For those who haven't heard, Ubertooth one is an open-source, relatively inexpensive (~110USD) hardware platform for bluetooth packet capture and experimentation. This how-to will give a basic rundown on how to install and capture/analyze packets with the latest source (r238).

Topics covered include:
• Installing Ubertooth dependencies/source
• Building/testing Kismet plugin
• Installing Wireshark plugin

The first step is to setup the pyside repository to access precompiled binaries.
apt-get install python-software-properties
add-apt-repository ppa:pyside
apt-get update
- Download pre-compiled binary dependencies
apt-get install libnl-dev libusb-1.0-0-dev pyside-tools
- Compile and install PyUSB extension
tar xvf pyusb-1.0.0-a1.tar.gz
cd pyusb-1.0.0-a1
python install
- Compile and Install libbtbb
tar xvf libbtb.0.5.tgz
cd libbtbb
make install
- Download and extract r238 of Ubertooth source
tar xvf ubertooth-r238.tar.gz
With all of the dependencies installed, everything should be good to go in order to run the basic functionality of the Ubertooth adapter. A good test is to run the include spectrum analyzer:
cd ubertooth-r238/host/specan_ui
You should see a window pop up with a nifty view of your local 2.4ghz spectrum.

**Capturing Bluetooth Packets**
- Reset ubertooth by unplugging and plugging it back in

- Test packet capture by compiling and running the following
cd ../bluetooth_rxtx
While this provides basic info about the packets flowing over the air, much more detail is provided via the Kismet plugin.

- Prep kismet source in a new terminal
tar xvf kismet-2011-03-R2.tar.gz -C /usr/src/
mv /usr/src/kismet-2011-03-R2/ /usr/src/kismet
cd /usr/src/kismet
- Compile ubertooth kismet plugin
cd ../kismet/plugin-ubertooth
make install
- Add 'pcapbtbb' to the logtypes= line in /usr/local/etc/kismet.conf

- Run kismet with source and name as ubertooth

- Enable the ubertooth plugin via Kismet -> Plugins -> Select Plugin

Kismet will run like normal, using the Ubertooth to capture bluetooth packets and logging them to a capture file. In order to visualize this capture easily, libbtbb include the source code to build a Wireshark plugin.

You can either compile the plugin using the Wireshark source following instructions in doc/README.plugins. However, it is quite a process. Or you can just put the attached precompiled binaries for the 32 bit version of BT5 ( / in '/usr/local/lib/wireshark/plugins/1.4.6' and off you go. You can now simply open the appropriate Kismet capture file in Wireshark.

Hope this helps inspire someone to do some bluetooth hacking!

BTBB Wireshark