Discovering Bluetooth Devices :-
Before any two bluetooth enabled
devices can start communicating with
one another, they must carry out a procedure known as discovery. It
can be carried out by scanning for other active devices within the
range.
Recommended
Tools
BlueScanner - It
will try to extract as much information as possible for
each newly discovered device.
BlueSniff -It is a GUI-based
utility for finding discoverable and hidden Bluetooth-enabled
devices.
BTBrowser -It is a J2ME application
that can browse and explore the technical specification
of surrounding Bluetooth enabled devices. It works on
phones
that supports JSR-82 - the Java Bluetooth specification.
BTCrawler -It is a scanner
for Windows Mobile based devices. It also implements the
BlueJacking and BlueSnarfing attacks.
Hacking Bluetooth Devices :-
There are a variety of different types of bluetooth related threats
and attacks that can be executed against unsuspecting mobile
phone
users. Following are some of the most common types of threats
:-
1) BluePrinting Attack :- Information gathering
is the first step in the quest to break into target system. Even
BlueTooth devices can be fingerprinted or probed for information
gathering using the technique known as BluePrinting. Using this
one can determine manufacturer, model, version, etc. for target
bluetooth enabled device.
Recommended
Tools
BluePrint -As
the name suggests.
BTScanner -It is an information
gathering tool that allows attacker to query devices without
the need to carry out pairing.
2) BlueJack Attack :- Bluejacking is the process
of sending an anonymous message from a bluetooth enabled
phone to
another, within a particular range without knowing the exact source
of the recieved message to the recepient.
Recommended
Tools
FreeJack -Bluejacking
tool written in JAVA.
CIHWB -Can I Hack With
Bluetooth (CIHWB) is a Bluetooth security auditing framework
for Windows Mobile 2005. Supports BlueSnarf, BlueJack, and
some DoS attacks. Should work on any PocketPC with the Microsoft
Bluetooth stack.
3) BlueSnarf Attack :- Bluesnarfing is the
process of connecting vulnerable
mobile phones through bluetooth,
without knowing the victim. It involves OBEX protocol by which an
attacker can forcibly push/pull sensitive data in/out of the victim's
mobile phone, hence also known as OBEX pull attack.
This attack requires J2ME enabled
mobile phones as the attacker
tool. With J2ME enabled phone, just by using bluesnarfing tools
like Blooover, Redsnarf, Bluesnarf, etc. an attacker can break into
target mobile phone for stealing sensitive data such as
address
book, photos, mp3, videos, SMS, ......!
Recommended
Tools
Blooover -It
is a J2ME-based auditing tool. It is intended to serve as
an auditing tool to check whether a mobile phone is vulnerable.
It can also be used to carry out BlueBug attack.
RedSnarf -One of the best
bluesnarfing tool.
BlueSnarfer -It downloads the
phone-book of any mobile device vulnerable to Bluesnarfing
4) Blue Backdoor Attack :- Here, the bluetooth
related vulnerability exploits the pairing mechanism that is used
to establish a connection between two bluetooth enabled devices.Not
only does it gives the attacker complete access and control over the
target but also allows the attacker to place strategic backdoors for
continued access and entry.
5) BlueBug Attack :- It was first discovered
by Martin Herfurt and allows attackers to gain complete control over
the data, voice and messaging channels of vulnerable target mobile
phones.
Recommended
Tools
BlueBugger -Exploits
the BlueBug vulnerability.
Bluediving -It
is a Bluetooth penetration testing suite. It implements
attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack,
etc.
6) The bluetooth protocol
allows devices to use 16 digit long pairing codes. Unfortunately many
applications continue to use only 4 digit pairing codes which can
be easily brute-forced. This is known as short pairing codes.
Most slave bluetooth devices continue to use default pairing codes
such as 0000, 1111, 1234, etc. So, easy to crack and gain access...!
Recommended
Tools
BTCrack - BTCrack
is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack
aims to reconstruct the Passkey and the Link key from captured
Pairing exchanges.
Other Powerful BlueTooth
Hacking Tools-
Transient Bluetooth Environment Auditor :- T-BEAR is a security-auditing
platform for Bluetooth-enabled devices. The platform consists of
Bluetooth discovery tools, sniffing tools and various cracking tools.
BlueTest :- BlueTest is a Perl script
designed to do data extraction from vulnerable Bluetooth-enabled
devices.
BTAudit :- BTAudit is a set of programs
and scripts for auditing Bluetooth-enabled devices.
RedFang :- It is a brute force tool
that finds even non-discoverable device.
BlueAlert :- A windows based tool that
runs on bluetooth enabled computer and alerts the user each time
a blurtooth device leaves or enters into its range.
BlueFang :- Similar to BlueAlert.
Bluestumbler :- One of the best BluePrinting
tool.
Super Bluetooth Hack :-
With this java software you can connect to another mobile and ….
Once connected to a another phone via bluetooth you can-
- Read his/her messages
- Read his/her contacts
- Change profile
- Play ringtone even if phone is on silent
- Play songs
- Restart the phone
- Switch off the phone
- Restore factory settings
- Change ringing volume
- Call from his phone it includes all call functions like hold, etc.
Notes:-
1) When connecting devices use a code 0000
2) At start of program on smartphones do not forget to turn on
bluetooth before start of the mobile .
