This time on the show, capturing and analyzing Bluetooth packets with the Ubertooth One, Kismet and Wireshark, Booting VirtualBox VMs from physical USB drives, bypassing Geo IP location restrictions, and tons more.

Capturing and analyzing bluetooth packets with Kismet and Wireshark

Following up with our Ubertooth One setup guide form last week, we’ll be configuring Kismet and Wireshark to process Bluetooth packets.

Again If you’re not familiar, the Ubertooth One is an open source bluetooth testing tool made by Mike Ossmann in response to the lack of good bluetooth testing devices, or the ridiculously high price tags in excess of $10,000 for commercial monitoring equipment.

So in the same sense that we have inexpensive WiFi adapters that can go into monitor or promiscuous mode, we now have the Ubertooth One.

And of course props to HarvestGardener on the BackTrack Linux forums for putting a lot of this together. Most of the Ubertooth development was done on Mac OSX but getting it going in Linux isn’t too difficult, thankfully.

tar xvf kismet-2011-03-R2.tar.gz -C /usr/src/
mv /usr/src/kismet-2011-03-R2/ /usr/src/kismet
cd /usr/src/kismet

cd ubertooth-r238/host/kismet/plugin-ubertooth
make && make install

vi /usr/local/etc/kismet.conf #add pcapbtbb to logtypes=

Fire up Kismet. Set your source as ubertooth and start the ubertooth plugin from Kismet > Plugins

Ok, now for the less than fun part. From here we can capture bluetooth packets but we’ll probably want something more visual to analyze them. The gold standard for packet analysis is Wireshark for IP and thankfully libbtbb can comes with source so we can use it to build a wireshark plugin.

….or, if we’re running the 32-bit version of BackTrack 5 we can download a precompiled version from HarvestGardener on the BT forums.

Just put the btbb files in /usr/local/lib/wireshark/plugins/1.4.6 and you’re off to the races

Booting VirtualBox VMs from physical USB drives

Today I am following up an episode of HakTip, Virtual Machines 101 with VirtualBox. Today we’ll be mashing up two of my new favorite tools — multiboot USB drives and Virtual machines.

A while back on HakTip we played with VirtualBox and a Linux Distro. I was able to get Ubuntu running on my Windows laptop with no problems.

And a few weeks ago on Hak5 I demonstrated how to build a Multiboot USB drive with XBoot. I love these Mutliboot USB drives as they save you money and space on your keychain, allowing you to “”burn”” multiple ISOS — you’re favorite boot CDs like Ophcrack, Clonezille or Puppy Linux — all from one drive. Check out Hak5 episode 920 for info on that.

Of course when you’re making these Multiboot USB drives there’s some trial and error in the process. And let’s be honest, rebooting is a total drag. If only we could boot a Virtual Machine off a USB drive. Well, you can’t. Not directly anyhow. But what we can do is turn a USB drive into a file — a VMDK which as we learned last week are Virtual Machine Hard Disks.

Download and install VirtualBox (version 4.0.6) if you haven’t already and hit he key combo WINDOWS KEY + R to bring up the Run dialog. Type in “”diskmgmt.msc”” and hit enter. This will pull up your Disk Management tool. This tool is built in to Windows and is generally used to format, partition, and delete parts of your hard drives, but you can also see and mess around with your USB drives as well.”

If you scroll down you can find your USB stick. Mine is this drive that I recently made into a YUMI multibootable drive on an episode of HakTip.

Open the command prompt by again holding WINDOWS KEY and hitting R, then type “”cmd”” (and start as an admin) and hit enter. Type in “”cd %programfiles%\oracle\virtualbox”” and press enter.

Then, type “”VBoxManage internalcommands createrawvmdk -filename %USERPROFILE%\.VirtualBox\usb.vmdk -rawdisk \\.\PhysicalDrive#”” (replace # with your USB disk number – mine is 2) and press enter.

Now that you’ve done the hard part, start up VirtualBox (as an admin) and create a new Virtual Machine. When prompted for a Virtual Hard Disk, check use existing hard disk and select usb.vmdk.

