DefCon 2012 - Bluetooth Monitoring With SCAPY

2,372 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,372
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

DefCon 2012 - Bluetooth Monitoring With SCAPY

  1. 1. PASSIVE BLUETOOHMONITORING IN SCAPY Ryan Holeman
  2. 2. AGENDA• bluetooth essentials• fundamental projects• scapy-btbb project overview• demo
  3. 3. ESSENTIAL BLUETOOTH• bluetooth is a frequency hopping protocol
  4. 4. ESSENTIAL BLUETOOTH• BTBB - bluetooth baseband• air traffic between master and slave bluetooth devices
  5. 5. ESSENTIAL BLUETOOTH• nap • non-significant for communication • vendor association• uap • upper address part • vendor association • calculated from btbb packets• lap • lower address part • easily obtained in btbb packet
  6. 6. FUNDAMENTAL PROJECTS SCAPY• Philippe Biondi• python network analysis and manipulation tool• supports many protocols and layers • Ethernet, Tcp/Ip, 802.11, 802.15.5, etc
  7. 7. FUNDAMENTAL PROJECTS LIBBTBB• Dominic Spill and Mike Ossmann• provides methods for: • uap discovery, clock discovery, etc• wireshark plugin • wireshark btbb support
  8. 8. FUNDAMENTAL PROJECTS UBERTOOTH• bluetooth baseband sniffer• Mike Ossmann• kismet plugin
  9. 9. SCAPY-BTBB GOALS• bluetooth baseband traffic in python
  10. 10. SCAPY-BTBB CONTRIBUTIONS• btbb layer in scapy•a stream utility for pcap files in scapy• btbb helper methods • vendor from nap/uap • distinct address lists from btbb traffic• extensive documentation of related projects
  11. 11. SCAPY-BTBB RELEVANCE• real time and postmortem data analysis for btbb traffic• compatibility across hardware • though pcap files• easily incorporated into: • developer debugging tools • auditing tools • exploitation tools
  12. 12. DEMO
  13. 13. REFERENCES• scapy • bluez • Phillippe Biondi • bluez.org • secdev.org/projects/scapy • pybluez• libbtbb • pybluez.googlecode.com • Dominic Spill & Mike Ossmann • wireshark • sourceforge.net/projects/libbtbb • wireshark.org• ubertooth • ipython • Mike Ossmann • ipython.org • ubertooth.sourceforge.net • pandas• kismet • pandas.pydata.org • Mike Kershaw • kismetwireless.net
  14. 14. PROJECT HOME AND CONTACT INFO• project home • hackgnar.com/projects/btbb• contact • email: ripper@hackgnar.com • twitter: @hackgnar

×