Bluescan is an open source project from DBAPP Security HatLab's Sourcell Xu. Anyone can distribute bluescan by following the terms of the GPL-3.0 license.
When violating new Bluetooth targets, the scanner can help us gather information, such as:
- BR devices
- LE devices
- LMP features
- GATT services
- SDP services
- Vulnerabilities (demo)
Conditions
[pastacode manual = ”sudo% 20apt% 20install% 20libglib2.0-dev% 20libbluetooth-dev” provider = ”manual” lang = ”php” /]
Installation
[pastacode manual = ”sudo% 20pip3% 20install% 20bluescan” provider = ”manual” lang = ”php” /]Use
[pastacode manual=”%24%20bluescan%20-h%0D%0Abluescan%20v0.2.1%0D%0A%0D%0AA%20powerful%20Bluetooth%20scanner.%0D%0A%0D%0AAuthor%3A%20Sourcell%20Xu%20from%20DBAPP%20Security%20HatLab.%0D%0A%0D%0ALicense%3A%20GPL-3.0%0D%0A%0D%0AUsage%3A%0D%0Abluescan%20(-h%20%7C%20–help)%0D%0Abluescan%20(-v%20%7C%20–version)%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20br%20%5B–inquiry-len%3D%3Cn%3E%5D%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20lmp%20BD_ADDR%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20sdp%20BD_ADDR%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20le%20%5B–timeout%3D%3Csec%3E%5D%20%5B–le-scan-type%3D%3Ctype%3E%5D%20%5B–sort%3D%3Ckey%3E%5D%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20gatt%20%5B–include-descriptor%5D%20–addr-type%3D%3Ctype%3E%20BD_ADDR%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20vuln%20–addr-type%3Dbr%20BD_ADDR%0D%0A%0D%0AArguments%3A%0D%0ABD_ADDR%20Target%20Bluetooth%20device%20address%0D%0A%0D%0AOptions%3A%0D%0A-h%2C%20–help%20Display%20this%20help.%0D%0A-v%2C%20–version%20Show%20the%20version.%0D%0A-i%20%3Chcix%3E%20HCI%20device%20for%20scan.%20%5Bdefault%3A%20hci0%5D%0D%0A-m%20%3Cmode%3E%20Scan%20mode%2C%20support%20BR%2C%20LE%2C%20LMP%2C%20SDP%2C%20GATT%20and%20vuln.%0D%0A–inquiry-len%3D%3Cn%3E%20Inquiry_Length%20parameter%20of%20HCI_Inquiry%20command.%20%5Bdefault%3A%208%5D%0D%0A–timeout%3D%3Csec%3E%20Duration%20of%20LE%20scan.%20%5Bdefault%3A%2010%5D%0D%0A–le-scan-type%3D%3Ctype%3E%20Active%20or%20passive%20scan%20for%20LE%20scan.%20%5Bdefault%3A%20active%5D%0D%0A–sort%3D%3Ckey%3E%20Sort%20the%20discovered%20devices%20by%20key%2C%20only%20support%20RSSI%20now.%20%5Bdefault%3A%20rssi%5D%0D%0A–include-descriptor%20Fetch%20descriptor%20information.%0D%0A–addr-type%3D%3Ctype%3E%20Public%2C%20random%20or%20BR.” provider=”manual” lang=”php”/]Scan BR devices -m br
Scan LE devices -m le
Scan SDP services
Scan LMP features
Scan GATT services
Vulnerabilities scanning (demo)
[pastacode manual=”%24%20sudo%20bluescan%20-m%20vuln%20–addr-type%3Dbr%20%3F%3F%3A%3F%3F%3A%3F%3F%3A%3F%3F%3A%3F%3F%3A%3F%3F%0D%0A…%20…%0D%0ACVE-2017-0785″ provider=”manual” lang=”php”/]Read them Technology News from all over the world, with the validity of iGuRu.gr
Follow us on Google News
radare2: reverse engineering framework
»
Comment Policy:
IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators