BLEAH – Bluetooth Low Energy Attack Tool

A new tool – BLEAH which is used for attacking Bluetooth Low Energy devices is now available for download in evilsocket repository. This can be used for perform sniffing and man in the middle attack.

What makes BLE Vulnerable?

Bluetooth was initially designed for continuous, streaming of data packets to and from devices which enables us to send or receive packets from bluetooth devices at close proximity. But the problem here was, the older protocols required the device to be powered up constantly even if it was not in use. When talking about Bluetooth Low Energy vs. Bluetooth, the key difference is in Bluetooth 4.0’s low power consumption. In BLE, the hardware remains in the sleep mode before the connection is initiated and after the connection is terminated.

Bluetooth LE is the least secure of all the bluetooth versions. BLE hardwares are designed to be very small in size and work with low powered battery. So they lack so many security features such as channel hopping mechanism and other built in mechanisms. BLEAH takes advantage of these flaws to do MITM attacks, sniffing data packets and writing data to the devices.

How to Install

Video Tutorial

BLEAH is based on bluepy library, which provides us a python interface to Bluetooth LE on Linux machines. This library is required for BLEAH to work. So first let us install all the dependencies and install bluepy. Execute below commands one by one.

$ sudo apt-get install git build-essential libglib2.0-dev
$ git clone https://github.com/IanHarvey/bluepy.git
$ cd bluepy
$ python setup.py build
$ sudo python setup.py install

Now we can install BLEAH

git clone https://github.com/evilsocket/bleah.git
cd bleah
python setup.py build
sudo python setup.py install

To check, execute

bleah -h

Source : https://www.evilsocket.net/2017/09/23/This-is-not-a-post-about-BLE-introducing-BLEAH/