BlueTooth Hacking
Before any two bluetooth enabled devices can start communicating with one another, they must carry out a procedure known as discovery. It can be carried out by scanning for other active devices within the range.
Recommended
Tools |
||
BlueScanner |
It
will try to extract as much information as possible for
each newly discovered device |
|
BlueSniff |
It is a GUI-based
utility for finding discoverable and hidden Bluetooth-enabled
devices |
|
BTBrowser |
It is a J2ME application
that can browse and explore the technical specification
of surrounding Bluetooth enabled devices. It works on phones
that supports JSR-82 - the Java Bluetooth specification |
|
BTCrawler |
It is a scanner
for Windows Mobile based devices. It also implements the
BlueJacking and BlueSnarfing attacks |
----- |
Hacking Bluetooth Devices :-
There are a variety of different types of bluetooth related threats
and attacks that can be executed against unsuspecting mobile phone
users. Following are some of the most common types of threats
:-
1) BluePrinting Attack :- Information gathering
is the first step in the quest to break into target system. Even
BlueTooth devices can be fingerprinted or probed for information
gathering using the technique known as BluePrinting. Using this
one can determine manufacturer, model, version, etc. for target
bluetooth enabled device.
Recommended
Tools |
||
BluePrint |
As
the name suggests |
|
BTScanner |
It is an information
gathering tool that allows attacker to query devices without
the need to carry out pairing |
2) BlueJack Attack :- Bluejacking is the process of sending an anonymous message from a bluetooth enabled phone to another, within a particular range without knowing the exact source of the recieved message to the recepient.
Recommended
Tools |
||
FreeJack |
Bluejacking
tool written in JAVA |
----- |
CIHWB |
Can I Hack With
Bluetooth (CIHWB) is a Bluetooth security auditing framework
for Windows Mobile 2005. Supports BlueSnarf, BlueJack, and
some DoS attacks. Should work on any PocketPC with the Microsoft
Bluetooth stack |
3) BlueSnarf Attack :- Bluesnarfing is the process of connecting vulnerable mobile phones through bluetooth, without knowing the victim. It involves OBEX protocol by which an attacker can forcibly push/pull sensitive data in/out of the victim's mobile phone, hence also known as OBEX pull attack.
This attack requires J2ME enabled mobile phones as the attacker tool. With J2ME enabled phone, just by using bluesnarfing tools like Blooover, Redsnarf, Bluesnarf, etc. an attacker can break into target mobile phone for stealing sensitive data such as address book, photos, mp3, videos, SMS, ......!
Recommended
Tools |
||
Blooover |
It
is a J2ME-based auditing tool. It is intended to serve as
an auditing tool to check whether a mobile phone is vulnerable.
It can also be used to carry out BlueBug attack |
|
RedSnarf |
One of the best
bluesnarfing tool |
----- |
BlueSnarfer |
It downloads the
phone-book of any mobile device vulnerable to Bluesnarfing |