Full Disclosure mailing list archives
Re: Bluetooth keyloggers?
From: Michael Holstein <michael.holstein () csuohio edu>
Date: Thu, 06 Nov 2008 15:39:53 -0500
Just wondering if anyone has technical feedback/musings on the emerging bluetooth keyloggers available, such as the following products:
Yeah .. use a USB keyboard ;)
* Remote discovery of these devices (active and passive) via bluetooth, localhost device discovery, any other means, etc.
Bluesniff can discover devices (including non-discoverable ones, if they're active) .. much like you can find wifi devices even if the SSID is hidden. Even though BT is encrypted, you can still see the frames at L2. They can also be found the same way one find hidden 2.4ghz cameras .. using spectrum analyzers (I have an icom handheld that does this marginally well if you're close enough).
* Countermeasures, any and all, including isolated "jamming" and, if feasible, control of data flow or "injection" of false data
Well, if you're willing to throw the "Part B" rules out the window .. any broadband noise generator tuned to the appropriate frequency will work. Most of the cheap-o Chinese jammers for Cellphone/GPS are just a simple VCO and amplifier .. easy to tune into the appropriate band. As for injection .. with the bluejacking tools you can force a re-pairing, and then bruteforce. Since the devices you link to are designed to be passive, I'd imagine they'd automatically re-pair (versus a phone, which would prompt the user to do something).
* Real-world performance in light of interference (signal and obstacles)
bluetooth dongle to my Samsung cellphone works ~20' in a typical office. Their statement about a "football field" is only true if you were actually in an open field.
* Any other "stuff" -- honeypots, long-distance snarfage, creative applications, automation, etc. ;-)
.. a 24db parabolic plus a bluetooth dongle modded for an external antenna can give you several hundred feet, easily. Cheers, Michael Holstein CISSP GCIA Cleveland State University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Bluetooth keyloggers? Shawn Merdinger (Nov 06)
- Re: Bluetooth keyloggers? Michael Holstein (Nov 06)
- Re: Bluetooth keyloggers? Thierry Zoller (Nov 06)