Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
378 views3 pages

Bluetooth Tools

This document discusses various Bluetooth hacking tools that can be used to discover nearby Bluetooth devices or exploit vulnerabilities in Bluetooth communication protocols. Discovery tools like Bluescan, Bluesniff, and BTBrowser allow passive scanning to detect hidden or visible Bluetooth devices without pairing. Exploitation tools like BlueBugger and BlueDiving take advantage of vulnerabilities like BlueBug to access private information on a target device without authentication by using hidden Bluetooth channels. Other tools like BTCracker can crack Bluetooth pins through intercepting pairing attempts.

Uploaded by

patrick_lloyd
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
378 views3 pages

Bluetooth Tools

This document discusses various Bluetooth hacking tools that can be used to discover nearby Bluetooth devices or exploit vulnerabilities in Bluetooth communication protocols. Discovery tools like Bluescan, Bluesniff, and BTBrowser allow passive scanning to detect hidden or visible Bluetooth devices without pairing. Exploitation tools like BlueBugger and BlueDiving take advantage of vulnerabilities like BlueBug to access private information on a target device without authentication by using hidden Bluetooth channels. Other tools like BTCracker can crack Bluetooth pins through intercepting pairing attempts.

Uploaded by

patrick_lloyd
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 3

There are a number of utilities specifically designed to attack Bluetooth technology,

which fall in either one of two categories: discovery and exploitation. The tools for

discovering Bluetooth devices are akin to Wi-Fi wardriving, with emphasis on

specifically targeting the communication protocols used by Bluetooth. Examples of

discovery tools include Bluescan, Bluesniff, BTBrowser, and BTCrawler.

Bluescan is a GNU/Linux Bash utility that collects information about nearby

Bluetooth stations without the necessity of pairing with the device. The tool uses passive

scanning methods to determine as much as possible about the Bluetooth devices that it

discovers.

Bluesniff is a discovery tool written by the Shmoo Group that has a front-end

interface, capable of detecting both hidden and discoverable Bluetooth devices. The

application is based off an older utility known as Redfang, which had the capacity to find

hidden stations by using a brute force MAC address synchronization technique.

The BTBrowser application is Java-based, and allows the attacker to query device

information and supported profiles/service records of the Bluetooth devices it encounters.

The utility can be launched from a mobile phone to add ease of use to deployment and

remain inconspicuous.

BTCrawler is designed for Windows mobile devices and is capable of performing

service queries to determine what Bluetooth devices exist in the proximity. The most

recent version of BTCrawler supports bluejacking and bluesnarfing, which are attack

methods that exploit the Bluetooth communication protocols. Bluesnarfing is a method

in which the attacker can steal information stored on the target’s Bluetooth device

(calendar, emails, text messages, contacts, etc.) without the target’s knowledge. Until
recent Bluetooth protocol updates, devices were vulnerable to this attack method, as they

did not require pairing in order to retrieve data from each other.

The previously discussed applications give a general overview of utilities that exist to

discover Bluetooth device targets in one’s proximity. Once the attacker has found his/her

target, the next phase is to launch an attack against it. Some of the utilities that exist to

serve this purpose are BTCrack, BlueBugger, Bluesnarfer, BlueTest, BTAudit, T-BEAR,

Bluediving, and CIHWB. The utilities range from simple scripts to fully-featured

Bluetooth auditing suites.

The first utility to be discussed is BlueBugger, a program that utilizes a known

vulnerability in the Bluetooth protocol called “BlueBug.” This vulnerability is a

progression of the Bluesnarfing technique, allowing access to private information stored

on the device, without requiring the pairing or authentication phase. Bluebugging utilizes

hidden channels that are not advertised by the device’s service discovery protocol.

Within these channels are pathways to the target that do not require traditional Bluetooth

device pairing, thus the attacker has an unrestricted pathway to gain complete control of

the target.

Another utility that takes advantage of the BlueBug vulnerability is BlueDiving. It is

a suite of tools that are used for Bluetooth device penetration testing. The Bluesnarfing

technique used by a previously mentioned discovery utility is accessible via the

BlueDiving framework. In addition, the utility can perform MAC address spoofing,

connection resets, RFCOMM and AT control mechanisms. This suite of tools is similar

to T-BEAR, which is known as the Transiet Bluetooth Environment Auditor. What

differentiates T-BEAR from Bluediving is the addition of Bluetooth authentication


cracking tools. Such cracking tools include BTCrack, which performs a key intercept

attack against a Bluetooth device’s PIN by observing device pairings.

BlueTest is a simple application written in Perl whose sole function is to extract data

from vulnerable Bluetooth devices. This functionality is similar to the BlueBug utility

and it’s ability to perform Bluesnarfing.

You might also like