/2014-02-R2.tar.gz -O libbtbb-2014-02-R2.tar.gz
tar xf libbtbb-2014-02-R2.tar.gz
cd libbtbb-2014-02-R2
mkdir build
cd build
cmake ..
make
sudo make install

Ubertooth Tools

The Ubertooth repository contains host code for sniffing Bluetooth packets, configuring the Ubertooth and updating firmware. All three are built and installed by default using the following method:

wget https://github.com/greatscottgadgets/ubertooth/archive/2014-02-R2.tar.gz -O ubertooth-2014-02-R2.tar.gz
tar xf ubertooth-2014-02-R2.tar.gz
cd ubertooth-2014-02-R2/host
mkdir build
cd build
cmake ..
make
sudo make install

Ubertooth Tools-dev ++

If using the ubertooth-follow tool, the Bluetooth library headers are required and the tools need to be built with the “clock_debug” flag set:

sudo apt-get install libbluetooth-dev
cd ubertooth-2014-02-R2/host/build
make clock_debug=true
sudo make clock_debug=true install

Other

Kismet

wget https://kismetwireless.net/code/kismet-2013-03-R1b.tar.xz
tar xf kismet-2013-03-R1b.tar.xz
cd kismet-2013-03-R1b
ln -s ../ubertooth-2014-02-R2/host/kismet/plugin-ubertooth .
./configure
make && make plugins
sudo make suidinstall
sudo make plugins-install
Add "pcapbtbb" to the "logtypes=..." line in kismet.conf

Wireshark

Go back to the folder where you downloaded the libbtbb git repository

cd libbtbb
cd wireshark/plugins

in turn visit each directory: btatt btbb btle bdsm

cd build
cmake ..
sudo make install
cd ../..

Firmware Update 2014-02-R1

Backup Existing Firmware

$ sudo ubertooth-dfu --read ubertooth-one-bin-firmware-2012-10-R1.dfu
................................................................................................................................
Read complete

You may get the following message:

No DFU devices found - attempting to find Ubertooth devices

1) Found 'Ubertooth One' with address 0x1d50 0x6002

Select a device to flash (default:1, exit:0):

Select your device, to put your device in dfu-mode.
Then you may need to re-issue the command.

Note: If you performing this over a Virtual Machine, the Ubertooth in dfu mode has a different USB VID:PID, so you may need to reattach the dongle through the USB menu.

How To Flash 2014-02-R1 Firmware

First, grab the latest firmware from the Ubertooth release page. At the time of this writing, this is version 2014-02-R1.

You may then run the ubertooth-dfu command like so:

$ ubertooth-dfu --write ubertooth-one-bin-firmware.dfu 
Checking firmware signature
................................................................................................................................
Write complete

Press enter, and the device will automatically enter DFU mode and flash the firmware. When done, you can return it into regular operation mode by unplugging and replugging it, or running

ubertooth-dfu --detach

Check Which Version You are Running?

In non-DFU mode, you can obtain firmware information with ubertooth-util -v. The latest release (2014-02-R1) will appear like this:

$ ubertooth-util -v
Firmware revision: git-4412704
$ ubertooth-util -V
ubertooth 2014-02-R1 (dominicgs@mercury) Wed Jan 29 23:10:46 GMT 2014
4 Comments
  1. Newpid0 permalink

    I believe you have a typo in your instructions, other than that great article thanks.

    Line is: wget https://github.com/greatscottgadgets/libbtbb/archive/2014-02-R1.tar.gz -O libbtbb-2014-02-R2.tar.gz

    should be:
    wget https://github.com/greatscottgadgets/libbtbb/archive/2014-02-R2.tar.gz -O libbtbb-2014-02-R2.tar.gz

    • Your right! Thanks for spotting this and letting me know.

      Post updated 🙂

Trackbacks & Pingbacks

  1. Ubertooth – Open-Source Bluetooth Sniffing | Pentura Labs's Blog
  2. A little bitta Bluetooth | TechByTom

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: