Tool Documentation:
redfang Usage Example
Scan the given range (-r 00803789EE76-00803789EEff) and discover Bluetooth devices (-s):
root@kali:~# fang -r 00803789EE76-00803789EEff -s
redfang - the bluetooth hunter ver 2.5
(c)2003 @stake Inc
author: Ollie Whitehouse <[email protected]>
enhanced: threads by Simon Halsall <[email protected]>
enhanced: device info discovery by Stephen Kapp <[email protected]>
Scanning 138 address(es)
Address range 00:80:37:89:ee:76 -> 00:80:37:89:ee:ff
Performing Bluetooth Discovery...
Packages and Binaries:
redfang
fang is a small proof-of-concept application to find non discoveredable bluetooth devices. This is done by brute forcing the last six (6) bytes of the bluetooth address of the device and doing a read_remote_name().
Installed size: 40 KB
How to install: sudo apt install redfang
Dependencies:
- libbluetooth3
- libc6
fang
root@kali:~# fang -h
redfang - the bluetooth hunter ver 2.5
(c)2003 @stake Inc
author: Ollie Whitehouse <[email protected]>
enhanced: threads by Simon Halsall <[email protected]>
enhanced: device info discovery by Stephen Kapp <[email protected]>
usage:
fang [options]
options:
-r range i.e. 00803789EE76-00803789EEff
-o filename Output Scan to Text Logfile
An address can also be manf+nnnnnn, where manf
is listed with the -l option and nnnnnn is the
tail of the address. All addresses must be 12
characters long
-t timeout The connect timeout, this is 10000 by default
Which is quick and yields results, increase for
reliability
-n num The number of dongles
-d Show debug information
-s Perform Bluetooth Discovery
-l Show device manufacturer codes
-h Display help
The devices are assumed to be hci0 to hci(n) where (n) is the number
of threads -1, this is currently not configurable but maybe at a
later date
Updated on: 2024-May-23