PaulDotCom mailing list archives

Re: Question about simple BlueTooth hack

From: Josh More <jmore () starmind org>
Date: Mon, 14 Mar 2011 12:17:55 -0500

I think that you should seriously consider the possibility of finding things
that you do not wish to find.  As you are dealing with minors the penalties
that we all face when doing something "cool" are going to be higher.

Driftnet could result in displaying certain images to a group of kids that,
if it occurred, could be rather unfortunate for you personally.  If your
bluetooth attack finds stuff you are in a tricky reporting scenario.

I think that the game idea is the best one, but don't run it on some random
kid's phone.  Instead, do it on your own kid's phone (or get a parent or
teacher to volunteer their own kid).

-Josh More

On Mon, Mar 14, 2011 at 10:18 AM, Bill Swearingen <hevnsnt () i-hacked com>wrote:

dude..

Dont do the bluetooth stuff, go with Driftnet.

Always a winner with crowds, and shows why free wifi is scrrrrrzy!


On Mon, Mar 14, 2011 at 9:08 AM, Robin Wood <robin () digininja org> wrote:

On 14 March 2011 11:44, craig bowser <reswob10 () gmail com> wrote:


So, I'm giving a talk at my son's school for career day.  My talk is

mostly

on the IA/Infosec career, but I thought I would do a quick simple

bluetooth

hack to cut into the drone of person after person yapping up front.

These

are 6-8th graders... attention span is limited.  I know, I have two.

Anyway, I've been trying to get bluenarfer and bluebugger to work to

either

pull out an address book or dial a phone number.  However, I can't seem

to

get it  working. When any connection is made, the phone asks for a pin

or

asks if I want to allow a connection.  I would like the hack to work

without

interaction from the user of the phone.

With bluesnarfer I get:


root@Joshua:/media/disk/files/
bluesnarfer# ./bluesnarfer -r 1-100 -C 1 -b 00:11:22:33:44:55
device name: Craig
^Cbluesnarfer: release rfcomm ok


I control-C out after a while because bluesnarfer waits and waits, I'm
guessing waiting for the phone to accept the connection.

With bluebugger I get:

root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger

-m

Craig -c 1 -a 00:11:22:33:44:55 info

bluebugger 0.1 ( MaJoMu | www.codito.de )
-----------------------------------------

Target Device:    '00:11:22:33:44:55'
Target Name:      'Craig'

Mobile Identification
---------------------

...done


but no data.

I tried:

root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger

-m

Craigc 1 -a 00:11:22:33:44:55 dial 7xxxxxxxxx

bluebugger 0.1 ( MaJoMu | www.codito.de )
-----------------------------------------

Target Device:    '00:11:22:33:44:55'
Target Name:      'Craig'

Dialing '7xxxxxxxx' ....call to '7xxxxxxxx' should be active now

Press <enter> to abort bluetooth connection
* shows 'cancel call too?'-popup on Nokia 6310i)

but nothing actually dialed.

The phones I've been trying are:

HTC Droid Incredible
LG Cosmos
Samsung Intensity
Palm Centro

I've been doing this on my Ubuntu 10.04 box, but I am definitely open to

bootable backtrack CD or other bootable iso.

Any suggestions?  Can I somehow pass it the pin or several pins?

Thanks


Craig L Bowser


There is no way I'd try this without permission, you could get
yourself into all sorts of trouble.

Probably best get a dummy phone, ask someone to put a contact in it
then show them how you can get that.

Robin
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Question about simple BlueTooth hack craig bowser (Mar 14)
- Re: Question about simple BlueTooth hack Professor Thread (Mar 14)
  - Re: Question about simple BlueTooth hack Jim Halfpenny (Mar 14)
- Re: Question about simple BlueTooth hack Robin Wood (Mar 14)
  - Re: Question about simple BlueTooth hack Bill Swearingen (Mar 14)
    - Re: Question about simple BlueTooth hack Josh More (Mar 14)
    - Re: Question about simple BlueTooth hack craig bowser (Mar 14)
    - Re: Question about simple BlueTooth hack Bill Swearingen (Mar 14)
    - Re: Question about simple BlueTooth hack craig bowser (Mar 15)