Scapy is a useful command line Python program, that works on Linux, that enables the user to send, sniff and dissect network packets, including Bluetooth LE. It can be used for testing, development and security testing.
There’s a useful tool called bettercap that claims to be the “Swiss Army knife for WiFi, Bluetooth Low Energy, wireless HID hijacking and Ethernet networks reconnaissance and MITM attacks”.
While you might want to use it to test Bluetooth LE security, a more interesting use is for debugging Bluetooth LE. If you are scanning for advertising or creating or using GATT, for example with a beacon, it’s sometimes useful to have a separate way of exercising Bluetooth LE.
Bettercap is written in Go and runs on GNU/Linux, BSD, Android, Apple macOS and the Microsoft Windows. However, a bug in Windows and macOS prevents the Bluetooth commands from working. Hence, it’s for Linux or Android only.
Better caps runs in the browser and you can create scripts.
There’s a new command line Python-based utility for Linux called Bleah that describes itself as a “BLE scanner for smart devices hacking”. Don’t let the ‘hacking’ part put you off – all it does is scan for devices and enumerate/use Bluetooth GATT Service much like the many apps for iOS and Android like Nordic nRF Connect. Nevertheless, it’s useful should you need to do these things from Linux rather than mobile apps.
If you use this utility (or mobile apps) you need to be aware that most Beacons are not connectable by default and most have password protected Bluetooth Services preventing you writing to them without having written the password to a specific Service. You will need to read the documentation for the beacon to determine how to make it connectable and to ascertain the default password.
One of the difficulties of developing Beacon applications on (usually Linux) single single board computers (SBCs) is the difficulty in programming Bluetooth LE. We previously gave a few pointers.
To make things much easier, there’s a new pure Python module python-hcipy written using only the Python standard library for interacting with the Bluetooth HCI.
“The primary benefit of using this module is the lack of having any dependency on: PyBluez Python & C based module, the bluetoothd service or D-Bus; this module just uses the standard Python socket API.”
It currently supports BLE Adapter controller and querying, advertising, GATT Client (Central role),GATT Server (Peripheral role) and scanning.
Beacons don’t just work with smartphones. They can work with any other devices that have Bluetoooth LE. This includes Single Board Computers (SBCs) such as the Raspberry Pi 3 and new $10 Pi Zero W that include Bluetooth 4.1.
Pi zero Wireless
If you take a look at our article on Implementation Types, the smartphone app or gateway in each scenario could equally be a SBC.
For sensing and RTLS applications, the SBC can do additional pre-processing to extract and/or filter sensor data. It can also do post processing to aggregate data and/or reformat for specific IoT platforms. Another advantage of a SBC over a gateway is that data can be cached when WiFi or Internet connectivity isn’t available and queued for sending later so that the data isn’t lost.