A Bluetooth device scanner, support both BR and LE!
This project has been quarantined.
PyPI Admins need to review this project before it can be restored. While in quarantine, the project is not installable by clients, and cannot be being modified by its maintainers.
Read more in the project in quarantine help article.
Project description
bluescan
A useful Bluetooth scanner that supports scanning:
- BR devices
- LE devices
- GATT
- SDP
- Vulnerabilities (demo)
Requirements
sudo apt install libglib2.0-dev libbluetooth-dev
# if you want to try vulnerabilities scanning, see requirements in
# README.md of https://github.com/ojasookert/CVE-2017-0785
Install
pip3 install bluescan
Usage
# bluescan -h
Usage:
bluescan (-h | --help)
bluescan (-v | --version)
bluescan [-i <hcix>] -m br [--inquiry-len=<n>] [--async]
bluescan [-i <hcix>] -m le [--timeout=<sec>] [--le-scan-type=<type>] [--sort=<key>]
bluescan [-i <hcix>] -m sdp BD_ADDR
bluescan [-i <hcix>] -m gatt --addr-type=<type> BD_ADDR
bluescan [-i <hcix>] -m vuln --addr-type=br BD_ADDR
Arguments:
BD_ADDR Target Bluetooth device address
Options:
-h, --help Display this help
-v, --version Show the version
-i <hcix> HCI device for scan [default: hci0]
-m <mode> Scan mode, support BR, LE, SDP, GATT and vuln
--inquiry-len=<n> Inquiry_Length parameter of HCI_Inquiry command [default: 8]
--timeout=<sec> Duration of LE scan [default: 10]
--le-scan-type=<type> Active or passive scan for LE scan [default: active]
--sort=<key> Sort the discovered devices by key, only support RSSI now [default: rssi]
--async Asynchronous scan for BR scan
--addr-type=<type> Public, random or BR
Example
-
Scan LE device
# bluescan -m le [Warnning] Before doing active scan, make sure you spoof your BD_ADDR. LE active scanning on hci0...timeout 10 sec BD_ADDR: 4c:34:78:26:ad:71 Addr type: random Connectable: True RSSI: -94 dB General Access Profile: Flags (0x01): 06 Manufacturer (0xFF): 4c0010054b1c3debf9 BD_ADDR: 28:11:a5:41:28:27 Addr type: public Connectable: True RSSI: -91 dB General Access Profile: Flags (0x01): 19 Complete 16b Services (0x03): 0000febe-0000-1000-8000-00805f9b34fb,0000fe26-0000-1000-8000-00805f9b34fb Manufacturer (0xFF): 010951100d8851abf2f196f2 Tx Power (0x0A): f6 ... ... -
Scan BR device
# bluescan -m br BR scanning on hci0...timeout 10.24 sec [BR scan] discovered new device addr: EC:51:BC:ED:6E:DC name: OPPO R11 class: 0x5A020C [BR scan] discovered new device addr: 9C:2E:A1:43:EB:5F name: 360syh class: 0x5A020C ... ...
-
Scan (Discover) GATT
# bluescan -m gatt --addr-type=random ??:??:??:??:??:?? Number of services: 5 Service declaration (3 characteristics) Handle: "attr handle" by using gatttool -b <BD_ADDR> --primary Type: (May be primary service 00002800-0000-1000-8000-00805f9b34fb) Value (Service UUID): 00001800-0000-1000-8000-00805f9b34fb (Generic Access) Permission: Read Only, No Authentication, No Authorization Characteristic declaration (0 descriptors) Handle: 0x0002 Type: 00002803-0000-1000-8000-00805f9b34fb Value: Characteristic properties: READ WRITE Characteristic value handle: 0x0003 Characteristic UUID: 00002a00-0000-1000-8000-00805f9b34fb (Device Name) Permission: Read Only, No Authentication, No Authorization Characteristic value declaration Handle: 0x0003 Type: 00002a00-0000-1000-8000-00805f9b34fb Value: b'???????' Permission: Higher layer profile or implementation specific ... ... -
Scan (Discover) SDP
# bluescan -m sdp ??:??:??:??:??:?? Name: Headset Gateway Protocol RFCOMM Port 2 Service Class: ['1112', '1203'] Profiles: [('1108', 258)] Description: None Provider: None Service-id None Name: Handsfree Gateway Protocol RFCOMM Port 3 Service Class: ['111F', '1203'] Profiles: [('111E', 262)] Description: None Provider: None Service-id None ... ... -
Vulnerability (demo)
bluescan -m vuln --addr-type=br ??:??:??:??:??:?? ... ... CVE-2017-0785
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
bluescan-0.0.5.tar.gz
(16.4 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
bluescan-0.0.5-py3-none-any.whl
(30.6 kB
view details)
File details
Details for the file bluescan-0.0.5.tar.gz.
File metadata
- Download URL: bluescan-0.0.5.tar.gz
- Upload date:
- Size: 16.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.4.2 requests/2.22.0 setuptools/44.0.0 requests-toolbelt/0.8.0 tqdm/4.30.0 CPython/3.7.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7987c0fa74d04ba2072c3ab4586ee4c5483c9ce9ddcae09ba67502d9feb8fb14
|
|
| MD5 |
b17cb5b05f58136464f80145bb9bc4fa
|
|
| BLAKE2b-256 |
3cc0b030763625cbeac58a4b7f5a299ff574c07ef6df4baa4d1f8819a6b36a13
|
File details
Details for the file bluescan-0.0.5-py3-none-any.whl.
File metadata
- Download URL: bluescan-0.0.5-py3-none-any.whl
- Upload date:
- Size: 30.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.4.2 requests/2.22.0 setuptools/44.0.0 requests-toolbelt/0.8.0 tqdm/4.30.0 CPython/3.7.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
84c588410ff87de04e7d8a7d343e0d337212c15ee0eefe87884f0a3c0cab63c2
|
|
| MD5 |
26ac02a0d955533838a90beb09da3e69
|
|
| BLAKE2b-256 |
7b087a2fe292f883b3c8a65f0971e601acc98d325984e187df7f67df88598e5f
|
