brmlab

User Tools

Site Tools

You are here: Hackerspace Prague » Users » Yan » Bluetooth
user:yan:bluetooth

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
user:yan:bluetooth [2017/05/20 14:29] yanuser:yan:bluetooth [2017/05/20 14:35] (current) – [Bluetooth] yan
Line 25: Line 25:
  
 === possible hacks ===  === possible hacks === 
-There is a nice page (hope it still works, if not, i'll try to paste it somewhere else) which basically sums up situation in problematics in 2005 (so it's pretty outdated, but probably usable when some older device comes into range)[[http://www.eetimes.com/document.asp?doc_id=1275730|4]], Then there is github repository owned by pwnieexpress, which was not managed from 2012, but keeps relatively long list of source code to various newer or older hacks.[[https://github.com/pwnieexpress/pwn_plug_sources/tree/master/src/bluetooth|5]] some other information can be found spreaded around internet, but basically many traces of original idea or notes can be found through links which are present in pwnieexpress repository readme files. From list of exploits which are named in above sources few looked interesting.+There is a nice page (hope it still works, if not, i'll try to paste it somewhere else) which basically sums up situation in problematics in 2005 (so it's pretty outdated, but probably usable when some older device comes into range)[[http://www.eetimes.com/document.asp?doc_id=1275730|4]], Then there is github repository owned by pwnieexpress, which was not managed from 2012, but keeps relatively long list of source code to various newer or older hacks.[[https://github.com/pwnieexpress/pwn_plug_sources/tree/master/src/bluetooth|5]] some other information can be found spread around internet, but basically many traces of original idea or notes can be found through links which are present in pwnieexpress repository readme files. From list of exploits which are named in above sources few looked interesting.
  
-  * **bluejacking, bluesnarfing etc** - basicaly working on older devices which has bad implementation of BT protocol, or ommit some security measures. Are nicely explained on BT linux forum [[http://www.backtrack-linux.org/forums/showthread.php?t=5637&s=f59f4f7919b89e8c9d16773560795863|6]] and are probably useless for newer devices.+  * **bluejacking, bluesnarfing etc** - working on older devices which have bad implementation of BT protocol, or ommit some security measures. Usage is nicely explained on BT linux forum [[http://www.backtrack-linux.org/forums/showthread.php?t=5637&s=f59f4f7919b89e8c9d16773560795863|6]]. They are probably useless for newer devices.
   * **HID attacks** - those can be probably easiest to fruitify - basically you should be able to intercept BT keyboard in manner that you can send your own commands through this interface or you can take aquistion of communication.   * **HID attacks** - those can be probably easiest to fruitify - basically you should be able to intercept BT keyboard in manner that you can send your own commands through this interface or you can take aquistion of communication.
-  * **carwhisperer** - have no idea how actual this SW really is, but people ussually change their mobile phone more often than their cars. It should be actually able to record communication in car or in opposite direction send some nice audio into vehicle.+  * **carwhisperer** - have no idea how actual this SW really is, but people ussually change their mobile phone more often than their cars. It should be able to record communication in car or in opposite direction play some nice audio in vehicle.
  
 ===== sources ===== ===== sources =====
user/yan/bluetooth.1495290568.txt.gz · Last modified: 2017/05/20 14:29 by yan