• 238 | Chapter 7: Wireless Security Testing
  • Zigbee Testing
    		•

    Learning Kali Linux




    Download 22,59 Mb.
    Pdf ko'rish
    bet213/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   ...   209   210   211   212   213   214   215   216   ...   225
    Bog'liq
    learningkalilinux

    Other Bluetooth Testing
    While you can scan for Bluetooth devices, you may not know where they are located.
    The tool 
    blueranger.sh
    can be used to determine how close a device is. This is a bash
    script that sends L2CAP messages to the target address. The theory of this script is
    that a higher link quality indicates that the device is closer than one with a lower link
    quality. Various factors may affect link quality aside from the distance between the
    radio sending the messages and the one responding. To run 
    blueranger.sh
    , you specify
    the device being used, probably 
    hci0
    , and the address of the device you are connect‐
    ing to. 
    Example 7-20
    shows the results of pinging the MiBox we’ve been using as a
    target so far.
    Example 7-20. blueranger.sh output
    (((
    B
    (
    l
    (
    u
    (
    e
    (
    R
    )
    a
    )
    n
    )
    g
    )
    e
    )
    r
    )))
    By JP Dunning 
    (
    .ronin
    )
    www.hackfromacave.com
    Locating: MIBOX3 
    (
    00:9E:C8:93:48:C9
    )
    Ping Count: 14
    Proximity Change 
    Link Quality
    ---------------- 
    ------------
    238 | Chapter 7: Wireless Security Testing

    NEUTRAL
    214/255
    Range
    ------------------------------------
    | *
    ------------------------------------
    If you go to the Kali website and look at the tools available in the
    distribution, some of those tools aren’t available. Because of the
    nature of open source, projects come and go from distributions
    because they may not work with the latest distribution’s libraries or
    kernel. The software may have stopped being developed at some
    point and may not be relevant any longer. This may be especially
    true with the protocols we are looking at here. It’s worth checking
    in on the website from time to time to see whether new tools have
    been released and are available.
    One last Bluetooth tool we’re going to look at is 
    bluelog
    . This tool can be used as a
    scanner, much like tools we’ve looked at before. However, the point of this tool is that
    it generates a log file with what it finds. 
    Example 7-21
     shows the run of 
    bluelog
    . What
    you see is the address of the device used to initiate the scan, meaning the address of
    the Bluetooth interface in this system. You can keep running this to potentially see
    Bluetooth devices come and go.
    Example 7-21. Running a bluelog scan
    root@savagewood:/# bluelog
    Bluelog 
    (
    v1.1.2
    )
    by MS3FGX
    ---------------------------
    Autodetecting device...OK
    Opening output file: bluelog-2018-03-05-1839.log...OK
    Writing PID file: /tmp/bluelog.pid...OK
    Scan started at 
    [
    03/05/18 18:39:44
    ]
    on 00:1A:7D:DA:71:15.
    Hit Ctrl+C to end scan.
    Once 
    bluelog
    is done, you will have the list of addresses in the file indicated. The one
    listed in 
    Example 7-21
     is 
    bluelog-2018-03-05-1839.log
    . The output from this scan
    shows the same address repeated because it’s the only device that is responding close
    by.
    Zigbee Testing
    Zigbee testing requires special equipment. Whereas many systems will have WiFi and
    Bluetooth radios in them, it’s uncommon to find either Zigbee or Z-Wave. That
    doesn’t mean, however, that you can’t do testing of Zigbee devices. Kali does include
    the KillerBee package that can be used to scan for Zigbee devices and capture Zigbee

    Download 22,59 Mb.
    1   ...   209   210   211   212   213   214   215   216   ...   225




    Download 22,59 Mb.
    Pdf ko'rish