Skip to content

ShorterKing/Bluetooth-Attacks

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
Badbt
Badbt
 
 
Auto-connect.sh
Auto-connect.sh
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bluetooth-mac-spoof.sh
bluetooth-mac-spoof.sh
 
 
gattacker-setup.sh
gattacker-setup.sh
 
 

Repository files navigation

Bluetooth-Attacks 🛜💥

Welcome to Bluetooth-Attacks, the ultimate toolkit for mastering Bluetooth device emulation and security research! 🚀 This repository is a souped-up evolution of BadBT, with massive improvements to make it the most powerful Bluetooth attack suite out there. The badbt folder houses our crown jewel: an enhanced btk_server.py that defaults to an audio headset (not just a keyboard) and supports HID profiles for unparalleled flexibility. 🎧🔑 I've taken the original BadBT and made it much, much better with new features, better stability, and slicker automation. 😎

Features ✨🔥

  • Supercharged btk_server.py:
    • Defaults to emulating an audio headset, with customizable device names. 🎙️
    • Full HID (Human Interface Device) support via a custom SDP XML configuration. 🖱️
    • Run as a headset: sudo python3 btk_server.py -n Headset -i hci0 -c 0x240404. 🎵
    • Supports MAC address spoofing for stealthy operations. 🕵️‍♂️
  • Auto-Connect Script (autoconnect.sh): Automatically pings and connects to target devices, pairing seamlessly with btk_server.py to initiate headset connections. 🔗
  • MAC Address Spoofer (bluetooth-mac-spoof.sh): Generate random MACs or set custom ones to bypass blocks and keep connections alive. 😈
  • Gattacker Automation (gattacker-setup.sh): Streamlines setup for the Gattacker tool, perfect for Bluetooth Low Energy (BLE) attacks. 🛠️
  • System Management Scripts:
    • runbefore.sh: Configures and backs up Bluetooth services for smooth operation. ⚙️
    • revert.sh: Restores your system to its original state with ease. 🔄
  • Cross-Platform Support: Includes scripts for Windows and Android, but btk_server.py is the star performer. 🖥️📱
  • MIT License: Free to use, tweak, and share! 📜

Why This Repo is 🔥 Epic

Building on the foundation of BadBT, I've turbocharged this project with major upgrades. The badbt folder features the most advanced Bluetooth emulator you'll find, with btk_server.py defaulting to audio headset mode for creative experiments. Its HID support, powered by sdp_record.xml, lets you emulate keyboards or other devices effortlessly. Pair it with autoconnect.sh to proactively connect to targets, or use bluetooth-mac-spoof.sh to stay unblockable with randomized MACs. Add gattacker-setup.sh for BLE attacks, and you've got a Bluetooth hacking powerhouse! 💪

Installation & Setup 🛠️

  1. Clone the Repo:

    git clone https://github.com/yourusername/Bluetooth-Attacks.git
cd Bluetooth-Attacks/badbt

  2. Install Dependencies:

    • Install required packages: 
      sudo apt update
sudo apt install bluez python3-dbus python3-gi

  3. Set Up Gattacker (optional, for BLE):

    sudo bash gattacker-setup.sh

  4. Configure Bluetooth Services:

    • Prepare your system: 
      sudo bash runbefore.sh

  5. Launch the Bluetooth Server:

    • Emulate a headset: 
      sudo python3 btk_server.py -n Headset -i hci0 -c 0x240404
    • Emulate a keyboard: 
      sudo python3 btk_server.py -n Keyboard -i hci0

  6. Auto-Connect to Devices:

    • Connect to a target: 
      sudo bash autoconnect.sh <TARGET_MAC>

  7. Spoof MAC Address:

    • Set a custom MAC: 
      sudo bash bluetooth-mac-spoof.sh <NEW_MAC>
    • Randomize MAC: 
      sudo bash bluetooth-mac-spoof.sh -r

  8. Revert Changes:

    • Restore your system: 
      sudo bash revert.sh

SDP Record (sdp_record.xml) 📄

The sdp_record.xml file defines the Bluetooth service profile, enabling HID support and flexible device emulation. Key features:

  • Configures the device as a Raspberry Pi Virtual Keyboard or custom headset.
  • Supports USB-to-Bluetooth keyboard emulation.
  • Includes robust HID descriptors for maximum compatibility.

Find the full XML in the badbt folder.

Usage Examples ⚡

  • Emulate a Headset:

    sudo python3 btk_server.py -n Headset -i hci0 -c 0x240404

    Use bluetoothctl to connect to devices:

    bluetoothctl
scan on
connect <TARGET_MAC>

  • Emulate a Keyboard:

    sudo python3 btk_server.py -n Keyboard -i hci0

  • Auto-Connect to a Device:

    sudo bash autoconnect.sh 00:11:22:33:44:55

  • Spoof a Random MAC:

    sudo bash bluetooth-mac-spoof.sh -r

  • Run a Rubber Ducky Script:

    python3 ducky.py -d path/to/rubberducky_script

Disclaimer 🚨

Use Responsibly! This repository is for educational and research purposes only. The author is not responsible for any misuse, damage, or legal consequences resulting from these tools. Always obtain explicit permission before testing on devices or networks you do not own. Unauthorized Bluetooth attacks may violate local laws. Stay ethical, stay safe! 🛡️

Contributing 🤝

Contributions are welcome! Fork the repo, add your enhancements, and submit a pull request. Got ideas or issues? Open a GitHub Issue to share.

  1. Fork the repo.
  2. Create a branch (git checkout -b feature/killer-feature).
  3. Commit changes (git commit -m "Added killer feature").
  4. Push to the branch (git push origin feature/killer-feature).
  5. Open a Pull Request.

License 📜

Licensed under the MIT License. See the LICENSE file for details.

Acknowledgments 🙌

  • Huge thanks to AGO061/BadBT for the original inspiration.
  • Props to the Gattacker team for their awesome BLE tool.
  • Built with 💖 by SHORTERKING for the Bluetooth security community.

Hack smart, hack safe! 🛜🔥

About

Bluetooth-Attacks That Works (kinda)

Topics

bluetooth exploitation bluetoothkeyboard badbt bluetooth-keystroke

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages