Wireless Attacksbluetoothblewirelesslinuxstacktoolsmeshtesting

BlueZ

BlueZ is the official Linux Bluetooth protocol stack providing tools and daemons for Bluetooth device management, testing, and interaction. It includes utilities for scanning, connecting, configuring, and testing Bluetooth and BLE devices.

Description

BlueZ serves as the primary Bluetooth protocol stack for Linux systems, offering comprehensive tools for managing Bluetooth hardware and communicating with Bluetooth devices. The package includes essential daemons like bluetoothd for core Bluetooth services and numerous command-line utilities for tasks such as device discovery, pairing, connection management, and protocol testing.

Key use cases include Bluetooth device enumeration, security testing, firmware management, and protocol analysis. Tools like bluetoothctl provide interactive control for modern Bluetooth operations including LE advertising and GATT services, while legacy tools like hcitool and hciconfig handle classic Bluetooth configurations. Testing utilities enable thorough validation of Bluetooth implementations across L2CAP, RFCOMM, and other protocols.

The stack supports both classic BR/EDR and Low Energy (BLE) Bluetooth, with specialized packages for mesh networking, OBEX file transfer, CUPS printing, and HCI packet analysis. BlueZ powers Bluetooth functionality in Kali Linux for wireless penetration testing and device forensics.

How It Works

BlueZ implements the full Bluetooth protocol stack including HCI (Host Controller Interface), L2CAP, RFCOMM, SDP, and GATT/ATT for BLE. Core daemons like bluetoothd handle D-Bus interfaces for device management and plugin loading. Tools interact via HCI commands to controllers, enabling scanning, pairing (SSP/SC), connection establishment, and data exchange. Monitoring tools like btmon capture HCI traffic in btsnoop format for analysis. Testing utilities simulate client/server roles across protocols to validate kernel implementations and device compliance.

Installation

bash

sudo apt install bluez

Flags

-h, --helpShow help options

-i, --index <num>Use specified controller

--agentRegister agent handler: <capability>

-d, --debug=DEBUGSpecify debug options to enable

-p, --plugin=NAME,..Specify plugins to load

--monitorEnable monitor output

-B, --bdaddr [addr]Set Bluetooth address

--timeoutTimeout in seconds for non-interactive mode

Examples

Start scanning for nearby Bluetooth devices and print discovered addresses

bluetoothctl scan on

Initiate pairing with a specific Bluetooth device by MAC address

bluetoothctl pair AA:BB:CC:DD:EE:FF

Connect to a previously paired Bluetooth device

bluetoothctl connect AA:BB:CC:DD:EE:FF

Discover nearby classic Bluetooth devices and print their MAC addresses and names

hcitool scan

Scan for BLE (Bluetooth Low Energy) devices and print advertisement data

hcitool lescan

Bring up Bluetooth interface hci0 (enable it)

hciconfig hci0 up

Monitor all Bluetooth HCI traffic and save to a btsnoop capture file

btmon -w capture.btsnoop

Send 10 L2CAP echo requests to a Bluetooth device (ping over Bluetooth)

l2ping -c 10 AA:BB:CC:DD:EE:FF

Updated 2026-04-16kali.org ↗