nyphonejacks

bluetooth cracking/hacking ?

11 posts in this topic

anyone know much about bluetooth cracking/hacking...

i constantly hear that BT is not secure, and that it is easily hacked...

what i am curious about is that when i attempt to make a BT connection with a device the screen pops up on the device that i am attempting to access, and the passcode needs to be entered on the remote device... i would assume that since the code needs to also be entered onto the remote device then unless you knew the name + BTs equivalent of a MAC address for devices that have already been paired with what you are attempting to connect to, then there would be no way to bypass the notification screen of the remote device - am i wrong? if not, this would mean that if a device was never paired with anything, then it would not be vulnerable to a BT crack/hack....

one of my personal concerns with the security of BT is the fact that i use a BT keyboard on my home PC connected to my LAN...

a curiosity would be to pair with a (my own) cell phone with out the notification and pin request popping up on the screen..

0

Share this post


Link to post
Share on other sites

anyone know much about bluetooth cracking/hacking...

i constantly hear that BT is not secure, and that it is easily hacked...

what i am curious about is that when i attempt to make a BT connection with a device the screen pops up on the device that i am attempting to access, and the passcode needs to be entered on the remote device... i would assume that since the code needs to also be entered onto the remote device then unless you knew the name + BTs equivalent of a MAC address for devices that have already been paired with what you are attempting to connect to, then there would be no way to bypass the notification screen of the remote device - am i wrong? if not, this would mean that if a device was never paired with anything, then it would not be vulnerable to a BT crack/hack....

one of my personal concerns with the security of BT is the fact that i use a BT keyboard on my home PC connected to my LAN...

a curiosity would be to pair with a (my own) cell phone with out the notification and pin request popping up on the screen..

There has not been that much new in the past few years and the stuff there has been was using multiple USRP which will set you back a small fortune. The only other thing people were doing was replacing the firmware on cheap Bluetooth dongles with a firmware from a commercial Bluetooth sniffer as they needed a Cambridge Silicon Radio chip which a lot of cheap dongles use.

Bluetooth fuzzers can produce some interesting results on different phones, there are also a lot of people with old phones out there that a lot of the older tools work on. Some newer phones have odd implementations of the Bluetooth stack, but most phones sold in Europe have a correctly implemented Bluetooth stack now. The focus on phones nowadays seems to mainly be on browser based vulnerabilities, malware and SMS issues.

0

Share this post


Link to post
Share on other sites

anyone know much about bluetooth cracking/hacking...

one of my personal concerns with the security of BT is the fact that i use a BT keyboard on my home PC connected to my LAN...

As mentioned there is a new-wave of research in Bluetooth, mainly driven by the availability of the USRP/USRP2.

At this year Shmoo Con there was a presentation specifically on Bluetooth Keyboards, which you might find interesting.

http://www.shmoocon.org/presentations-all.html#btkey

Mungewell.

0

Share this post


Link to post
Share on other sites

thanks for the replies... looks like i have some research ahead of me..

0

Share this post


Link to post
Share on other sites

does anyone have a list of default pin's per manufacturer?

The one in my bt headset is hardcoded at manufacturer to a default, and Id guess a lot of other lower power bt kit is the same. If you can find the manufacturer from the bluetooth "mac" then you could match against the default pin to do some bluejacking...

0

Share this post


Link to post
Share on other sites

does anyone have a list of default pin's per manufacturer?

The one in my bt headset is hardcoded at manufacturer to a default, and Id guess a lot of other lower power bt kit is the same. If you can find the manufacturer from the bluetooth "mac" then you could match against the default pin to do some bluejacking...

There mostly 0000, 1111 and 1234 from the 20 or so I've seen over the years.

0

Share this post


Link to post
Share on other sites

For the default pins,pretty much the same thing that m3747r0n said,but for a more comprehensive list you might include 2222,3333,4444,4321.

What a long list :wink: lol

0

Share this post


Link to post
Share on other sites

For the default pins,pretty much the same thing that m3747r0n said,but for a more comprehensive list you might include 2222,3333,4444,4321.

What a long list :wink: lol

Yeah. Also car whisperer still works, nothing quite like putting voices in peoples head while they wait for their coffee at Starbucks

0

Share this post


Link to post
Share on other sites

For the default pins,pretty much the same thing that m3747r0n said,but for a more comprehensive list you might include 2222,3333,4444,4321.

What a long list :wink: lol

Yeah. Also car whisperer still works, nothing quite like putting voices in peoples head while they wait for their coffee at Starbucks

Yeah! That seems like a really neat tool! But I've never been able to get that working due to the lack of any documentation....

0

Share this post


Link to post
Share on other sites

http://www.youtube.com/watch?v=1c-jzYAH2gw

Pretty old video, but still working

The video explains a lot

i will have to take a look at that video later when i have my speakers on...

but, it is not exactly what i wanted to accomplish... i just wanted to fill time while on the subway by going thru photos, videos and contacts stored on peoples phones..

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now