Once you have finished creating your New Virtual Machine, you’re ready to try it out!

I’ve got VirtualBox open and I’m about to try booting off my USB drive in a VirtualMachine. So I press Start and after waiting a few moments it should boot my flashdrive.

It works! I have booted my multiboot USB in VirtualBox as a vmdk. Awesome! This is a great way to get around having to restart your computer every time you want to test a USB bootable drive.”

Nibble: String commands in Bash with semi-colon

Semi colons aren’t just for C++ compile errors, ya know? In bash they can be used to string together a set of commands. For example if you wanted to start downloading an archive with wget and then extract it when the download completes you would put wget file.tar.gz ; tar zxvf file.tar.gz on the same line. Sometimes if I know a background process, like a render job, is going to take an hour to complete and I want to upload the resulting file afterwards I’ll string together sleep 3600 ; The sleep command will simply wait for the specified amount of seconds, in this case 3600 is an hour.

Want some free Hak5 swag? Submit your 4-bit tips at

Feedback and Q&A

Mark writes: In my world, the cellular industry, we call those spaces “guard bands”. love the show keep up the good work

Thanks for the clarification Mark

Anonymous writes: I was thinking, is there a way to set up DBAN on your notebook to run on a timer? Say if you don’t login within x hours, it will run and wipe everything. Can it be done with any other nuke program?

The only thing I could think of short of rewriting the BIOS is to have a script (assuming you’re running Linux) parse /var/log/auth.log and determine whether or not to use a secure delete utility on a volume of choice. Others in IRC have pointed out that one could hide a USB drive tapped into a port inside a laptop but I’m not quite sure how you would go about automating the wipe proceedure.

I’m very interested in hearing everyone’s thoughts on this so leave your ideas in the comments below.

Delmar1992 says:
I am a German national. German sports are now available online. But, my computer knows it is in America. Is there a way of tricking the server and the computer into thinking I’m in Germany so that i can watch it? This also goes for watching Hulu in Germany. Is there a program, or a hack I need? Any suggestions are more than welcome.

A VPN or otherwise tunneling service is what you’re after. We’ve talked in great lengths about setting these up in our 7th season. If you have a friend overseas who is willing to share their Internet connection and setup a server you might be able to VPN or SSH Tunnel that way. Otherwise there are plenty of commercial services that offer just this. One of our friends is a fan of Witopia. We’ve just started playing with it here at Hak5 so we’ll give you our full review in the weeks to come.

If you’re into Hak5 you’ll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!

Whether you’re a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let’s not forget to mention that you can follow us on Twitter and Facebook, Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at If you have any questions or suggestions please feel free to contact us at

T-Mobile’s great selection of tablets, laptop sticks and their new Mobile Hotspot gives you the freedom to stay connected with high-speed Internet on the go. Affordable high-speed Internet when and where you want, without overages. Mobile Broadband data plans start at $29.99 per month and current T-Mobile voice customers save an extra 20%! The G-Slate with Google® is T-Mobile’s first 4G Android tablet, and allows you to take your HD entertainment anywhere. Stay connected at blazing-fast speeds, when and where you want—no Wi-Fi needed. Immerse yourself in the entertainment you love—download apps, play games, stream video, and check your favorite websites. T-Mobile provides mobile broadband service that allows on-the-go, wireless, high-speed Internet through your choice of portable devices.

If you want to build a video site or if your website has a play button, I recommend getting a dot TV domain. A dot TV website lets you showcase your original content and create a unique site, not just another YouTube channel.
Just go to and search for the perfect dot TV domain for your new idea. Then use coupon code Hak5 at checkout to save an extra 15%.
If you need to host your dot TV website, don’t forget about’s web hosting plans. They’re less than six bucks a month and have everything you need to build, maintain, and promote your site.
Remember – when you think domain names, think
Got a great idea? It all starts with a great domain.

