Skip to content

Ubertooth – Bluetooth Sniffing Updated for 2014!

by on February 20, 2014


Earlier I noticed this tweet on my twitter feed:

So I thought I would walk you through the update, which has improved Operating System support, improved Bluetooth Low Energy (BTLE) support, and GitHub integration to make community development easier….


  • Bluetooth Smart (Low Energy) Support
    • Promiscuous and follow modes
    • Pcap format packet logging
    • Pairing / encryption support when paired with crackle
    • Credit for BLE features goes to Mike Ryan
  • Unified host tool for monitoring Basic Rate
    • ubertooth-rx replaces -lap, -uap, -hop tools
    • Once UAP is discovered, ubertooth-rx automatically tries to find clock values and begin hopping
    • Thanks to Will Code for working on this
  • Survey tool – ubertooth-scan
    • Combining both Ubertooth and a standard Bluetooth dongle
    • Ubertooth scans for non-discoverable master devices
    • Dongle probes devices for piconet information and features
  • Cmake now used for the build system
    • Improves support for non-Linux operating systems
    • More sensible handling of dependencies
  • Packaging (Experimental)
    • Early stage support for packaging systems
    • libbtbb in Homebrew repository, Ubertooth coming soon
    • MacPorts availability is under test
    • Release already available in Pentoo
  • GitHub migration
    • libbtbb, Ubertooth and gr-bluetooth all hosted on GitHub
    • Allows for more open development and collaboration model
    • Already seeing an increase in issue reporting and pull requests




git clone
cd libbtbb
mkdir build
cd build
cmake ..
sudo make install

Ubertooth tools

git clone 
cd ubertooth/host
mkdir build
cd build 
cmake .. 
sudo make install

or if you want ubertooth-follow and ubertooth-scan – enable debug mode, by altering the last command to:

sudo make clock_debug=true install



sudo port install libusb wget py-pyusb-devel cmake


git clone
git clone

cd libbtbb
mkdir build
cd build
cmake ..
sudo make install
cd ../..
cd ubertooth/host/
mkdir build
cd build
cmake ..

Now I have not got any appropriate bluetooth header files for OSX (Any hints?) so for now I have edited a CMakeLists.txt file, to remove ubertooth-follow and ubertooth-scan, the other binaries will install correctly.

nano ../ubertooth-tools/src/CMakeLists.txt

change line 59 from

LIST(APPEND TOOLS ubertooth-follow ubertooth-scan)



Then continue installing ubertooth

sudo make install


PyUSB 1.0 is not yet available from the Debian, Ubuntu or Homebrew repositories, if you don’t already have it installed you will need to fetch and build it as follows:

wget -O pyusb-1.0.0b1.tar.gz
tar xvf pyusb-1.0.0b1.tar.gz
cd pyusb-1.0.0b1
sudo python install


Next the Bluetooth baseband library (libbtbb) needs to be built for the Ubertooth tools to decode Bluetooth packets:

wget -O libbtbb-2014-02-R2.tar.gz
tar xf libbtbb-2014-02-R2.tar.gz
cd libbtbb-2014-02-R2
mkdir build
cd build
cmake ..
sudo make install

Ubertooth Tools

The Ubertooth repository contains host code for sniffing Bluetooth packets, configuring the Ubertooth and updating firmware. All three are built and installed by default using the following method:

wget -O ubertooth-2014-02-R2.tar.gz
tar xf ubertooth-2014-02-R2.tar.gz
cd ubertooth-2014-02-R2/host
mkdir build
cd build
cmake ..
sudo make install

Ubertooth Tools-dev ++

If using the ubertooth-follow tool, the Bluetooth library headers are required and the tools need to be built with the “clock_debug” flag set:

sudo apt-get install libbluetooth-dev
cd ubertooth-2014-02-R2/host/build
make clock_debug=true
sudo make clock_debug=true install



tar xf kismet-2013-03-R1b.tar.xz
cd kismet-2013-03-R1b
ln -s ../ubertooth-2014-02-R2/host/kismet/plugin-ubertooth .
make && make plugins
sudo make suidinstall
sudo make plugins-install
Add "pcapbtbb" to the "logtypes=..." line in kismet.conf


Go back to the folder where you downloaded the libbtbb git repository

cd libbtbb
cd wireshark/plugins

in turn visit each directory: btatt btbb btle bdsm

cd build
cmake ..
sudo make install
cd ../..

Firmware Update 2014-02-R1

Backup Existing Firmware

$ sudo ubertooth-dfu --read ubertooth-one-bin-firmware-2012-10-R1.dfu
Read complete

You may get the following message:

No DFU devices found - attempting to find Ubertooth devices

1) Found 'Ubertooth One' with address 0x1d50 0x6002

Select a device to flash (default:1, exit:0):

Select your device, to put your device in dfu-mode.
Then you may need to re-issue the command.

Note: If you performing this over a Virtual Machine, the Ubertooth in dfu mode has a different USB VID:PID, so you may need to reattach the dongle through the USB menu.

How To Flash 2014-02-R1 Firmware

First, grab the latest firmware from the Ubertooth release page. At the time of this writing, this is version 2014-02-R1.

You may then run the ubertooth-dfu command like so:

$ ubertooth-dfu --write ubertooth-one-bin-firmware.dfu 
Checking firmware signature
Write complete

Press enter, and the device will automatically enter DFU mode and flash the firmware. When done, you can return it into regular operation mode by unplugging and replugging it, or running

ubertooth-dfu --detach

Check Which Version You are Running?

In non-DFU mode, you can obtain firmware information with ubertooth-util -v. The latest release (2014-02-R1) will appear like this:

$ ubertooth-util -v
Firmware revision: git-4412704
$ ubertooth-util -V
ubertooth 2014-02-R1 (dominicgs@mercury) Wed Jan 29 23:10:46 GMT 2014
  1. Newpid0 permalink

    I believe you have a typo in your instructions, other than that great article thanks.

    Line is: wget -O libbtbb-2014-02-R2.tar.gz

    should be:
    wget -O libbtbb-2014-02-R2.tar.gz

    • Your right! Thanks for spotting this and letting me know.

      Post updated 🙂

Trackbacks & Pingbacks

  1. Ubertooth – Open-Source Bluetooth Sniffing | Pentura Labs's Blog
  2. A little bitta Bluetooth | TechByTom

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: