Το bluescan είναι ένα έργο ανοιχτού κώδικα από τον Sourcell Xu του DBAPP Security HatLab. Οποιοσδήποτε μπορεί να διανέμει το bluescan ακολουθώντας τους όρους που αναφέρονται στην άδεια GPL-3.0.
Κατά την παραβίαση νέων στόχων Bluetooth, ο σαρωτής μπορεί να μας βοηθήσει να συλλέξουμε πληροφορίες, όπως:
- BR devices
- LE devices
- LMP features
- GATT services
- SDP services
- Vulnerabilities (demo)
Προϋποθέσεις
[pastacode manual=”sudo%20apt%20install%20libglib2.0-dev%20libbluetooth-dev” provider=”manual” lang=”php”/]
Εγκατάσταση
[pastacode manual=”sudo%20pip3%20install%20bluescan” provider=”manual” lang=”php”/]Χρήση
[pastacode manual=”%24%20bluescan%20-h%0D%0Abluescan%20v0.2.1%0D%0A%0D%0AA%20powerful%20Bluetooth%20scanner.%0D%0A%0D%0AAuthor%3A%20Sourcell%20Xu%20from%20DBAPP%20Security%20HatLab.%0D%0A%0D%0ALicense%3A%20GPL-3.0%0D%0A%0D%0AUsage%3A%0D%0Abluescan%20(-h%20%7C%20–help)%0D%0Abluescan%20(-v%20%7C%20–version)%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20br%20%5B–inquiry-len%3D%3Cn%3E%5D%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20lmp%20BD_ADDR%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20sdp%20BD_ADDR%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20le%20%5B–timeout%3D%3Csec%3E%5D%20%5B–le-scan-type%3D%3Ctype%3E%5D%20%5B–sort%3D%3Ckey%3E%5D%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20gatt%20%5B–include-descriptor%5D%20–addr-type%3D%3Ctype%3E%20BD_ADDR%0D%0Abluescan%20%5B-i%20%3Chcix%3E%5D%20-m%20vuln%20–addr-type%3Dbr%20BD_ADDR%0D%0A%0D%0AArguments%3A%0D%0ABD_ADDR%20Target%20Bluetooth%20device%20address%0D%0A%0D%0AOptions%3A%0D%0A-h%2C%20–help%20Display%20this%20help.%0D%0A-v%2C%20–version%20Show%20the%20version.%0D%0A-i%20%3Chcix%3E%20HCI%20device%20for%20scan.%20%5Bdefault%3A%20hci0%5D%0D%0A-m%20%3Cmode%3E%20Scan%20mode%2C%20support%20BR%2C%20LE%2C%20LMP%2C%20SDP%2C%20GATT%20and%20vuln.%0D%0A–inquiry-len%3D%3Cn%3E%20Inquiry_Length%20parameter%20of%20HCI_Inquiry%20command.%20%5Bdefault%3A%208%5D%0D%0A–timeout%3D%3Csec%3E%20Duration%20of%20LE%20scan.%20%5Bdefault%3A%2010%5D%0D%0A–le-scan-type%3D%3Ctype%3E%20Active%20or%20passive%20scan%20for%20LE%20scan.%20%5Bdefault%3A%20active%5D%0D%0A–sort%3D%3Ckey%3E%20Sort%20the%20discovered%20devices%20by%20key%2C%20only%20support%20RSSI%20now.%20%5Bdefault%3A%20rssi%5D%0D%0A–include-descriptor%20Fetch%20descriptor%20information.%0D%0A–addr-type%3D%3Ctype%3E%20Public%2C%20random%20or%20BR.” provider=”manual” lang=”php”/]Table of Contents
Scan BR devices -m br