Here we are at the end of the road. It was a long road but I also feel like I have really contributed a greatly simplified how to guide to getting Ubertooth setup. You can do it in Linux if you ignore the virtual PC stuff and you can do it in Windows through VirtualBox. Lets get everything tied together with Ubertooth and Wireshark.
Before we dig into this, this is a temperamental process. If anything goes wrong, reset and start at the beginning. With that said lets dig into it.
Install Wireshark
Remember back in the beginning when I said that I said I chose Kali because it had part of the process handled for us? No, well that was the reason. Wireshark comes built in so we can avoid dealing with the Wireshark install. As a result of the Kali choice, this step is done before we started it.
Lets Run a BTLE Scan
Maybe someday, I will get all crazy and document the hell out of Ubertooth. However, that day is not today. Instead we will look at one tool, the btle tool. This is looking at the low energy Bluetooth devices.
Like we have done through this whole series, lets open the terminal.
First things first, we need to create a pipe file. I am following the tutorial from Ubertooth. I will warn you it is far from idiot proof, hence this series of tutorials. So at the terminal type mkfifo /tmp/pipe and press enter. Now this command is creating a pipe. The file file is located in the tmp directory off the root of the computer.
As usual you will get nothing indicating you did something. It is a no news is good news sort of thing.
With that created, open Wireshark. Select the all programs icon and in the search look for Wireshark. It is possible it will be in the recent application section, if you have ever used it.
So here we are with Wireshark open. So lets dig into it and select Capture->Options….
In the Capture Interfaces window, press the Manage Interfaces button, in the lower right hand corner.
This will open up the Manage Interfaces dialog. We want to select the Pipes tab.
In this Pipes tab area, we need to link the file we created at the start of the process. With that in mind, select the plus button in the lower left hand corner.
While it might be tempting to type in the path name in the New Pipe area, doing that will make your process fail. Instead you must hit the Browse button.
Once you have the pipe file selected, press the open button in the upper right hand corner.
With the file selected, hit OK. We return back to the Options dialog.
Now I realize you are probably glancing over this and not really paying attention. Stop and read this. You must scroll to the bottom and select the /tmp/pipe before you press start. You can have other things but you must have this selected. With it selected press Start.
Back in the terminal screen type ubertooth-btle -f -c /tmp/pipe and press enter.
If the IT gods are pleased with you and you were precise in your actions, you should get a surprise.
Congratulations, we made it to the end. Bring Ubertooth and Wireshark together was the last step.
You can now go through the joys of deciphering the values given to you. It is not fun but that is outside the scope of this series of posts. Enjoy playing with your new toy and stay out of trouble. Also make sure you have a Bluetooth device around so it can read it.
Maybe someday, I will do a Windows version of this. Because Ubertooth and Wireshark are both cross platform, it should be possible.
As always drop your questions or comments below.