.png.c9b8f3e9eda461da3c0e9ca5ff8c6888.png)
The wireless technology that is most commonly used in life is Bluetooth. In this article we will demonstrate how to sniff Bluetooth devices in Kali.
Preparation
usb Bluetooth device (vm cannot recognize the Bluetooth included) Raspberry Pi (supports Bluetooth)
Enable Bluetooth Device
We often use ifconfig iwconfig and other commands in Linux to view network card and network situations. We can use the hciconfig command to view Bluetooth.
Like wireless network cards, we can use the up down command to load and remove Bluetooth devices.
hciconfig hci0 up
hciconfig hci0 down 
Scan Bluetooth devices
We can use the hcitool command to scan and discover surrounding Bluetooth devices.
hcitool scan 
As mentioned above, we scanned two Bluetooth devices. Get the device name hcitool name A4:55:90:AC:BC:21 
Scan Service
Through the sdptool command, we can see more information about communication, protocol, and maybe we can even start to discover if there are vulnerabilities in the device, or whether we can communicate with it directly. We can even find out whether it is randomized using MAC address or similar.
sdptool browser A4:55:90:AC:BC:21 
Forced connection to Bluetooth devices
BlueRanger is a simple bash script for link quality positioning Bluetooth device radios. It issues L2CAP (Bluetooth) ping to create connections between Bluetooth interfaces, as most devices allow pings without any authentication or authorization.
blueranger hci0 00:93:37:F0:4E:51
Other connection methods
We can use the bluetoothctl command to connect to Bluetooth devices. Enter the bluetoothctl command and execute scan on to scan the device.
pair
pair 00:93:37:F0:4E:51 