Passive Bluetooth Monitoring in Scapy¶
| Date: | 2012-07-26 |
|---|---|
| Speaker: | Ryan Holeman |
| Slides: | http://hackgnar.com/article/slides-libraries-and-tutorials-my-defcon-and-black/ |
The Gist¶
- scapy-btbb - Open source Bluetooth scanner
- Bluetooth is a frequency-hopping protocol
BTBB¶
- BTBB = Bluetooth Baseband
- Everyday devices cannot acess the baseband
Address Parts¶
- NAP - Non-significant Address Parts
- UAP - Upper Address Parts
- LAP - Lower Address Parts
| NAP | UAP | LAP |
| AA:BB | CC | DD:EE:FF |
Tools¶
- BTBB hardware: Ubertooth
- Kismet plugin: dump BT to pcap!!
- libbtbb - Wireshark plugin
Goal¶
Get BTBB into Python
- btbb layer in Scapy
- load BT pcap into PcapReader
- read pcap files as they are written
- vendor/metadata support (resolution)
- Use iPython w/ iPython Notebook (!!)
- Pandas for graphing/plotting