With more than 23 million members, Netflix is the world’s largest subscription service instantly streaming TV episodes and movies over the Internet. For one low monthly price, Netflix unlimited members can instantly watch TV episodes & movies streaming to their TVs and computers. With Netflix you can cancel anytime. Netflix unlimited members can instantly watch thousands of titles on a vast array of devices streaming TV episodes and movies like Microsoft’s Xbox 360, Sony’s PS3 game console and the Nintendo Wii console. Find movies you love – easily! As a Netflix unlimited member you can instantly watch as many movies as you want anytime you want for one low monthly price! You can cancel anytime. Get your FREE Trial membership. Go to and sign up NOW. Be sure to use this URL so that they know we sent you!”

Leave a Reply

Your email address will not be published. Required fields are marked *



  • Sc00bz 3 years ago

    With sed ‘s/blah/meh/’ s means substitute.

    Also it’s weird that you grep for “logtypes” then use sed to search for “pcapdump,…,alert”. You probably should of done “sed ‘s/\(logtypes=.*\)/\1,pcapbtbb/'” because you don’t know how many times “pcapdump,…,alert” appears in the file. g is not needed since you are only doing one edit per line.

  • drmaq 3 years ago

    Well if you have heard of Wiptopia then u might like strong vpn or hotspot shield.

  • cooltech 3 years ago

    That would be Boris Floricic, better known by his pseudonym Tron.

  • BuddhaChu 3 years ago

    Witopia starts @ $40 per YEAR, not per month.

  • rodrigograAa 3 years ago

    Season 7? Can anyone specify the episode?

    • TheFu 3 years ago

      I guess you’re asking about VPNs.

      They did 3 or 4 VPNs in a single episode. Some of them seem to have gone commercial (Adito), and the FLOSS version is using certificates that are too short that cert authorities will not give you a cert that short. I ran Adito for 3 yrs, but have switched to openvpn.

      On Linux, you probably just want OpenVPN. Sure, it isn’t trivial to setup, but it isn’t all that hard either.

      On Windows, the built-in PPTP service is probably good enough for home, but please do not use this in a commercial environment, use OpenVPN.

  • robinx99 3 years ago

    For a nuke of the system when nobody logs in you might be able to check ‘users |wc -w = 0′ and then you might be able to kill the system by filling the harddisk with zeros ‘dd if=/dev/zero of=/dev/sda’ or maybe the shred command is better not so sure there. But most likely the system crashes before the wipe is complete. If you have a seperate home partion a ‘dd if=/dev/zero of=/dev/sda3′ should work without a crash.

    So you might be able to put somthing like this in /etc/crontab

    1 * * * * root if ( test 0 = `users |wc -w` ) then sleep 15m; (if ( test 0 = `users |wc -w` ) then dd if=/dev/zero of=/dev/sda; fi) ;fi

    The comand should check every houre the number of loggd in users if a user is logged in nothing happens if no user is logged in it waits 15 minutes and it checks again if somone is logged in, if somone is logged in it ends, if still nobody is logged in it writes all zeros to the harddrive

    But actually I think a full disk encryption is a better protection for the data on a notebook in case you might loose it.

  • JBu92 3 years ago

    re: wipeage
    I’m sure dd if=/dev/zero of=/dev/sda has been mentioned already. However, if you’re that bloody paranoid about your data, there’s only one course of action- ENCRYPT ENCRYPT ENCRYPT. Go into your bios, password protect the bios, and the harddisk, and the bootup (so you have to supply a password even to boot, and the disk will be protected as well). Then go get TrueCrypt and make a hidden OS. Password protect the account on the “visible” OS, and on the “hidden” OS. This will make logging in a pain in the drain on a major scale, but it’ll get the job done. Not quite what you’re looking for, but it achieves the same purpose, in perhaps a better way- if someone really wanted your data, they wouldn’t just boot up and start going at your password, they’d remove the harddisk and attack it with another OS.

