-: Blue Tooth Hacking :-
Discovering Bluetooth Devices :-
Before any two bluetooth enabled devices can start communicating with one another, they must carry out a procedure known as discovery. It can be carried out by scanning for other active devices within the range.
Recommended Tools
BlueScanner It will try to extract as much information as possible for each newly discovered device Download
BlueSniff It is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices Download
BTBrowser It is a J2ME application that can browse and explore the technical specification of surrounding Bluetooth enabled devices. It works on phones that supports JSR-82 - the Java Bluetooth specification Download
BTCrawler It is a scanner for Windows Mobile based devices. It also implements the BlueJacking and BlueSnarfing attacks -----
Hacking Bluetooth Devices :-
There are a variety of different types of bluetooth related threats and attacks that can be executed against unsuspecting mobile phone users. Following are some of the most common types of threats :-
1) BluePrinting Attack :- Information gathering is the first step in the quest to break into target system. Even BlueTooth devices can be fingerprinted or probed for information gathering using the technique known as BluePrinting. Using this one can determine manufacturer, model, version, etc. for target bluetooth enabled device.
Recommended Tools
BluePrint As the name suggests Download
BTScanner It is an information gathering tool that allows attacker to query devices without the need to carry out pairing Download
2) BlueJack Attack :- Bluejacking is the process of sending an anonymous message from a bluetooth enabled phone to another, within a particular range without knowing the exact source of the recieved message to the recepient.
Recommended Tools
FreeJack Bluejacking tool written in JAVA -----
CIHWB Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Supports BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack Download
3) BlueSnarf Attack :- Bluesnarfing is the process of connecting vulnerable mobile phones through bluetooth, without knowing the victim. It involves OBEX protocol by which an attacker can forcibly push/pull sensitive data in/out of the victim's mobile phone, hence also known as OBEX pull attack.
This attack requires J2ME enabled mobile phones as the attacker tool. With J2ME enabled phone, just by using bluesnarfing tools like Blooover, Redsnarf, Bluesnarf, etc. an attacker can break into target mobile phone for stealing sensitive data such as address book, photos, mp3, videos, SMS, ......!
Recommended Tools
Blooover It is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable. It can also be used to carry out BlueBug attack Download
RedSnarf One of the best bluesnarfing tool -----
BlueSnarfer It downloads the phone-book of any mobile device vulnerable to Bluesnarfing Download
4) Blue Backdoor Attack :- Here, the bluetooth related vulnerability exploits the pairing mechanism that is used to establish a connection between two bluetooth enabled devices.Not only does it gives the attacker complete access and control over the target but also allows the attacker to place strategic backdoors for continued access and entry.
5) BlueBug Attack :- It was first discovered by Martin Herfurt and allows attackers to gain complete control over the data, voice and messaging channels of vulnerable target mobile phones.
Recommended Tools
BlueBugger Exploits the BlueBug vulnerability Download
Bluediving It is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, etc. Download
6) The bluetooth protocol allows devices to use 16 digit long pairing codes. Unfortunately many applications continue to use only 4 digit pairing codes which can be easily brute-forced. This is known as short pairing codes.
Most slave bluetooth devices continue to use default pairing codes such as 0000, 1111, 1234, etc. So, easy to crack and gain access...!
Recommended Tools
BTCrack BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges Download
-: Other Powerful BlueTooth Hacking Tools :-
Transient Bluetooth Environment Auditor :- T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools. Download
BlueTest :- BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices. Download
BTAudit :- BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices. Download
RedFang :- It is a brute force tool that finds even non-discoverable device.
Download
BlueAlert :- A windows based tool that runs on bluetooth enabled computer and alerts the user each time a blurtooth device leaves or enters into its range.
BlueFang :- Similar to BlueAlert.
Bluestumbler :- One of the best BluePrinting tool.
Super Bluetooth Hack :- With this java software you can connect to another mobile and ….
Once connected to a another phone via bluetooth you can-
Read his/her messages
Read his/her contacts
Change profile
Play ringtone even if phone is on silent
Play songs
Restart the phone
Switch off the phone
Restore factory settings
Change ringing volume
Call from his phone it includes all call functions like hold, etc.
Notes:-
1) When connecting devices use a code 0000
2) At start of program on smartphones do not forget to turn on bluetooth before start of the mobile .
Download- Super_Bluetooth_Hack_v1.07.zip (99 KB)
0 comments:
Post a Comment