Bluetooth sniff with Ubertooth

sensepost / snoopy-ng

Snoopy v2.0 - modular digital terrestrial tracking framework

Other

429 stars 128 forks source link

Bluetooth sniff with Ubertooth #33

Open keldnorman opened 9 years ago

keldnorman commented 9 years ago

How do one check if bluetooth sniffing is working ? I see no errors when starting Snoopy-ng with the bluetooth module but I also do not see any bluetooth data when working in Maltego ?

Regards Keld Norman

maximcherny commented 9 years ago

I'm pretty sure the current BT sniffing implementation uses basic "hcitool scan" whereas when using Ubertooth something like "ubertooth-scan" or a Python wrapper like pyubertooth should be used.

th36r1m commented 9 years ago

maximcherny is right. All you should have to do is edit includes/bluScan.py.

If it was me, I would also extend the snoopy.py bluetooth plugin to take an argument, such as "snoopy -m bluetooth:uber=true"

keldnorman commented 9 years ago

Ok good hint thanks

keldnorman commented 9 years ago

bluetooth data is logged:

root@probe1:~/Source/Snoopy/snoopy-ng# hcitool scan --info --class --flush Scanning ...

BD Address: 9C:D2:1E:--:--:-- [mode 1, clkoffset 0x6473] Device name: BRAVIA [cached] Device class: Audio/Video, Video Display and Loudspeaker (0x00043c)

And it is send to the database server where the log shows: [+] Sub-plugin wifi_aps currently observing 3 Access Points [+] Sub-plugin blutooth currently observing 1 client devices

But where in Maltego - in what transformation should it appear - do I need to make my own or is it in the included in the palette after importing the Snoopy categorys ?

/Keld Norman

glennzw commented 9 years ago

Correct - the Bluetooth plugin was a fairly quick PoC using hcitool. We should definitely re-write it to use proper libraries.

I'll add some transforms. At the moment data is stored inside snoopy.db:

sqlite3 snoopy.db SELECT * FROM bluetooth_details; SELECT * FROM bluetooth_obs;

Or use sqlitebrowser for a GUI tool.

keldnorman commented 9 years ago

How do I add the column's to the db on the server recieving the clients data ?

2015-05-03 17:22:04 D blutooth.py: Scanning for bluetooth devices 2015-05-03 17:22:07 D snoopy: Not syncing table 'bluetooth_details' - no 'sunc' column 2015-05-03 17:22:09 D snoopy: Not syncing table 'user_agents' - no 'sunc' column

keldnorman commented 8 years ago

Any plans for adding 'user_agents', 'bluetooth_details' etc to the sync function in this release ?