BlueMaho is GUI-shell (interface) for a suite of tools best used for Bluetooth security testing. It is freeware, opensource, written on python, uses wxPython. It can be used for testing BT-devices for known vulnerabilities and major thing to do – testing to find unknown vulns. Also it can form nice statistics.
I did get interested in Bluetooth for a while and the security implications of a personal area network protocol which includes discovery/broadcast etc. I ended up only posting one article at the time though which was about Haraldscan – BlueTooth Discovery Scanner.
I have a bunch more Bluetooth related resources to share though, so I’ll be putting them out from time to time. Some (like this) aren’t particularly up to date, but give you a great base to start with and play around.
Features
- Scan for devices, show advanced info, SDP records, vendor etc
- Track devices – show where and how much times device was seen, its name changes
- Loop scan – it can scan all time, showing you online devices
- Alerts with sound if new device found
- on_new_device – you can spacify what command should it run when it founds new device
- It can use separate dongles – one for scaning (loop scan) and one for running tools or exploits
- Send files
- Change name, class, mode, BD_ADDR of local HCI devices
- Save results in database
- Form nice statistics (uniq devices by day/hour, vendors, services etc)
- Test remote device for known vulnerabilities (see exploits for more details)
- Test remote device for unknown vulnerabilities (see tools for more details)
- Themes! you can customize it
Requirements
The main requirements are:
- OS (tested with Debian 4.0 Etch / 2.6.18)
- Python 2.4
- wxPython
- BlueZ
You can download BlueMaho here:
Or read more here.