  • Daemon Ex Machina 3 years ago

    You actually don’t need to pipe your sed to grep to hide the output. Just do:

    sed -in 's/\(logtypes=.*\)/\1,pcapbtbb/p'

    (thanks Sc00bz for the shortened regexp!)
    The -n puts it into silent mode, and the /p forces it to print the changed lines despite the -n. Of course, don’t bother with the /p if you don’t want the grep-like functionality.

  • -Make a script to run these steps:
    -Wipe important files using shred (vpn config, ssh keys, etc)
    -Wipe everything else in /home and /root with shred
    -Zero the drive out or shred other files

    Trigger the script any way you like. The cron job from Robinx99 would do it nicely.

    The reason for shredding specific files in order is it will happen quickly and silently. An attacker is less likely to notice and try to interrupt it.

    I like the idea of running DBAN to wipe the PC, but anybody could interrupt that process. Anyway, if they want your PC and not your files then they already have it and could reinstall any OS they like.

  • cooltech 3 years ago

    What you might want to do is put a hardware tracker/gps for your laptop.

    You could use a pet tracking microchip and put it in to the laptop and register as your pet. Just an idea.

    Their would be another way is to solder a small gps chip to the hardware.
    ( i.e )

    Hope this helps anyone.

  • cooltech 3 years ago

    What you might want to do is put a hardware tracker/gps for your laptop.

    You could use a pet tracking microchip and put it in to the laptop and register as your pet. Just an idea.

    Their would be another way is to solder a small gps chip to the hardware.
    ( i.e ) I am surprised that no one thought of put hardware tracking into the laptops.But they might pretty soon start putting tracking hardware into laptops and other devices(besides phones, as they are already doing this without are consent.)

    Hope this helps anyone.

  • Torak 3 years ago

    For data self-destruction, I would recommend the program Eraser if Anonymous is using Windows. It won’t nuke the entire hard drive, but you can set it to run at scheduled intervals to delete files of your choice.

    It can be found at:

    Good luck!

  • Jake Roberts 3 years ago

    On the subject of wiping: why not just encrypt the thing? If done properly it’s nearly impossible to break. Really sensitive files could be placed in a hidden Truecrypt volume, making them nearly impossible to find or open.

    This article illustrates the point.

  • Anonymous 3 years ago

    Shred is an awesome tool that will wipe out hard drives for linux. it just take a loooong time to clear out a normal sized drives. It can do multiple random passes on the drive and can be set to overwrite the randoms with 0s. a clean DoD wipe ^_^

  • TheFu 3 years ago

    Tab key for command/file completion. Watching that typing and the mistakes kills me.

  • I always test my usb thumb drives in a VM after I make them. In the episode you showed how to do it in vbox+windows, but if you use linux it’s even easier.

    You just need to install kvm (or qemu) and then run:

    kvm -hda /dev/sdb

    where /dev/sdb is your flash drive.

  • While usually I don’t feel compelled to comment on the commandline “sorcery” going on in the show even if it irks me at times, have to point out couple of things..
    When appending stuff around matched text in sed there’s no need to use capture groups (those pesky escaped parenthesis), instead do..

    $ echo ‘asd=ads’ | sed ‘s:^asd.*:&,jaa:’

    Even though in this case it’s one off deal, generally the more specific regex can be made the better.. one little ^ and it won’t mess with stuff that’s commented out etc.. also, Darren, “g” means multiple times in same line/pattern space, no need for it here.

    I know rtfm’ing in the youtube age might not seem optimal use of time when you could look at a screencast, but remember kids: in unix world, you can usually trust the man. :)

    Otherwise, good show, it’s fun to watch something properly hosted with good variety that actually goes into technical details.. don’t really know of another show like this since thebroken finished, keep it up.

