If not redirected, please click here https://www.thesecuritybuddy.com/bluetooth-security/mac-address-spoofing-bluetooth/
All network interfaces that communicate
with the network have a unique identifier and so do Bluetooth. And,
similar to other network devices, attackers can spoof the MAC address
of Bluetooth devices also.
Let's understand more on MAC address
and MAC Address Spoofing of Bluetooth devices.
Bluetooth MAC Address
Bluetooth MAC address is a 48-bit long
unique identifier that uniquely identifies each Bluetooth device.
Out of this 48 bit Bluetooth MAC
Address, 24 bit is a company identifier, which is unique to the
manufacturer. Each vendor registers and obtains a MAC prefixes
assigned by the IEEE. A vendor may get more than one MAC prefixes
also, each one used for different products.
And the rest 24 bit is a company
assigned identifier which is assigned by the manufacturer. Each
vendor assigns a unique 24 bit suffix for each Bluetooth device.
Different vendors may assign same 24 bit suffix for different
Bluetooth device, but that does not create problems as the 48 bit MAC
addresses altogether remain different.
How do I get MAC Address of my
Bluetooth device
You can find out the MAC Address of
your Bluetooth device from the device itself. You can go to settings
of your device and select Bluetooth, it would show the MAC Address of
the Bluetooth device.
Why MAC Address Spoofing
MAC Address Spoofing is changing the
MAC Address of the device to some other value.
MAC Address Spoofing is done for
various reasons. Security experts do this for Penetration testing.
Attackers spoof MAC Addresses mainly
for stealing sensitive data from the device. They change the MAC
address of their device to that of the victim's device. As a result,
data meant for the victim reaches the attackers first. They intercept
the data and then may forward it to the victim's device so that it
remains undetected.
How is MAC Address Spoofing done for
Bluetooth Devices
There are a number of software
available for spoofing MAC Address. One such tool is spooftooph. This
is used in Linux to automate spoofing or cloning of Bluetooth
devices.
NAME
spooftooph
SYNOPSIS
spooftooph -i dev [-mstu] [-nac]|[-R]|[-r file] [-w file]
DESCRIPTION
-a <address> : Specify new BD_ADDR
-b <num_lines> : Number of Bluetooth profiles to display per page
-B : Disable banner for smaller screens (like phones)
-c <class> : Specify new CLASS
-h : Help
-i <dev> : Specify interface
-m : Specify multiple interfaces during selection
-n <name> : Specify new NAME
-r <file> : Read in CSV logfile
-R : Assign random NAME, CLASS, and ADDR
-s : Scan for devices in local area
-t <time> : Time interval to clone device in range
-u : USB delay. Interactive delay for reinitializing interface
-w <file> : Write to CSV logfile
(Useful in Virtualized environment when USB must be passed through.)
spooftooph
SYNOPSIS
spooftooph -i dev [-mstu] [-nac]|[-R]|[-r file] [-w file]
DESCRIPTION
-a <address> : Specify new BD_ADDR
-b <num_lines> : Number of Bluetooth profiles to display per page
-B : Disable banner for smaller screens (like phones)
-c <class> : Specify new CLASS
-h : Help
-i <dev> : Specify interface
-m : Specify multiple interfaces during selection
-n <name> : Specify new NAME
-r <file> : Read in CSV logfile
-R : Assign random NAME, CLASS, and ADDR
-s : Scan for devices in local area
-t <time> : Time interval to clone device in range
-u : USB delay. Interactive delay for reinitializing interface
-w <file> : Write to CSV logfile
(Useful in Virtualized environment when USB must be passed through.)
For example :
spooftooph
-i hci1 -a 00602560AA43
This
will use the Bluetooth interface hci1 to spoof itself as the device
having MAC Address 00602560AA43.
spooftooph
-i hci1 -R -w outputfile
This
will use the interface hci1 and assign random MAC address to itself.
The results will be stored in the CSV logfile outputfile.
Similarly,
-r option is used for reading in the CSV logfile.
spooftooph
-i hci1 -s
This
will scan for Bluetooth devices in the local area within the range.
So,
this article was to inform you about MAC Address Spoofing of
Bluetooth devices. Hope it has helped.
No comments:
Post a Comment