Re: Question about simple BlueTooth hack

[craig bowser <reswob10 () gmail com>]

Follow up:

Got a suggestions from NoVaHackers to use Car Whisperer.  It works great and
I'm just mucking around with coverting raw to wav with sox now.

Should be a fun demo.

Thanks all.

Craig L Bowser
____________________________

This email is measured by size.  Bits and bytes may have settled during
transport.



On Mon, Mar 14, 2011 at 2:20 PM, Bill Swearingen <hevnsnt () i-hacked com>wrote:

> agreed -- but I was assuming you would be in control of the wireless ;-)
>
>
> On Mon, Mar 14, 2011 at 12:17 PM, Josh More <jmore () starmind org> wrote:
>
> > I think that you should seriously consider the possibility of finding
> > things that you do not wish to find.  As you are dealing with minors the
> > penalties that we all face when doing something "cool" are going to be
> > higher.
> >
> > Driftnet could result in displaying certain images to a group of kids
> > that, if it occurred, could be rather unfortunate for you personally.  If
> > your bluetooth attack finds stuff you are in a tricky reporting scenario.
> >
> > I think that the game idea is the best one, but don't run it on some
> > random kid's phone.  Instead, do it on your own kid's phone (or get a parent
> > or teacher to volunteer their own kid).
> >
> > -Josh More
> >
> >
> > On Mon, Mar 14, 2011 at 10:18 AM, Bill Swearingen <hevnsnt () i-hacked com>wrote:
> >
> > > dude..
> > >
> > > Dont do the bluetooth stuff, go with Driftnet.
> > >
> > > Always a winner with crowds, and shows why free wifi is scrrrrrzy!
> > >
> > >
> > > On Mon, Mar 14, 2011 at 9:08 AM, Robin Wood <robin () digininja org> wrote:
> > >
> > > > On 14 March 2011 11:44, craig bowser <reswob10 () gmail com> wrote:
> > > > > So, I'm giving a talk at my son's school for career day.  My talk is
> > > > mostly
> > > > > on the IA/Infosec career, but I thought I would do a quick simple
> > > > bluetooth
> > > > > hack to cut into the drone of person after person yapping up front.
> > > > These
> > > > > are 6-8th graders... attention span is limited.  I know, I have two.
> > > > >
> > > > > Anyway, I've been trying to get bluenarfer and bluebugger to work to
> > > > either
> > > > > pull out an address book or dial a phone number.  However, I can't
> > > > seem to
> > > > > get it  working. When any connection is made, the phone asks for a pin
> > > > or
> > > > > asks if I want to allow a connection.  I would like the hack to work
> > > > without
> > > > > interaction from the user of the phone.
> > > > >
> > > > > With bluesnarfer I get:
> > > > >
> > > > >
> > > > > root@Joshua:/media/disk/files/
> > > > > bluesnarfer# ./bluesnarfer -r 1-100 -C 1 -b 00:11:22:33:44:55
> > > > > device name: Craig
> > > > > ^Cbluesnarfer: release rfcomm ok
> > > > >
> > > > >
> > > > > I control-C out after a while because bluesnarfer waits and waits, I'm
> > > > > guessing waiting for the phone to accept the connection.
> > > > >
> > > > > With bluebugger I get:
> > > > >
> > > > > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger
> > > > -m
> > > > > Craig -c 1 -a 00:11:22:33:44:55 info
> > > > >
> > > > > bluebugger 0.1 ( MaJoMu | www.codito.de )
> > > > > -----------------------------------------
> > > > >
> > > > > Target Device:    '00:11:22:33:44:55'
> > > > > Target Name:      'Craig'
> > > > >
> > > > > Mobile Identification
> > > > > ---------------------
> > > > >
> > > > > ...done
> > > > >
> > > > >
> > > > > but no data.
> > > > >
> > > > > I tried:
> > > > >
> > > > > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger
> > > > -m
> > > > > Craigc 1 -a 00:11:22:33:44:55 dial 7xxxxxxxxx
> > > > >
> > > > > bluebugger 0.1 ( MaJoMu | www.codito.de )
> > > > > -----------------------------------------
> > > > >
> > > > > Target Device:    '00:11:22:33:44:55'
> > > > > Target Name:      'Craig'
> > > > >
> > > > > Dialing '7xxxxxxxx' ....call to '7xxxxxxxx' should be active now
> > > > >
> > > > > Press <enter> to abort bluetooth connection
> > > > > * shows 'cancel call too?'-popup on Nokia 6310i)
> > > > >
> > > > > but nothing actually dialed.
> > > > >
> > > > > The phones I've been trying are:
> > > > >
> > > > > HTC Droid Incredible
> > > > > LG Cosmos
> > > > > Samsung Intensity
> > > > > Palm Centro
> > > > >
> > > > > I've been doing this on my Ubuntu 10.04 box, but I am definitely open
> > > > to a
> > > > > bootable backtrack CD or other bootable iso.
> > > > >
> > > > > Any suggestions?  Can I somehow pass it the pin or several pins?
> > > > >
> > > > > Thanks
> > > > >
> > > > >
> > > > > Craig L Bowser
> > > >
> > > > There is no way I'd try this without permission, you could get
> > > > yourself into all sorts of trouble.
> > > >
> > > > Probably best get a dummy phone, ask someone to put a contact in it
> > > > then show them how you can get that.
> > > >
> > > > Robin
> > > > _______________________________________________
> > > > Pauldotcom mailing list
> > > > Pauldotcom () mail pauldotcom com
> > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > Main Web Site: http://pauldotcom.com
> > >
> > >
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom () mail pauldotcom com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
> >
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom () mail pauldotcom com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com