There is no promisc mode for standard bluetooth firmwares. With tools such as hci dump we can only read our own traffic.
"hcidump -X -i hci0"
So to implement bluetooth sniffer we will use the bluetooth modules once again
Lets start digging into the code to sniff bluetooth packets.
##Required Libraries
##Method 'hci_open_dev(0)' opens a raw socket to the first HCI device.
##In socket object we will set the properity HCI_FILTER to be able to recieve all HCI events and packets type.
##now inside while loop we will read 3 bytes from socket
1. first byte represents the type of HCI packet
2. second is HCI byte
3. length of the packet
i.e. packet is dumped bytewise in hexedecimal unless type is a HCI_ACLDATA_PKT and if so we print the whole packet as ASCII string
you can find the whole code in the following repository Bluetooth Sniffer
Checkout some more hacking scripts
| SECURING SYSTEM | BLUETOOTH ATTACKS | STEALING AND SNIFFING ATTACKS | KALI LINUX HACKING COMMANDS CHEATSHEET | TROJAN AND BACKDOORS | DICTIONARY AND BURTEFORCING ATTACKS | MAN IN THE MIDDLE ATTACKS |
|---|---|---|---|---|---|---|
| 1. Sign & Verify message | 1. Bluetooth discovery | 1. Stealing saved wifi password from windows | 1. Hacking commands with Kali Linux | 1. Command and Control Trojan | 1. Dictionary Attack | 1. Man in Browser Attack |
| 2. SandBox Detection | 2. Bluetooth SDP browsing | 2. Sniffing packets | 2. Reverse shell in python | |||
| 3. TCP Proxy | 3. Bluetooth OBEX | 3. Email Credential sniffers | 3. Keylogger | |||
| 4. Bluetooth RCOMM channel scanner | 4. Screenshot with Python | |||||
| 5. Blue Bug Exploit | 5. Backdoor with Python | |||||
| 6. Blue Snarf Exploit | ||||||
| 7. Bluetooth spoofing | ||||||
| 8. Bluetooth sniffing |