Packages and Binaries:
libubertooth-dev
Project Ubertooth is an open source wireless development platform suitable for Bluetooth experimentation. Ubertooth ships with a capable BLE (Bluetooth Smart) sniffer and can sniff some data from Basic Rate (BR) Bluetooth Classic connections.
This package provides the development files for using the ubertooth library.
Installed size: 52 KB
How to install: sudo apt install libubertooth-dev
Dependencies:
- libbluetooth-dev
- libbtbb-dev
- libpcap-dev
- libubertooth1
- libusb-1.0-0-dev
libubertooth1
Project Ubertooth is an open source wireless development platform suitable for Bluetooth experimentation. Ubertooth ships with a capable BLE (Bluetooth Smart) sniffer and can sniff some data from Basic Rate (BR) Bluetooth Classic connections.
This package provides the shared library needed by Ubertooth.
Installed size: 87 KB
How to install: sudo apt install libubertooth1
Dependencies:
- libbtbb1
- libc6
- libusb-1.0-0
ubertooth
Project Ubertooth is an open source wireless development platform suitable for Bluetooth experimentation. This package contains everything necessary to use the hardware dongle.
Ubertooth is capable of sniffing BLE (Bluetooth Smart) connections and it also has some ability to sniff some data from Basic Rate (BR) Bluetooth Classic connections.
In addition to the Bluetooth specific capabilities, there is also a simple spectrum analyzer for the 2.4 GHz band included (ubertooth-specan-ui) which can be used to also observe other things in this frequency band.
Installed size: 336 KB
How to install: sudo apt install ubertooth
Dependencies:
- libbluetooth3
- libbtbb1
- libc6
- libubertooth1
- libusb-1.0-0
- python3
- python3-numpy
ubertooth-afh
Passive detection of AFH channel map
root@kali:~# ubertooth-afh -h
ubertooth-afh - passive detection of the AFH channel map
Determine the AFH map for piconet ??:??:22:44:66:88:
ubertooth-afh -u 22 -l 446688
Main options:
-l <LAP> LAP of target piconet (3 bytes / 6 hex digits)
-u <UAP> UAP of target piconet (1 byte / 2 hex digits)
-m <int> threshold for channel removal (default: 5)
-r print AFH channel map once every second (default: print on update)
Other options
-t <seconds> timeout for initial AFH map detection (not required)
-e maximum access code errors (default: 2, range: 0-4)
-V print version information
-U <0-7> set ubertooth device to use
ubertooth-btbr
ubertooth-btle
Bluetooth Low Energy (BLE) sniffing and more
root@kali:~# ubertooth-btle -h
ubertooth-btle - passive Bluetooth Low Energy monitoring
Usage:
-h this help
Major modes:
-f follow connections
-n don't follow, only print advertisements
-p promiscuous: sniff active connections
-a[address] get/set access address (example: -a8e89bed6)
-s<address> faux slave mode, using MAC addr (example: -s22:44:66:88:aa:cc)
-t<address> set connection following target (example: -t22:44:66:88:aa:cc/48)
-tnone unset connection following target
Interference (use with -f or -p):
-i interfere with one connection and return to idle
-I interfere continuously
Data source:
-U<0-7> set ubertooth device to use
Misc:
-r<filename> capture packets to PCAPNG file
-q<filename> capture packets to PCAP file (DLT_BLUETOOTH_LE_LL_WITH_PHDR)
-c<filename> capture packets to PCAP file (DLT_PPI + DLT_BLUETOOTH_LE_LL)
-A<index> advertising channel index (default 37)
-v[01] verify CRC mode, get status or enable/disable
-x<n> allow n access address offenses (default 32)
If an input file is not specified, an Ubertooth device is used for live capture.
