Kickstarter is a crowd funding web site that holds a variety of projects in arts, comics, gaming, film & video, etc. On the technological part i want to make a special mention to one, Michael Ossmann’s Ubertooth Project. Basically is an spectrum analyzer and development tool but with a few advantages like bluetooth sniffing… and in advanced options you can inject packets.
As fancy as it could be, there are a few drawbacks seeking the right version of linux that works following old guides. I made this guide because was painful for me to follow some tutorials on the web. By basically probe a variety of options of Linux (BackTrack 5 R3 and others) i finally could put the things on the way using Ubuntu 12.04 (Precise Pangolin),
Finally i have to say if you follow completely the build guide of the project ubertooth using Ubuntu you will get the same results as i had.
There is a pair of tricky actions to follow if you want to make the kismet ubertooth plugin compiled, but its just a little work of reading, nothing more.
I installed a VirtualBox Machine downloading Ubuntu 12.04 from this link.
OK, lets start!
First download the prerequisites that Ubuntu needs
sudo apt-get install libusb-1.0-0-dev make gcc pyside-tools python-numpy
Now we need PyUSB to be downloaded from the repositories for add python access to USB ports, uncompress on the root folder, navigate to the new folder and compile/install python USB support files.
wget http://sourceforge.net/projects/pyusb/files/PyUSB%201.0/1.0.0-alpha-3/pyusb-1.0.0a3.tar.gz/download -O pyusb-1.0.0a3.tar.gz tar xvf pyusb-1.0.0a3.tar.gz cd pyusb-1.0.0a3 sudo python setup.py install
Next thing to follow is to install bluetooth base band libraries or libbtbb, are common files needed for the ubertooth to decode bluetooth packets:
wget http://sourceforge.net/projects/libbtbb/files/libbtbb-2012-10-R3.tar.xz/download -O libbtbb-2012-10-R3.tar.xz tar xf libbtbb-2012-10-R3.tar.xz cd libbtbb-2012-10-R3 make sudo make install
Next step is to install ubertooth tools, basically there are all the ubertooth basic functionality for spectrum analyzing, bluetooth sniffing and firmware updates. There is also inside a plugin for a linux program that we will install later.
wget http://sourceforge.net/projects/ubertooth/files/ubertooth-2012-10-R1.tar.xz/download -O ubertooth-2012-10-R1.tar.xz tar xf ubertooth-2012-10-R1.tar.xz cd ubertooth-2012-10-R1/host make sudo make install
Follow the next steps if you need to install ubertooth-follow tool.
sudo apt-get install libbluetooth-dev cd ubertooth-2012-10-R1/host make clock_debug=true sudo make clock_debug=true install
Before install kismet, we first need to inspect if all our software is ready to use. Now we will test the basic functionality of Ubertooth (Spectrum Analyzing).
- Connect the ubertooth one to your USB port
- If you are using a virtual machine, enable it on the Devices/Usb Ports and seek the ubertooth one
- When you finally select the ubertooth one, you must se three LEDs up. Two green LEDs (RST and 1.8V) when you plugged the Ubertooth on your host machine and the red LED (USB LED) that indicates Ubertooth can communicate via USB port.
Now launch the ubertooth spectrum analyzer navigating between the ubertooth tools to the specan_ui folder and launch it:
There is a youtube video of spectrum analyzer running:
That completes the first part of the installation of bluetooth basic tools. Inside the ubertooth tools folder, bluetooth_rxtx there are a few interesting tools like ubertooth-lap that handles the discover of low address part of bluetooth devices when transmiting data, you could inspect this folder or follow up the ubertooth project page about other installed tools.
Now there is the tricky part, kismet!. Kismet is a wireless detector to make sniffing and intrussion analysis via the 2.4GHz network in wifi a/b/g/n. We first install kismet on Ubuntu with its default options and then install the ubertooth plugin that will make us capture bluetooth packets for futur analysis. Use the commands below to install kismet
sudo apt-get install libpcap0.8-dev libcap-dev pkg-config \ build-essential libnl-dev libncurses-dev libpcre3-dev \ libpcap-dev libcap-dev wget http://www.kismetwireless.net/code/kismet-2011-03-R2.tar.gz tar xf kismet-2011-03-R2.tar.gz sudo mv kismet-2011-03-R2 /usr/src/kismet ln -s ../ubertooth-2012-10-R1/host/kismet/plugin-ubertooth /usr/src/kismet cd /usr/src/kismet sudo ./configure sudo make && sudo make plugins sudo make suidinstall sudo make plugins-install
The final step of the kismet install is to link in a file named kismet.conf located in /usr/local/etc the file extension of kismet capture files, the extension to add is pcapbtbb. For this:
- Navigate to the folder /usr/local/etc
- Open “kismet.conf” file
- Find logtypes line
- Add to the final line “,pcapbtbb” to permit kismet log bluetooth files for future analyzing
- Verify if it was added using “grep logtypes kismet.conf”
Now we need to compile and install the kismet plugin to enable kismet capture bluetooth packets following up these steps:
cd ubertooth-2012-10-R1/host/kismet/plugin-ubertooth KIS_SRC_DIR=/usr/src/kismet make sudo KIS_SRC_DIR=/usr/src/kismet make install
Now that kismet plugin is installed, we can now launch kismet and configure ubertooth plugin down the windows. For that purpose do the steps below:
- Start kismet: sudo kismet
- Say Yes to display default colors
- Confirm that you are running as root, press OK
- When prompted again, say Yes to start kismet services
- Press Enter to start the server
- Close the console window because is only information
- When prompted to add an interface to kismet saye Yes to add ubertooth interface
- When add source window opens, put on “Intf” the word “ubertooth” and in “Name” again “ubertooth” and click Add
- Go to the tool bar and go to Kismet/Plugins/Select Plugin…
- Use arrows to navigate up to “ubertooth_ui.so” and click the spacebar to enable ubertooth, then click close
- Close the window and verify that ubertooth is up
- Enable a bluetooth device discovery mode / scan, be patient and wait a few seconds, you will see captured packets
- When you finish your capture close kismet killing the server when prompted
- If you view your working directory, kismet would log the pcapbtbb and other files, we are interested on pcapbtbb for future analyzing with wireshark and the ubertooth plugin for wireshark
Now we will install wireshark with wireshark bluetooth baseband plugin for the file captured by kismet to be analyzed.
sudo apt-get install wireshark wireshark-dev \ libwireshark1 libwireshark-dev cmake cd libbtbb-2012-10-R3/wireshark/plugins/btbb cmake -DCMAKE_INSTALL_LIBDIR=/usr/lib/wireshark/libwireshark1/plugins . make sudo make install
Now, and finally we can open pcapbtbb files. Run wireshark, open the pcapbtbb file, and see all packets sniffed for your bluetooth network.
Hope you like this guide, have a happy sniffing!