  • ss18v2h7hx 1 month ago – fitflop discount items are backed by a 100% money back guarantee of authenticity John Knits inappropriate for the professional woman Located in the vibrant financial, commercial, administrative and premium retail hub of Lebanon’s capital – mcm bag price – fitflop sales On the second floor, hpnotiq, a liquor that consists of an exquisite blend of premium vodka, natural tropic fruit juices and a hint of cognac , quenched guest’s thirst with a bar serving hpnotiq’s sigature roc candy martini’s and champagne infused bubbles & blue Multi Grammy award winning musician Sting is the first headline act to be announced and will perform on June 2, 2013 $65,000 ?€? 85,000) closely related to his famous painting of the same subject in the National Gallery of Australia, will benefit from the recent resurgence of market interest in the Australian Colonial and Impressionist periods.About the Auction On view in Melbourne:Menzies Gallery1 Darling St., South Yarra, VIC 3141Thursday 22 November ?€? Sunday 25 November, 11am 6pmOn view in Sydney:Menzies Gallery12 Todman Ave, Kensington, NSW 2033Thursday 29 November ?€? Wednesday 5 December, 11am 6pmAuction:Menzies Gallery12 Todman Ave, Kensington, NSW 20336.30 pm, Thursday 6th December Contact:Rod Menzies, Chairman, Menzies Art Brandsrodmenzies(at)menziesgroup(dot)com(dot)au03 9832 8710Little Luxuries Gift Event at eLUXURY 20 Percent Off Select Holiday Gifts – burberry handbags singapore – fitflops singapore sale $20 gold piece coins are considered by many to be the most awe inspiring coin ever produced by the U.S Shoppers hoping to add to their current collection are cordially invited to explore Bottega Veneta: Woven to Perfection, a promotion offering amazing deals on woven handbags and purses from the popular Bottega Veneta fashion house.As with every item available through shopRDR, all Bottega Veneta items are backed by a 100% money back guarantee of authenticity Sunsail was founded in 1974 and is a proud member of TUI Travel® Group – fitflops singapore outlet – fitflop online store singapore – karen millen jassen – cheapest toms shoes

  • de79o2z2od 1 month ago

    [url=]fitflop sale[/url] Donations really are at the heart of the success of an operation like Encore! "I have no words The sale offered savings of up to 25% off all designer clothing and an additional 15% off all designer shoes with free shipping on orders of $200 or more, as well as 10% off all designer handbags, one of fashion’s greatest investments, noted shopRDR co founder Raya Jaffer: Designer handbags typi 00% guarantee of authenticity on each item sold, and works daily with a network of clients looking to buy, sell, or for consignment of their luxury goods [url=]michael kors bags outlet[/url]

    [url=]fitflop malaysia online store[/url] Located on the corner of the famous Lexington Avenue and 57th Street, Hotel 57 puts guests near New York City greats like Bergdorf Goodman, Bloomingdales, Hermes, Louis Vuitton and Tiffany & Co American classic clothiers Brooks Brothers has expanded to a nearly 11,000 square foot location in the mall, while Louis Vuitton, the French maker of exquisite leather bags, shoes and collectables, now occupies 4,582 feet.Ann Taylor has grown to 4,139 square feet on the lower level, while White House | Black Market revamped its look and relocated to a 3,343 square foot spot.Godiva Chocolatier is renovating its location near the stately courtyard entryway to Saks Fifth Avenue, where shoppers are able to see the decadent hand dipped creations and sultry sweets.The Gardens Mall opened in 1988 and has grown in scope and size just like the city in which it is located The company offers a 100% guarantee of authenticity on each item sold, and works daily with a network of clients looking to buy, sell, or for consignment of their luxury goods.ShopRDR loves high end fashion, and believes finding a high quality, classic piece should be an easy, enjoyable and most importantly hassle free shopping experience [url=]fitflops cheapest price[/url]

    [url=]fitflops clearance[/url] Sapphire, located in Las Vegas, is the World’s Largest Gentlemen’s Club with 70,000 square feet of topless entertainment Lacoste ?€? 52Total Fans1 Now a fashion powerhouse, the brand has become world famous for its line of Coach shoulder bags, luggage and other upscale items [url=]fitflop slippers sale[/url]

    [url=]toms shoes online sale[/url]
    [url=]fitflops online[/url]
    [url=]fitflop mukluk sale[/url]

  • Spot on with this write-up, I honestly think this website needs a lot more attention. I’ll probably be returning to
    read through more, thanks for the advice!

