1 Attachment(s)
Installing the Ubertooth One on BT5
For those who haven't heard, Ubertooth one is an open-source, relatively inexpensive (~110USD) hardware platform for bluetooth packet capture and experimentation. This how-to will give a basic rundown on how to install and capture/analyze packets with the latest source (r238).
Topics covered include:
• Installing Ubertooth dependencies/source
• Building/testing Kismet plugin
• Installing Wireshark plugin
The first step is to setup the pyside repository to access precompiled binaries.
Code:
apt-get install python-software-properties
add-apt-repository ppa:pyside
apt-get update
- Download pre-compiled binary dependencies
Code:
apt-get install libnl-dev libusb-1.0-0-dev pyside-tools
- Compile and install PyUSB extension
Code:
wget http://downloads.sourceforge.net/project/pyusb/PyUSB%201.0/1.0.0-alpha-1/pyusb-1.0.0-a1.tar.gz
tar xvf pyusb-1.0.0-a1.tar.gz
cd pyusb-1.0.0-a1
python setup.py install
- Compile and Install libbtbb
Code:
wget http://downloads.sourceforge.net/project/libbtbb/libbtbb.0.5.tgz
tar xvf libbtb.0.5.tgz
cd libbtbb
make
make install
- Download and extract r238 of Ubertooth source
Code:
wget http://downloads.sourceforge.net/project/ubertooth/ubertooth-r238.tar.gz
tar xvf ubertooth-r238.tar.gz
With all of the dependencies installed, everything should be good to go in order to run the basic functionality of the Ubertooth adapter. A good test is to run the include spectrum analyzer:
Code:
cd ubertooth-r238/host/specan_ui
python specan_ui.py
You should see a window pop up with a nifty view of your local 2.4ghz spectrum.
**Capturing Bluetooth Packets**
- Reset ubertooth by unplugging and plugging it back in
- Test packet capture by compiling and running the following
Code:
cd ../bluetooth_rxtx
make
./ubertooth-lap
While this provides basic info about the packets flowing over the air, much more detail is provided via the Kismet plugin.
- Prep kismet source in a new terminal
Code:
tar xvf kismet-2011-03-R2.tar.gz -C /usr/src/
mv /usr/src/kismet-2011-03-R2/ /usr/src/kismet
cd /usr/src/kismet
./configure
- Compile ubertooth kismet plugin
Code:
cd ../kismet/plugin-ubertooth
wget http://www.kismetwireless.net/code/kismet-2011-03-R2.tar.gz
make
make install
- Add 'pcapbtbb' to the logtypes= line in /usr/local/etc/kismet.conf
- Run kismet with source and name as ubertooth
- Enable the ubertooth plugin via Kismet -> Plugins -> Select Plugin
Kismet will run like normal, using the Ubertooth to capture bluetooth packets and logging them to a capture file. In order to visualize this capture easily, libbtbb include the source code to build a Wireshark plugin.
You can either compile the plugin using the Wireshark source following instructions in doc/README.plugins. However, it is quite a process. Or you can just put the attached precompiled binaries for the 32 bit version of BT5 (btbb.la / btbb.so) in '/usr/local/lib/wireshark/plugins/1.4.6' and off you go. You can now simply open the appropriate Kismet capture file in Wireshark.
Hope this helps inspire someone to do some bluetooth hacking!
Attachment 691
Re: Installing the Ubertooth One on BT5
Thanks for this! I was working on doing the same thing to test out my new device to make sure the hardware was working properly. Thankfully the hardware seems to be fully functional. Now just need to spend some time with the code and see what kinds of other things we can do with this.
Your instructions worked well - Kind of obvious, but I would add the download of the kismet source to the "prep of the Kismet source" just to make it completely idiot-friendly.
Re: Installing the Ubertooth One on BT5
Thanks for this write-up! I was working on the same thing to test to make sure my new hardware was functional. I followed your steps and was able to confirm it is working.
Now I need to dig into the code and see what else we can do with this hardware!
Re: Installing the Ubertooth One on BT5
Great tutorial. I'll add that if you're doing this in Virtualbox or VMware you'll probably run into libusb errors. However, running Backtrack on the host machine I have no problems getting the Ubertooth One up and running.
