> Bluetooth Spoofing Toolkit: A Beginner’s Guide to BLE Hacking
🚨 This guide is for educational use only. Don’t test without permission. Always stay ethical.
> 🧿 What is Bluetooth Spoofing?
Bluetooth spoofing is the act of cloning the identity of another device. BLE (Bluetooth Low Energy) is common in smartwatches, trackers, and peripherals. This tutorial shows how to spoof BLE broadcasts using an ESP32.
> 🛠️ What You’ll Need
- ESP32 Dev Board (e.g. WROOM-32)
- Micro-USB cable
- Computer (Windows/Linux/macOS)
> ⚙️ Software Setup
- Install Arduino IDE
- Add this Board Manager URL:
https://raw.githubusercontent.com/espressif/arduino-esp32/gh-pages/package_esp32_index.json - Install “ESP32” in Board Manager
- Libraries:
ESP32 BLE Arduino, optionallyNimBLE-Arduino
> 🧪 Basic BLE Beacon Example
This advertises a BLE signal.
#include <BLEDevice.h>
#include <BLEUtils.h>
#include <BLEServer.h>
void setup() {
Serial.begin(115200);
BLEDevice::init(“ESP32 Beacon”);
BLEServer *pServer = BLEDevice::createServer();
BLEAdvertising *pAdvertising = BLEDevice::getAdvertising();
pAdvertising->start();
Serial.println(“Advertising started…”);
}
void loop() { delay(2000); }
#include <BLEUtils.h>
#include <BLEServer.h>
void setup() {
Serial.begin(115200);
BLEDevice::init(“ESP32 Beacon”);
BLEServer *pServer = BLEDevice::createServer();
BLEAdvertising *pAdvertising = BLEDevice::getAdvertising();
pAdvertising->start();
Serial.println(“Advertising started…”);
}
void loop() { delay(2000); }
> 🧿 BLE MAC Spoofing
Change your BLE MAC address (not WiFi):
#include <BLEDevice.h>
void setup() {
Serial.begin(115200);
BLEDevice::init(“Spoofed Device”);
BLEAddress newAddress(“12:34:56:78:9A:BC”);
esp_ble_gap_set_rand_addr(newAddress.getNative());
BLEAdvertising *pAdvertising = BLEDevice::getAdvertising();
pAdvertising->start();
Serial.println(“Spoofed MAC broadcasting…”);
}
void setup() {
Serial.begin(115200);
BLEDevice::init(“Spoofed Device”);
BLEAddress newAddress(“12:34:56:78:9A:BC”);
esp_ble_gap_set_rand_addr(newAddress.getNative());
BLEAdvertising *pAdvertising = BLEDevice::getAdvertising();
pAdvertising->start();
Serial.println(“Spoofed MAC broadcasting…”);
}
> 📱 Scan Nearby Devices
#include <BLEDevice.h>
void setup() {
Serial.begin(115200);
BLEDevice::init(“”);
BLEScan* scanner = BLEDevice::getScan();
scanner->setActiveScan(true);
scanner->start(10, false);
}
void setup() {
Serial.begin(115200);
BLEDevice::init(“”);
BLEScan* scanner = BLEDevice::getScan();
scanner->setActiveScan(true);
scanner->start(10, false);
}
Use this to find nearby BLE names, addresses, and UUIDs. You can mimic these in your own advertisements.
> 🛡️ Ethical Use Cases
- Security research and demonstrations
- IoT simulation and development
- Building BLE scanner tools
> 📂 Tools Worth Exploring
- nRF Connect – BLE scanner (Android/iOS)
- Wireshark + Ubertooth One – BLE packet capture
- GATTacker – Advanced BLE exploitation (Linux)
> ⚠️ Final Thoughts
Bluetooth spoofing is a fun way to explore radio protocols and embedded systems. Use this knowledge for good. Always document your work, get permission, and hack responsibly.