Change or Modify Bluetooth Device hardware (MAC) address
I am in the middle of an ongoing experiment, where in I am trying to get a Bluetooth headset to work simultaneously with my windows mobile phone and also my PC. I recently got my hands on a Nokia BH-209 headset, I tested the audio quality on the and its amazing! I tested it with skype by pairing it with my PC and the voice clarity is brilliant. I have always been searching for a good reason to ditch my table Mic and this headset maybe the one.
Right now, I am still unable to make it work with both the PC and the phone at the same time, so I need to pair it to the device every time I need to use it. Although pairing is not a tedious process, it still needs some manual labour, like deleting existing devices, adding and re-pairing. Almost a 5 minute task every time I want to use it. I want to avoid this hassle. Yes I am lazy.
The basic idea behind my experiment is simple, fake the connection. Make the headset think that is communicating its my phone, a spoof attack sort of a thing. My knowledge in bluetooth is limited so my initial plan of action was to follow these steps, spoof the mac of the bluetooth dongle on my pc so that it is the same as that of my phone, then change the device class of my PC from Computer -> Desktop to Computer -> Palm (My phone is the imate version of the htc wizard with windows mobile 2005) and finally find the secret authentication key between the phone and the headset. Once I get that I can emulate the phone on the pc and try to connect to it. Unfortunately there are any tools available in windows to do some serious work. The tools that we generally use to change the MACs of network cards like SMAC or A-MAC will not work with bluetooth adapters, so I had to come to Linux.
The first step was to change the Bluetooth hardware address of my bluetooth dongle. After hours of digging around, I finally found a way to do this. Here it is. I did this in Ubuntu 8.10 Intrepid Ibex, it had all the bluetooth modules already installed, else, install hci and hci related packages on your distro.
Some info first. All bluetooth devices have a hardware address similar to the MAC address for network (NIC) cards. That address is the unique identification information on the dongle. There’s a great tool called bdaddr that allows you to change the BD_ADDR, the physical address, in your Bluetooth adapter. It works with Ericcson, Cambridge Silicon Radio and Zeevo chipsets. You can download it here: bdaddr. By the way, you must intstall the bluez-utils and libbluetooth-dev packages.
1 | sudo apt-get install bluez-utils libbluetooth-dev |
Getting the address of the phone or the device you want to fake. Switch on the bluetooth on the phone.
1 | $ hcitool scan |
Scanning for available devices
Now we have the address that we need to fake. i.e. 00:12:37:85:1B:78. We need to compile the bdaddr application, extract it to a folder and “make” it.
Compiling bdaddr
Once that is done, we now a working version of bdaddr.
BD_ADDR
As you can see, bdaddr detected my dongle. The device address is same as that of the phone because I recently changed it.
1 2 3 | [heaton@sulphure:~/Downloads/bdaddr]$ ./bdaddr Manufacturer: Cambridge Silicon Radio (10) Device address: 00:12:37:85:1B:78 |
Switch to root to proceed and then follow what I did (in the image below).
Changing the BD_ADDR of the dongle
1 2 3 | hciconfig hci0 ./bdaddr -i hci0 00:12:37:85:1B:98 hciconfig hci0 reset |
Unplug the adapter and insert it again. Check for the change in address.
Address changed to new specified one.
YAY! my first step is complete, I am working on the next two steps and will post as soon I make a breakthrough.
on February 9th, 2009 at 20:07 said :
Hey, great work dude!
Be sure to let me know if you get somewhere with this.
By the way, I’ve been experimenting with Windows 7, and there is some problem with the bluetooth drivers those guys packed in. Vista was able to recognize my Nokia E51 on bluetooth (without installing the PC Suite) and transferring files was a breeze.
The same thing is not happening in W7.. I wonder why. Its showing up some stupid socket error.
Added to that, the PC Suite is not installing on this thing.. it keeps crashing even in compatibility mode. Thats one drawback I noticed till now.
on February 9th, 2009 at 20:09 said :
Hey, why don’t you add the feature to allow me to track replies to comments here? I don’t need to visit the site every time to see if you did :P
And yeah.. CHANGE THAT STUPID PIC YOU GOT THERE FOR THE COMMENTS!! :D
on February 9th, 2009 at 21:35 said :
maybe you should wait for the final version of seven! :P
or you can install the bluesoleil http://www.bluesoleil.com . This software replaced the bluetooth drivers that come with windows and uses its own drivers and it has more feature, try it out once and let me know
and as for the image, its not under my control, its an automatically generated gravatar image based on the email address you specify, if you want to change the image you can register that email address at gravatar.com and assign whatever image you want to that email.
on February 9th, 2009 at 21:36 said :
As for the comments, you can use the comments feed to monitor all the comments on this post.
the feed:
http://www.siddharthabbineni.com/tech/hardware/change-bluetooth-device-mac-address.html/feed
or just click the comments feed icon on the top right of the post ;)
EDIT :
I added the
“Notify me of followup comments via e-mail” checkbox beside submit ;)
on February 13th, 2009 at 12:09 said :
Yo! Nice nice.. let me try out the bluetooth drivers.