I'll post a follow-up if I figure out how to get the Ubertooth One functioning in a VM.
Full disclosure: My company sells the Ubertooth One. http://hakshop.com
Re: Installing the Ubertooth One on BT5
Quote:
Originally Posted by
HarvestGardener
- Compile and Install libbtbb
Code:
wget http://downloads.sourceforge.net/project/libbtbb/libbtbb.0.5.tgz
tar xvf libbtb.0.5.tgz
cd libbtbb
make
make install
Typo:
-tar xvf libbtbb.0.5.tgz
+tar xvf libbtbb.0.5.tgz
Will this work in Virtual box?
getting USBErrot Unknown error
Re: Installing the Ubertooth One on BT5
Thank you very much for this! I have got everything working except for that darn spectrum analyzer for some reason. I will run through your process tomorrow. I think I am just missing one dependency.
Re: Installing the Ubertooth One on BT5
How to compile the libbtbb plugin for Wireshark on BT5 (should work on other linux flavors as well)
Download and uncompress Wireshark source
Code:
wget http://www.wireshark.org/download/src/wireshark-1.4.6.tar.bz2
tar xvf wireshark-1.4.6.tar.bz2
Copy the btbb folder from 'libbtbb/wireshark/plugins/' to 'wireshark-1.4.6/plugins/'
Now we need to make several changes to make/config files in the Wireshark source code so that libbybb is compiled along with the rest of the code.
The following files need to be edited:
wireshark-1.4.6/plugins/Makefile.am
wireshark-1.4.6/plugins/Makefile.nmake
wireshark-1.4.6/Makefile.am
wireshark-1.4.6/Configure.in
wireshark-1.4.6/CMakeLists.txt
wireshark-1.4.6/epan/Makefile.am
wireshark-1.4.6/packaging/nsis/Makefile.nmake
wireshark-1.4.6/packaging/nsis/wireshark.nsi
* Changes to 'wireshark-1.4.6/plugins/Makefile.am'
At around line 25:
Code:
SUBDIRS = $(_CUSTOM_SUBDIRS_) \
asn1 \
btbb \ <--- Add this line
docsis \
* Changes to 'wireshark-1.4.6/plugins/Makefile.nmake'
At around line 9:
[code]
PLUGIN_LIST = \
asn1 \
btbb \ <--- Add this line
docsis \
...
[code]
* Changes to 'wireshark-1.4.6/Makefile.am'
At around line 264:
Code:
if HAVE_PLUGINS
-include plugins/Custom.make
plugin_ldadd = $(_CUSTOM_plugin_ldadd_) \
-dlopen plugins/asn1/asn1.la \
-dlopen plugins/btbb/btbb.la \ <--- Add this line
-dlopen plugins/docsis/docsis.la \
...
* Changes to 'wireshark-1.4.6/Configure.in'
At around line 1883:
Code:
AC_OUTPUT(
...
plugins/asn1/Makefile
plugins/btbb/Makefile <--- Add this line
plugins/docsis/Makefile
...
* Changes to 'wireshark-1.4.6/CMakeLists.txt'
At around line 353:
Code:
if(ENABLE_PLUGINS)
set(HAVE_PLUGINS 1)
set(PLUGIN_DIR="${DATAFILE_DIR}/plugins/${CPACK_PACKAGE_VERSION}")
set(PLUGIN_SRC_DIRS
plugins/asn1
plugins/btbb <--- Add this line
plugins/docsis
...
* Changes to 'wireshark-1.4.6/epan/Makefile.am'
At around line 190:
Code:
plugin_src = \
../plugins/asn1/packet-asn1.c \
../plugins/btbb/packet-btbb.c \ <--- Add this line
../plugins/btbb/packet-btlmp.c \ <--- Add this line
../plugins/docsis/packet-bintrngreq.c \
...
* Changes to 'wireshark-1.4.6/packaging/nsis/Makefile.nmake'
At around line 47:
Code:
PLUGINS= \
../../plugins/asn1/asn1.dll \
../../plugins/btbb/btbb.dll \ <--- Add this line
../../plugins/docsis/docsis.dll \
...
