Bettercap for Debugging Bluetooth LE

There’s a useful tool called bettercap that claims to be the “Swiss Army knife for WiFi, Bluetooth Low Energy, wireless HID hijacking and Ethernet networks reconnaissance and MITM attacks”.

While you might want to use it to test Bluetooth LE security, a more interesting use is for debugging Bluetooth LE. If you are scanning for advertising or creating or using GATT, for example with a beacon, it’s sometimes useful to have a separate way of exercising Bluetooth LE.

Bettercap is written in Go and runs on GNU/Linux, BSD, Android, Apple macOS and the Microsoft Windows. However, a bug in Windows and macOS prevents the Bluetooth commands from working. Hence, it’s for Linux or Android only.

Better caps runs in the browser and you can create scripts.

One Person’s Beacon Hijacking is Another’s Sharing

We posted something on Twitter last week about beacon networks and how one beacon can have multiple apps from multiple companies. Jan Steffl tweeted:

jansteffltwitterbeaconhijacking

One person’s beacon hijacking is another’s sharing. Some beacon manufacturers, for example Sensoro that we stock, provide (optional) hijacking prevention and use this as a unique selling proposition. In contrast to this, Google’s presentations at Google I/O encouraged the sharing of beacons to enable new senarios and possibilities.

However, if you have gone to the expense of rolling out beacons you might not want others piggybacking on them or a competitor also showing notifications in the same places.

It remains to be seen if ‘private’ or ‘public’ beacon networks will predominate.