In get/set mode no capture occurs.
ubertooth-debug
Classic Bluetooth discovery, sniffing, and decoding
root@kali:~# ubertooth-debug -h
ubertooth-debug - command line utility for debugging Ubertooth One
Usage:
-h this message
-r <reg>[,<reg>[,...]] read the contents of CC2400 register(s)
-r <start>-<end> read a consecutive set of CC2400 register(s)
-U<0-7> set ubertooth device to use
-v<0-2> verbosity (default=1)
ubertooth-dfu
Device firmware update for Ubertooth
root@kali:~# ubertooth-dfu -h
ubertooth-dfu - Ubertooth firmware update tool
To update firmware, run:
ubertooth-dfu -d bluetooth_rxtx.dfu -r
Usage:
-u <filename> upload - read firmware from device
-d <filename> download - write DFU file to device
-r reset Ubertooth after other operations complete
Miscellaneous:
-s <filename> add DFU suffix to binary firmware file
-U <0-7> set ubertooth device to use
ubertooth-ducky
root@kali:~# ubertooth-ducky -h
ubertooth-ducky - make an Uberducky quack like a USB Rubber Ducky
Usage:
-q [uuid] quack!
-b signal Uberducky to enter bootloader
-A <index> advertising channel index (default: 38)
-a <BD ADDR> Bluetooth address (default: random)
-h this help
For more information on Uberducky, visit:
https://github.com/mikeryan/uberducky
ubertooth-dump
Output a continuous stream of received bits
root@kali:~# ubertooth-dump -h
ubertooth-dump - output a continuous stream of received bits
Usage:
-h this help
-b only dump received bitstream (GnuRadio style)
-c classic modulation
-l LE modulation
-U<0-7> set ubertooth device to use
-d filename
This program sends binary data to stdout. You probably don't want to
run it from a terminal without redirecting the output.
ubertooth-ego
Yuneec E-GO skateboard sniffing
root@kali:~# ubertooth-ego -h
ubertooth-ego - Yuneec E-GO skateboard sniffing
Usage:
-h this help
Major modes:
-f follow connections
-r continuous rx on a single channel
-i interfere
Options:
-c <2402-2480> set channel in MHz (for continuous rx)
-l <1-48> capture length (default: 18)
-a <access_code> access code (default: 630f9ffe)
ubertooth-follow
CLK discovery and follow for a particular UAP/LAP
root@kali:~# ubertooth-follow -h
ubertooth-follow - active(bluez) CLK discovery and follow for a particular UAP/LAP
Usage:
-h this help
-l<LAP> (in hexadecimal)
-u<UAP> (in hexadecimal)
-U<0-7> set ubertooth device to use
-r<filename> capture packets to PCAPNG file
-q<filename> capture packets to PCAP file
-e max_ac_errors
-d filename
-a Enable AFH
-b Bluetooth device (hci0)
-w USB delay in 625us timeslots (default:5)
LAP and UAP are both required, if not given they are read from the local device, in some cases this may give the incorrect address.
ubertooth-rx
Classic Bluetooth discovery, sniffing, and decoding
root@kali:~# ubertooth-rx -h
ubertooth-rx - passive Classic Bluetooth discovery/decode
Example usage:
ubertooth-rx -- sniff for all LAPs
ubertooth-rx -l <lap> -- calculate UAP for a given LAP
ubertooth-rx -l <lap> -u <uap> -- calculate clock and follow piconet
ubertooth-rx -z -t 20 -- survey mode: discover all LAPs+UAPs for 20 seconds
Major modes:
-l <LAP> to decode (6 hex) - if not specified sniff all LAPs
-u <UAP> to decode (2 hex) - if not specified calculate UAP (requires LAP)
-z Survey mode - discover and list piconets (implies -s, interrupt with ctrl-C)
-i <filename> input file - if not specified use Ubertooth for live capture
Configuration:
-c <BT Channel> set a fixed bluetooth channel [Default: 39]
-e max_ac_errors (default: 2, range: 0-4)
-t <SECONDS> sniff timeout - 0 means no timeout [Default: 0]
Output options:
-r<filename> capture packets to PcapNG file
-q<filename> capture packets to PCAP file
-d<filename> dump packets to binary file
Miscellaneous:
-V print version information
-U <0-7> set ubertooth device to use
ubertooth-scan
Scan frequency band active (Bluez) device scan and inquiry supported by Ubertooth
root@kali:~# ubertooth-scan -h
ubertooth-scan - active(Bluez) device scan and inquiry supported by Ubertooth
This tool uses a normal Bluetooth dongle to perform Inquiry Scans and
Extended Inquiry scans of Bluetooth devices. It uses Ubertooth to
discover undiscoverable devices and can use BlueZ to scan for
discoverable devices.