* Changes to 'wireshark-1.4.6/packaging/nsis/wireshark.nsi'
At around line 878:
Code:
Section "Dissector Plugins" SecPlugins
;-------------------------------------------
SetOutPath '$INSTDIR\plugins\${VERSION}'
File "..\..\plugins\asn1\asn1.dll"
File "..\..\plugins\btbb\btbb.dll" <--- Add this line
File "..\..\plugins\docsis\docsis.dll"
...
Now that you have done all the hard work, you can capture it into a patch file so that if you ever need to do it again, it's a much simpler process
Code:
mv wireshark-1.4.6 wireshark.new
tar xvf wireshark-1.4.6.tar.bz2
diff -rupN wireshark-1.4.6/ wireshark.new/ > btbb.patch
The above command will make a patch file of the differences between the original Wireshark source and your new modifications. It is important to note that it will also take into account the libbtbb files you copied in to the plugin folder. To get just the changes you made to the configuration/make files, just temporarily move the btbb folder somewhere else, then execute the diff command.
You can test the patch by moving it into the top-level of the clean Wireshark source directory and run:
[code]
patch -p1 < btbb.patch
[/quote]
If everything was successful you should see the exact same modifications as you made above.
Now we are ready to compile the Wireshark source along with the libbtbb plugin.
In order to compile Wireshark, you need the following dependencies. Some may be present on your system, but the below command references all of the requirements (beyond typical compile tools)
Code:
apt-get install autoconf libgtk2.0-dev libglib2.0-dev libgeoip-dev libpcre3-dev libpcap0.8-dev libtool byacc flex subversion
Compiling is a straightforward process but takes a bit of time. Simply move to the top level folder of your patched source and execute:
Code:
./autogen.sh
./configure
make
make install
Once that process is complete you should be able to run Wireshark and see 'btbb.so' listed under Help -> About -> Plugins.
If you want to save the binary or move it off to another platform, just look under Help -> About -> Folders -> Global Plugins to see where they are stored. You will need both btbb.so and btbb.la.
If everything worked, that's it. You are now able to decode bluetooth packets with btbb.
-----------------------------------------------------------
Here is the patch file for the current revision of libbtbb:
Code:
diff -rupN wireshark-1.4.6/CMakeLists.txt wireshark.new/CMakeLists.txt
--- wireshark-1.4.6/CMakeLists.txt 2011-04-18 14:43:07.000000000 -0400
+++ wireshark.new/CMakeLists.txt 2011-06-01 12:42:56.853391847 -0400
@@ -355,6 +355,7 @@ if(ENABLE_PLUGINS)
set(PLUGIN_DIR="${DATAFILE_DIR}/plugins/${CPACK_PACKAGE_VERSION}")
set(PLUGIN_SRC_DIRS
plugins/asn1
+ plugins/btbb
plugins/docsis
plugins/ethercat
plugins/giop
diff -rupN wireshark-1.4.6/configure.in wireshark.new/configure.in
--- wireshark-1.4.6/configure.in 2011-04-18 14:43:07.000000000 -0400
+++ wireshark.new/configure.in 2011-06-01 12:36:50.081391615 -0400
@@ -1881,6 +1881,7 @@ AC_OUTPUT(
packaging/svr4/pkginfo
plugins/Makefile
plugins/asn1/Makefile
+ plugins/btbb/Makefile
plugins/docsis/Makefile
plugins/ethercat/Makefile
plugins/giop/Makefile