  • Google+ continues its rapid expansion and has recently added games and check medals but why don’t you consider the is the
    reason brands. The idea of organizing groups as circles is incredibly thoughtful.
    The more +1s a web site or post gets, the higher it will likely be
    ranked on Google.

  • Impressive ?nd Outstanding Images (1 – 6 ?ovember). Despite th?s minor issue,
    I st?ll ?eally enjoyed the airplane stuff.
    I am not trying t? be sexist, in my opinion ?nd experience; boys learn t? fold m?re paper airplanes than girls ?o.

  • If it weren’t for the water-resistance difference,
    I would consider switching to the FitBit unit.

  • Even while using constant educating of friends and
    family, a full comprehension of the impact a tiny treat will surely have if
    it is not just a part of the plan can be quite a challenge for anyone
    not close up and personal with all the situation.
    Dieting is around breaking habits and learning a, which doesn’t come
    naturally at all. Vomiting could happen to you aren’t strong enough stomach upset.

  • Your metabolism will definitely begin to begin working and cut weight.
    Have faith – After all is done as well as set have faith in yourself making up your mind it is achievable.
    There are many ways to loose weight and some of them are unhealthy for one’s health.

  • The secret’s getting your pulse rate up, and not having much
    calories in your body, so that your body decides of burning over extra fat.

    It’s easy in order to meet unwanted weight target by following the effective rules.
    Be careful with a sort of workout in the event you are not physically.

  • Even using the constant educating of friends and family, an entire comprehension of the impact a small treat may have if it’s not really a the main plan could be a
    challenge for everyone not up close and with all the situation. Now everything will be a lot easier as
    a result of coming of these diet pills. Everything sounds simple
    to date, but it isn’t because can you be sure the calories you’re consuming.

  • I’m really enjoying the theme/design of your
    website. Do you ever run into any web browser compatibility problems?
    A number of my blog visitors have complained about my website not
    working correctly in Explorer but looks great in Opera.
    Do you have any solutions to help fix this issue?

  • I lost about 15 pounds inside first 6 weeks of my new dieting
    and exercise plan. Everyone fantasizes that shedding
    pounds will transform his or her entire life.
    Even further analysis brings forth one more conclusion that the way to obtain benefits lies in the additional vitamins
    and nutrients that are consumed in raw foods, rather than the enzymes or plants at all.

  • My spouse and I absolutely love your blog and find the majority of your post’s to be
    exactly I’m looking for. Does one offer guest writers to write content for
    yourself? I wouldn’t mind producing a post or elaborating on some of the subjects you write
    about here. Again, awesome website!

  • Touche. Outstanding arguments. Keep up the great effort.

  • Ju?t not as much as it may hav?, yo? kno?, thr?e seasons ago.
    ?ne, b??ause it made u? mmost of th?
    episode’s running t?me. ?here are plenty of emergencies ?n tthe airplane
    t?at a?e unpleasant.

  • Excellent beat ! I would like to apprentice at the same time as you amend your web
    site, how can i subscribe for a blog website? The account aided
    me a acceptable deal. I have been tiny bit acquainted of this your broadcast offered vibrant clear concept

  • Great blog here! Also your website loads up very fast!
    What host are you using? Can I get your affiliate link to your host?
    I wish my website loaded up as fast as yours lol

  • Bey?nd sensors in the body, t?? applicatiuons of thhe
    Internet ?f Things stretch only as f?r ?s we ?an imagine.
    As ?e is also the President ?f the Japan Origami Airplane Association, ?? a?parently decided t?
    make a run at 27. , real nzme Mathangi Arulpragasam, ?nnounced on her My – Space bblog ?n Saturday (February 14) that her baby born Feb.

  • Livejasmin HackLivejasmin hack is the best suitable tool for you if you dont have a.

    You should simy download it, then enter your username.