For two different chipsets Ericsson and CSR codes exist that allows us to set new bluetooth address ,which makes spoofing possible.
we can examine chipset of our bluetooth dongle by runnning command
'hcidump -a'
Lets start digging into the code
##required libraries
##check if bluetooth adddress is passed as an arguement to this script or not and if not simply print usage and exit
##split the bluetooth address by colon into its bytes
##open the raw socket to the hci device with help of 'hci_open_dev()' method
##this is a cryptical vendor command ,here we are appending the new bluetooth address in the CSR-vendor comamnd
##change the command to hexadecimal else ASCII value of single chars get set
##Now finally we send the command via HCI to the firmware. and once we update the bluetooth address we must reset the chip ,as this can be simply done by unplugging dongle and plugging it again.
you can check the whole code in this repository bluetooth spoofing
Checkout some more hacking scripts
| SECURING SYSTEM | BLUETOOTH ATTACKS | STEALING AND SNIFFING ATTACKS | KALI LINUX HACKING COMMANDS CHEATSHEET | TROJAN AND BACKDOORS | DICTIONARY AND BURTEFORCING ATTACKS | MAN IN THE MIDDLE ATTACKS |
|---|---|---|---|---|---|---|
| 1. Sign & Verify message | 1. Bluetooth discovery | 1. Stealing saved wifi password from windows | 1. Hacking commands with Kali Linux | 1. Command and Control Trojan | 1. Dictionary Attack | 1. Man in Browser Attack |
| 2. SandBox Detection | 2. Bluetooth SDP browsing | 2. Sniffing packets | 2. Reverse shell in python | |||
| 3. TCP Proxy | 3. Bluetooth OBEX | 3. Email Credential sniffers | 3. Keylogger | |||
| 4. Bluetooth RCOMM channel scanner | 4. Screenshot with Python | |||||
| 5. Blue Bug Exploit | 5. Backdoor with Python | |||||
| 6. Blue Snarf Exploit | ||||||
| 7. Bluetooth spoofing | ||||||
| 8. Bluetooth sniffing |