Usage:
ubertooth-scan
Use Ubertooth to discover devices and perform Inquiry Scan.
ubertooth-scan -s -x
Use BlueZ and Ubertooth to discover devices and perform Inquiry Scan
and Extended Inquiry Scan.
Options:
-s hci Scan - use BlueZ to scan for discoverable devices
-x eXtended scan - retrieve additional information about target devices
-t scan Time (seconds) - length of time to sniff packets. [Default: 20s]
-e max_ac_errors (default: 2, range: 0-4)
-b Bluetooth device (hci0)
-U<0-7> set Ubertooth device to use
ubertooth-specan
A spectrum analyzer for Ubertooth
root@kali:~# ubertooth-specan -h
ubertooth-specan - output a continuous stream of signal strengths
!!!!!
NOTE: you probably want ubertooth-specan-ui
!!!!!
Usage:
-h this help
-v verbose (print debug information to stderr)
-g output suitable for feedgnuplot
-G output suitable for 3D feedgnuplot
-d <filename> output to file
-l lower frequency (default 2402)
-u upper frequency (default 2480)
-U<0-7> set ubertooth device to use
ubertooth-specan-ui
Spectrum analyzer for the 2.4 GHz ISM band
root@kali:~# man ubertooth-specan-ui
UBERTOOTH-SPECAN-UI(1) UBERTOOTH-SPECAN-UI(1)
NAME
ubertooth-specan-ui - spectrum analyzer for the 2.4 GHz ISM band
SYNOPSIS
ubertooth-specan-ui
DESCRIPTION
This shows a GUI window with a spectrum analyzer for the 2.4 GHz band.
It is very useful to see at what frequencies there are signals.
OPTIONS
There are no command line options.
SEE ALSO
ubertooth-specan(1)
AUTHOR
This manual page was written by Ruben Undheim <[email protected]>
for the Debian project (and may be used by others).
12 December 2022 UBERTOOTH-SPECAN-UI(1)
ubertooth-util
General purpose Ubertooth utility
root@kali:~# ubertooth-util -h
ubertooth-util - command line utility for Ubertooth Zero and Ubertooth One
Common options:
-v get firmware revision number
-V get compile info
-I identify ubertooth device by flashing all LEDs
-d[0-1] get/set all LEDs
-l[0-1] get/set USR LED
-S stop current operation
-r full reset
-U<0-7> set ubertooth device to use
-N print total number of Uberteeth and exit
Radio options:
-a[0-7] get/set power amplifier level
-c[2400-2483] get/set channel in MHz
-C[0-78] get/set channel
-q[1-225 (RSSI threshold)] start LED spectrum analyzer
-t intitiate continuous transmit test
-z set squelch level
Range test:
-e start repeater mode
-m display range test result
-n initiate range test
Miscellaneous:
-f activate flash programming (DFU) mode
-i activate In-System Programming (ISP) mode
-b get hardware board id number
-p get microcontroller Part ID
-s get microcontroller serial number
-x xmas lights
ubertooth-firmware
The Ubertooth hardware needs some firmware to run. The firmware is built with arm-none-eabi-gcc. This package contains a number of firmware images that may be programmed into the Ubertooth hardware using the ‘ubertooth-dfu’ command.
The firmware images are installed in /usr/share/ubertooth/firmware/
Installed size: 89 KB
How to install: sudo apt install ubertooth-firmware
ubertooth-firmware-source
The Ubertooth hardware needs some firmware to run. The firmware is built with arm-none-eabi-gcc. This package contains the source code for the firmware that is found in the ubertooth-firmware package.
The firmware source may be found in /usr/src/ubertooth-firmware-source.tar.gz after installing this package.
Installed size: 251 KB
How to install: sudo apt install ubertooth-firmware-source
Dependencies:
- libubertooth-dev
- ubertooth
Updated on: 2024-May-23