The Ubertooth One is an open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation. Commercial Bluetooth monitoring equipment can easily be priced at over $10,000 , so the Ubertooth was designed to be an affordable alternative platform for monitoring and development of new BT, BLE, similar and wireless technologies.
The Ubertooth One was created by Mike Ossmann at Great Scott Gadgets in 2011 when he realized that there was not an off-the-shelf BT adapter that offered the capabilities he required. A great video from his talk at ShmooCon 2011 tells the whole story and can be found on YouTube. The Ubertooth One is open source hardware designed in KiCad, and all the hardware specs, design files, and additional information can be found at the GitHub Repo
The device is designed primarily as an advanced Bluetooth receiver, offering capabilities beyond that of traditional adapters, which allow for it to be used as a BT signal sniffing and monitoring platform. Although the device hardware will accommodate signal broadcasting, the firmware currently only supports receiving and minimal advertising channel transmission features.
The Ubertooth One is built around the ARM Cortex-M3 microcontroller and is able to capture and demodulate signals in the 2.4GHz ISM band with a narrow bandwidth of only 1MHz. This includes, but is not limited to: Bluetooth Basic Rate packets, BLE packets, and 802.11 FHSS. Some proprietary 2.4 devices may also be possible.
The Ubertooth One follows the standard USB dongle form factor, weighs in at just a few ounces, and measures 3.5 x 1 x 0.3 in.
I develop software that interacts with multiple BTLE devices from Android, iOS, Windows and OSX. I bought the Ubertooth One to help with testing and debugging the BTLE so aside from using ubertooth-specan-ui and ubertooth-dfu I’ve only used ubertooth-btle.
The Ubertooth project has mostly migrated from Sourceforge to GitHub. GitHub was where I found the latest source code and the best documentation. The documentation has gotten my by so far but the source code has been a bigger help, it’s relatively clean and straightforward to read. The commit and pull request comments have been helpful too.
I want to point out that the firmware that shipped on my Ubertooth One was RX only. To get RX and TX functionality you either need to download a release or compile your own firmware and follow the instructions for updating the firmware with the ubertooth-dfu tool. I’m guessing that there was some sort of legal issue shipping with TX functionality enabled or they were just trying to raise the bar a little to prevent the lowest common denominator from running around jamming and spoofing all the BT within range.
For ubertooth-btle I’ve had good luck with -f but I get buffer overflows when I try -p. I likely have several times more BTLE traffic than normal, I haven’t tried at home so I’m not sure this is the cause. Either way, the source code is reasonable enough to work with that it should be able to do something about it.
Sometimes I have a hard time getting -f to catch my connection parameters the first time I pair. This could also be due to the high volume of BTLE traffic I have at work. However, once the connection parameters are caught ubertooth-btle seems very good at following the connection and I get reliable capture in a PCAP format that I can easily dig through with Wireshark.
Overall, I’m happy with the Ubertooth. For the price you get a lot more than with the alternatives and the source code in the project is easy enough to follow that a developer of reasonable skill should be able too get where they want to go.
April Wright –
Although the setup of Kali to run the Ubertooth software (both compiling and downloading dozens of requirements) seemed never-ending, the Ubertooth One is an excellent tool for watching BLE comms.