Anyway, who’d want to keep track of comments for every post? Isn’t there a consolidated comment feed for the whole site?
on February 13th, 2009 at 12:14 said :
Bah.. that’s shareware man.. I don’t want to pay up for bluetooth drivers. I’ll look for something else :)
on February 13th, 2009 at 16:10 said :
yeah
all wordpress blogs do.. :P
http://www.siddharthabbineni.com/comments/feed
on April 26th, 2009 at 3:35 said :
My bluetooth adapter reverts back to its original MAC address after I replug it. Is this a problem with this specific bluetooth adapter? or am I missing something?
on April 26th, 2009 at 4:05 said :
I just noticed the limited manufacturers this works with…
on April 26th, 2009 at 4:22 said :
Does anyone know of any brand names that have these chipsets (Ericcson, Cambridge Silicon Radio and Zeevo)?
on May 31st, 2009 at 3:15 said :
this is awesome . i always love to do this stuff
on July 18th, 2009 at 16:26 said :
how did u cpnnect headset BH-209 with PC or Laptop.
Plz give instructions.
on July 18th, 2009 at 19:50 said :
@UnS
First you need to have bluetooth hardware in your pc, usually a Bluetooth Dongle will add bluetooth to any pc, some laptops have bluetooth inbuilt.
Once the PC is bluetooth enabled, the process is similar to pairing a headset with a phone. Click on the bluetooth icon in the tray, select “add a device”. Now put your bluetooth headset in discovery mode, once its in that mode, the pc software will detect it and ask if you want to pair it. Pair it with the default code of the headset and thats it. To confirm that its working, check in the playback/recording devices.
on July 20th, 2009 at 20:20 said :
But the thing is that its not being detected either in PC or Laptop. To be more specific i have Nokia BH-209 headset and a bluetooth dongle which have Bluesoleil Software with it. See if this info helps.
on August 26th, 2009 at 8:49 said :
Hey Sid, nice tutorial. I’m having the same issue as James, though. I bought two A-Power dongles that have the same address, and even though they identify as “Cambridge Silicon Radio (10)” with a MAC of 00:15:83:15:A3:10, the app don’t seem to re-write the MAC. I’ll just take one back to the shop, I think.
on August 30th, 2009 at 19:39 said :
Nice tool, thanks :)
I used it to connect a bluetooth keyboard to my phone with broken touchscreen (LCD is ok)
1) pair the keyboard and pc with a faked bdaddr of phone, without any PIN
2) unplug the adapter and power on the phone
3) phone recognizes the keyboard when i press any key
3.5) preinstalled driver on phone :)
4) start some apps on phone, do a full backup, happyness, sunsine
many thanks
on October 14th, 2009 at 19:07 said :
Thanks man, just what i was looking for :) luckely bdaddr is pre-installed on backtrack 3+
on October 16th, 2009 at 19:08 said :
HI there!
I was wondering if you’d be able to help me! MY Nokia 5800 bluetooth seems to be not working anymore… I used the code *#2820# to display my bluetooth address but its blank!
The phone wont allow me to activate my bluetooth at all. It says “unable to perform bluetooth operation”.
This could be a hardware issue but do you know if your bluetooth address can just disappear? I was googling methods of changing it but it seems you need to know the address before hand…
Thanks!
on October 22nd, 2009 at 7:13 said :
These days the avenues of messaging and communicating with each other, on the computer, are many. ,
on November 30th, 2009 at 0:45 said :
Howdy. I need to change my BT mac on my windows mobile phone. I have my contacts and my new phone (broadcomm stack) doesn’t let me send my contacts to my car’s radio (pioneer avic-d3) but my old phone does, I want to pair with old phone with new phone’s BT mac and send the contacts, that way when I connect my new phone I have my contacts available.
Got any advise or tip for me to achieve this? Thanks!
on December 19th, 2009 at 1:32 said :
Nice tool thanks,Very Nice Keep up date a more article.
on December 29th, 2009 at 18:15 said :
Hey, why don’t you add the feature to allow me to track replies to comments here?
on January 5th, 2010 at 14:34 said :
A1GtkX =)))))0000000(((((=
on February 6th, 2010 at 2:30 said :
Awesome! Some really helpful information in there. Bookmarked. Excellent source.
on March 17th, 2010 at 5:04 said :
I am happy to find result here in the post, thanks for sharing.
on April 30th, 2010 at 23:23 said :
Hi,
This is useful.This is what I got on using your tool.
