BLE:Bit CE & PE

Meet the first device that has been built especially for BLE Penetration Testing. It is provided along with open-source sdk and cli-tools. A ton of tutorials and guides are available for the buyers via the shellwanted website and through docs.blebit.io.

The BLE:Bit is built for penetration testers and information security researchers that wish to harness the communication of a Bluetooth Low Energy Device and discover vulnerabilities that may exist in IoT devices. By combining the BLE:Bit PE and BLE:Bit CE a Man-in-the-middle attack can be achieved.

Furthermore, the BLE:Bit can be used for discovering and interacting with devices based on Bluetooth Low Energy protocol.

What makes BLE:Bit so unique is that it's offering more options, at a reasonable price, than any other solution.

Capabilities:

• Read, Write or Send Notification events by using the UUID or handle
• Authorize a read or a write event before is forwarded to the client - alter forwarded data as needed
• Retrieve encryption key that is used during bonding with the device (it can be used for sniffing of the encrypted connection)
• Supports many simulated I/O used by pairing method such as no I/O, keyboard-only, display-only and  keyboard & display
• Supports an extensive connection and scan parameters on both Central and Peripheral
• Flush all bonded key information or delete keys of a specific device
• Capture raw advertisement data, RSSI value as well as the type of the advertiser's address
• Disable selected advertisement channels (PE)
• Enforce repairing with the peer device
• It supports various disconnection reasons and allows for disconnection by issuing a custom reason
• It supports 128-bit Service and Characteristic UUIDs
• Supports various advertisement data types (i.e device name, device address, a complete, incomplete or solicited service list, and much more)
• Plug & Play

Additionally, a framework exists built on-top of blebit sdk, which assists in MiTM or CE and PE simulations.

BLE:Bit consumes minimal energy and can be used with a Raspberry Pi for a long period of time by using just a power-bank, an ideal solution for red team operations.

The client software runs in Java and therefore it can run in all major platforms such as Windows, Linux or Mac.

Please have in mind that raspberry pi is not included on the package.

Technical Article: https://shellwanted.com/index.php/2021/01/19/ble-penetration-test-of-anboud-smart-lock/

Documentation: https://docs.blebit.io

GitHub Page: https://github.com/ninjadiary/blebit

Bluetooth Protocol support: 4.3

Hardware Version: 1.2