Differences

This shows you the differences between two versions of the page.

--- user:yan:bluetooth [2017/05/20 14:26] – [Bluetooth] yan
+++ user:yan:bluetooth [2017/05/20 14:35] (current) – [Bluetooth] yan
@@ Line 22: / Line 22: @@
 === passive monitoring (airodump like) & wireshark connection ===
-Basically typical BT devices which are nowadays mounted into PC are not accustomed to be used to just scan ether and send all informations to PC, but just informs PC of things wihch radio finds somehow interesting or important or are requested. [[https://ask.wireshark.org/questions/15837/what-equipment-can-i-use-to-capture-bluetooth-packets#answer-container-15838 |1]] This mean, that basically nowadays I do not know about simple way how to put ordinary BT device into monitor mode. Solution for this problem is Ubertooth[[https://greatscottgadgets.com/ubertoothone/|2]] which is specially crafted hardware for this (and also bunch of other) purpose. Than through sequence of SW you can basically get it running in a way, that you can basicaly create kismet dump, which you can then interpret in wireshark.[[https://wiki.wireshark.org/CaptureSetup/Bluetooth|3]]
+Basically typical BT devices which are nowadays mounted into PC are not accustomed to be used to just scan ether and send all informations to PC, but just informs PC of things whitch radio finds somehow interesting or important or are requested. [[https://ask.wireshark.org/questions/15837/what-equipment-can-i-use-to-capture-bluetooth-packets#answer-container-15838 |1]] This means that basically nowadays I do not know about simple way how to put ordinary BT device into monitor mode. Solution for this problem is Ubertooth[[https://greatscottgadgets.com/ubertoothone/|2]] which is specially crafted hardware for this (and also bunch of other) purpose. Then through sequence of SW you can basically get it running in a way that you can basicaly create kismet dump, which you can then interpret in wireshark.[[https://wiki.wireshark.org/CaptureSetup/Bluetooth|3]]
 === possible hacks ===
-there is a nice page (hope it still works, if not, i'll try to paste it somewhere else) which basically sums up situation in problematics in 2005 (so it's pretty outdated, but probably usable to know when some older device comes into range)[[http://www.eetimes.com/document.asp?doc_id=1275730|4]], Then there is github repository owned by pwnieexpress, which was not managed from 2012, but keeps relatively long list of source code to various newer or older hacks.[[https://github.com/pwnieexpress/pwn_plug_sources/tree/master/src/bluetooth|5]] some other information can be found spreaded around internet, but basically many traces of original idea or notes can be found through links which are present in pwnieexpress repository readme files. From list of exploits which are named in above sources few looked interesting.
+There is a nice page (hope it still works, if not, i'll try to paste it somewhere else) which basically sums up situation in problematics in 2005 (so it's pretty outdated, but probably usable when some older device comes into range)[[http://www.eetimes.com/document.asp?doc_id=1275730|4]], Then there is github repository owned by pwnieexpress, which was not managed from 2012, but keeps relatively long list of source code to various newer or older hacks.[[https://github.com/pwnieexpress/pwn_plug_sources/tree/master/src/bluetooth|5]] some other information can be found spread around internet, but basically many traces of original idea or notes can be found through links which are present in pwnieexpress repository readme files. From list of exploits which are named in above sources few looked interesting.
-  * **bluejacking, bluesnarfing etc** - basicaly working on older devices which has bad implementation of BT protocol, or ommit some security measures. Are nicely explained on BT linux forum [[http://www.backtrack-linux.org/forums/showthread.php?t=5637&s=f59f4f7919b89e8c9d16773560795863|6]] and are probably useless for newer devices.
+  * **bluejacking, bluesnarfing etc** - working on older devices which have bad implementation of BT protocol, or ommit some security measures. Usage is nicely explained on BT linux forum [[http://www.backtrack-linux.org/forums/showthread.php?t=5637&s=f59f4f7919b89e8c9d16773560795863|6]]. They are probably useless for newer devices.
   * **HID attacks** - those can be probably easiest to fruitify - basically you should be able to intercept BT keyboard in manner that you can send your own commands through this interface or you can take aquistion of communication.
-  * **carwhisperer** - have no idea how actual this SW really is, but people ussually change their mobile phone more often than their cars. It should be actually able to record communication in car or in opposite direction send some nice audio into vehicle.
+  * **carwhisperer** - I have no idea how actual this SW really is, but people ussually change their mobile phone more often than their cars. It should be able to record communication in car or in opposite direction play some nice audio in vehicle.
 ===== sources =====