root@Workstation:/home/dinesh/bdaddr# ./bdaddr -i hci0 00:23:4E:EB:FB:58
Manufacturer: Broadcom Corporation (15)
Device address: 00:23:4E:EB:FB:56
New BD address: 00:23:4E:EB:FB:58
But, My mac address of Bluetooth didn’t change after reseting
root@Workstation:/home/dinesh/bdaddr# hciconfig hci0 reset
root@Workstation:/home/dinesh/bdaddr# hciconfig hci0
hci0: Type: USB
BD Address: 00:23:4E:EB:FB:56 ACL MTU: 1021:8 SCO MTU: 64:1
UP RUNNING PSCAN
RX bytes:1013 acl:0 sco:0 events:34 errors:0
TX bytes:1347 acl:0 sco:0 commands:34 errors:0
Is there any tool for changing the MAC for Broadcom bluetooth drivers. Or any other problem.
Once again Thanks, I learnt many things from your post
on May 6th, 2010 at 10:49 said :
For people who are not able to set anew mac address, i have the Cambridge Silicon Radio bluetooth in my Dell D620 and I wasnot able to change the mac address since it gets back to the original after the reset. However, i tried the command with (-r) parameter and it worked for me. I got the parameter by doing “./bdaddr -h” but i don’t know what it mean, the most important thing is that it worked.
./bdaddr -r xx:xx:xx:xx:xx:xx
on June 2nd, 2010 at 22:16 said :
I was still unable to rewrite the MAC address. i tried with the -r command but still came up the same. i am using a Broadcom bluetooth device.
on September 3rd, 2010 at 5:03 said :
In my case, it works. using bdaddr tools, the bd_addr is changed but I need to send a hci command to read the bd_addr to update the hciconfig.
I can see now the new BD address using hciconfig and I’m also seen by other devices with the new BD_addr.
The problem I got now is that I can’t pair any devices since BD_addr change. I have try to kill “bluetoothd” of bluez stack and restart it but it still fail. I’m able to scan but can pair.
I think that something is “broken” is bluez in terms of link regarding this change.
on December 15th, 2010 at 15:33 said :
Nice post mate, i was wondering if u can change the mac om bletooth headset? N use both headset with my ps3
on March 10th, 2011 at 8:30 said :
Let us confront it. The PS3 Yellow Light of Death is undoubtedly 1 of the most bothersome difficulty players may possibly encounter. You may well have spent a few hundred in buy to buy the console. And now you encounter this issue. In reality, it is completely feasible to resolve this issue. Nonetheless, you must take some time to do so. And right here are 3 suggestions for you.
Learn more PS3 recommendations
on March 17th, 2011 at 1:10 said :
I need a bluetooth driver for wince,please send to me,thanks。
on March 17th, 2011 at 1:11 said :
xianglianzhai@126.com
on May 26th, 2011 at 5:22 said :
Hello,
Thank you for the post and sharing the information with us. I found it very interesting.
When you see such articles you want to come back to check something new posted here or commented Website Design Delhi
on June 5th, 2011 at 22:13 said :
Nice idea. This is very useful information.! I’ve been researching all day looking for this kind of information. I want to try to analyze those codes. And I need to modify my Bluetooth. Thanks for sharing!
on June 6th, 2011 at 1:01 said :
Thank you for sharing this code. It really useful to us specially me who have the same issue with this.
on June 13th, 2011 at 1:40 said :
O’neill Monster Freak Boardshorts O’neill and Monster Energy Drink combines forces to give you the.Oneill Boardshorts Board Shorts products for ill Mens.Monster Energy Hats, Monster Energy Shirts,Pro Circuit Team Monster Hoody When Team Monster arrived in the racing world they hit the ground running and they haven?t looked back since. Teaming up with One Industries has made the Monster Energy Hoodies even more .
on June 13th, 2011 at 4:43 said :
Monster Energy Clothing are becoming more and more popular. If you have one own Monster Energy Clothes, you will be super cool indeed. Wear Monster Energy Hats to join a motorcycle race now. Monster Energy Logos are not just a logo, it is a spirit!
on November 10th, 2011 at 1:36 said :
Welcome to Snapbackhatsaler.com, where you will find so many surprises on our hats.We Have Huge Range Of Snapback Hats. Cheap NFL, MLB, NBA, Soccer Snapbacks At Unbelievable Prices From Factory Directly.
on December 5th, 2011 at 4:58 said :
Frog Kitchens, great range of kitchen worktops, tiles will give you peace for many years. Check out their wonderful, unique kitchen worktops offer today. I have already selected a worktop for myself. It was very good decision.
on December 12th, 2011 at 19:36 said :
Thank you for the post and sharing the information with us. I found it very interesting.
on December 12th, 2011 at 19:39 said :
In reality, it is completely feasible to resolve this issue.