The Ubertooth One lets you take a bite out of Bluetooth


When you think about getting hacked, you mainly think of the basics: infrared, RFID, Wi-Fi, network security, door locks, etc. This is what people are usually worried about. But what about Bluetooth? What risks does it pose? And are there any tools in a DIY hacker’s arsenal to exploit it?

The Ubertooth One is a small, open-source USB device with an antenna powered by an ARM Cortex-M3 chip and a CC2400 wireless transceiver. Plug it into your computer’s USB port, and you can sniff and monitor Bluetooth signals from nearby devices. 

The Ubertooth itself is older technology, originally created by Michael Ossmann of Great Scott Gadgets back in 2011. There were Bluetooth monitoring devices before this, but they were mostly expensive and technical, like the Ellisys Bluetooth Explorer, which costs about as much as a used car. This version lets you do the same thing in a smaller, cheaper package — 125 bucks is a far, far easier pill to swallow! 

The Ubertooth One was the first affordable Bluetooth sniffer, and it was a game-changer in a lot of ways. You can configure it to snoop on Bluetooth Low Energy devices using Wireshark, Kismet, and various other software (including at least one program used by the government). But it does have some severe limitations about what it can do. It is primarily for targeting the newer BLE standard, which is still useful because most of the innovations in Bluetooth in the last few years have revolved around BLE rather than the Bluetooth Classic standard. It is not, however, particularly good at sniffing Bluetooth Classic, and so that limits the range of what it can do for older devices.

While the Ubertooth One is not going to be as useful as a commercial Bluetooth sniffer, there is still quite a bit you can do with it or a similar device. There are tons of BLE devices out there, and many people don’t think about Bluetooth as a vulnerability.

I won’t say you couldn’t. The project itself is mature, robust, and very well-documented for people that want to get out there and learn. Programs like Wireshark are actually fairly straightforward. But there are more intuitive devices than this one for a novice attempting to get into pentesting and hacking, and far easier places to start (like, say, the WiFi Nugget, for example, or even the Flipper Zero). And for a lot of people, an Android phone or a laptop with Kali Linux would get you pretty far.



Read original article here

Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More