diff -rupN wireshark-1.4.6/epan/Makefile.am wireshark.new/epan/Makefile.am
--- wireshark-1.4.6/epan/Makefile.am 2011-04-18 14:43:01.000000000 -0400
+++ wireshark.new/epan/Makefile.am 2011-06-01 12:40:35.305391757 -0400
@@ -189,6 +189,8 @@ if ENABLE_STATIC
-include ../plugins/Custom.make
plugin_src = \
../plugins/asn1/packet-asn1.c \
+ ../plugins/btbb/packet-btbb.c \
+ ../plugins/btbb/packet-btlmp.c \
../plugins/docsis/packet-bintrngreq.c \
../plugins/docsis/packet-bpkmattr.c \
../plugins/docsis/packet-bpkmreq.c \
diff -rupN wireshark-1.4.6/Makefile.am wireshark.new/Makefile.am
--- wireshark-1.4.6/Makefile.am 2011-04-18 14:43:07.000000000 -0400
+++ wireshark.new/Makefile.am 2011-06-01 12:34:02.169391507 -0400
@@ -265,6 +265,7 @@ if HAVE_PLUGINS
-include plugins/Custom.make
plugin_ldadd = $(_CUSTOM_plugin_ldadd_) \
-dlopen plugins/asn1/asn1.la \
+ -dlopen plugins/btbb/btbb.la \
-dlopen plugins/docsis/docsis.la \
-dlopen plugins/ethercat/ethercat.la \
-dlopen plugins/giop/cosnaming.la \
diff -rupN wireshark-1.4.6/packaging/nsis/Makefile.nmake wireshark.new/packaging/nsis/Makefile.nmake
--- wireshark-1.4.6/packaging/nsis/Makefile.nmake 2011-04-18 14:43:04.000000000 -0400
+++ wireshark.new/packaging/nsis/Makefile.nmake 2011-06-01 12:46:06.565391970 -0400
@@ -46,6 +46,7 @@ HELP=../../$(INSTALL_DIR)/help/capture_f
PLUGINS= \
../../plugins/asn1/asn1.dll \
+ ../../plugins/btbb/btbb.dll \
../../plugins/docsis/docsis.dll \
../../plugins/ethercat/ethercat.dll \
../../plugins/giop/coseventcomm.dll \
diff -rupN wireshark-1.4.6/packaging/nsis/wireshark.nsi wireshark.new/packaging/nsis/wireshark.nsi
--- wireshark-1.4.6/packaging/nsis/wireshark.nsi 2011-04-18 14:43:04.000000000 -0400
+++ wireshark.new/packaging/nsis/wireshark.nsi 2011-06-01 12:48:23.077392053 -0400
@@ -879,6 +879,7 @@ Section "Dissector Plugins" SecPlugins
;-------------------------------------------
SetOutPath '$INSTDIR\plugins\${VERSION}'
File "..\..\plugins\asn1\asn1.dll"
+File "..\..\plugins\btbb\btbb.dll"
File "..\..\plugins\docsis\docsis.dll"
File "..\..\plugins\ethercat\ethercat.dll"
File "..\..\plugins\giop\coseventcomm.dll"
diff -rupN wireshark-1.4.6/plugins/Makefile.am wireshark.new/plugins/Makefile.am
--- wireshark-1.4.6/plugins/Makefile.am 2011-04-18 14:42:24.000000000 -0400
+++ wireshark.new/plugins/Makefile.am 2011-06-01 12:27:27.649391259 -0400
@@ -24,6 +24,7 @@
-include Custom.make
SUBDIRS = $(_CUSTOM_SUBDIRS_) \
asn1 \
+ btbb \
docsis \
ethercat \
giop \
diff -rupN wireshark-1.4.6/plugins/Makefile.nmake wireshark.new/plugins/Makefile.nmake
--- wireshark-1.4.6/plugins/Makefile.nmake 2011-04-18 14:42:24.000000000 -0400
+++ wireshark.new/plugins/Makefile.nmake 2011-06-01 12:29:31.217391333 -0400
@@ -8,6 +8,7 @@ include ..\config.nmake
PLUGIN_LIST = \
asn1 \
+ btbb \
docsis \
ethercat \
giop \
Re: Installing the Ubertooth One on BT5
Typo
wget http://downloads.sourceforge.net/pro...ibbtbb.0.5.tgz
tar xvf libbtb.0.5.tgz
cd libbtbb
tar xvf libbtbb.0.5.tgz
missing a b
It works down to the Test packet capture
got it to work on bare metal after fixing the typo
Need a bit instructions on how to get wireshark to work got lost in here a bit mainly down to lack on knowledge of wireshark
