Penetration Testing mailing list archives
Re: Bluetooth Pentesting?
From: Times Enemy <times () krr org>
Date: Tue, 22 Aug 2006 07:42:56 -0700
Greetings. Of course there are risks with Bluetooth.Bluetooth security is generally so pathetic, in regards to factory set defaults in use, that all you need is some sort of method of attempting a passkey, such as a BT enabled laptop, or even a phone or PDA, and about three generic attempts. If the three do not work, try to identify the hardware, and simply all their technical support, or read their documentation.
Most wireless systems are vulnerable at authentication. So, the only trick then becomes to drop the connection and listen.
http://trifinite.org/ has an interesting project related to car systems (Car Whisperer), and i believe they branch out some with their BT Audit tool and such. I have not had the opportunity to test it, but their site/documentation/articles make for good reading.
http://www.google.com/search?hl=en&lr=&q=hijack+bluetooth&btnG=Search ought to yield enough reading to get practical.
.times enemy Key Rack Research - http://www.krr.org steven () lovebug org wrote:
Greetings, Does anyone on this list do bluetooth pentesting? I have read tons of old posts and found plenty of tools to do a few different things. However, I do not find any of it to be overly useful. Most of the tools out there seem to be aimed at certain cell phones or are very specific. I am trying to find out what the risks are of all kinds of devices. I have found btscanner to be pretty good at detecting devices but it doesn't do too much other than detect it. I can scan and pickup 150+ devices and the Vulnerable to: section is always the same.. blank. Are all the bluetooth devices I find so super secure? I pick up cars, phones, PDAs, computers, keyboards, etc. Are there really no risks with these devices? Is there a better/good tool out there that can really find various bluetooth devices and tell me what -real- risks might be associated with them -- on top of that.. is there a good tool for trying to pull data or use these devices? Example: a dell or mac laptop has bluetooth on, or a Treo with it on.. what are the possible risks? What tools can actually test if authentication is required for connecting with these devices.. or whether I can bruteforce it or connect at all? Any suggestions would be greatly appreciate and I am really trying to do something more than just "detect" bluetooth devices. I need to know if there are risks here. Thanks ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- Penetration Testing - Human Factor Marios A. Spinthiras (Aug 21)
- Bluetooth Pentesting? steven (Aug 21)
- RE: Bluetooth Pentesting? Robert D. Holtz (Aug 21)
- Re: Bluetooth Pentesting? Fabio Nigi (Aug 22)
- Re: Bluetooth Pentesting? Thor (Hammer of God) (Aug 22)
- SV: Bluetooth Pentesting? Martin Gustafsson (Aug 22)
- Re[2]: Bluetooth Pentesting? Thierry Zoller (Aug 22)
- Re: Bluetooth Pentesting? Times Enemy (Aug 22)
- RE: Bluetooth Pentesting? Robert D. Holtz (Aug 21)
- RE: Penetration Testing - Human Factor Paul Melson (Aug 21)
- RE: Penetration Testing - Human Factor Arian J. Evans (Aug 21)
- Re: Penetration Testing - Human Factor Marios A. Spinthiras (Aug 23)
- RE: Penetration Testing - Human Factor Isaac Van Name (Aug 24)
- RE: Penetration Testing - Human Factor StyleWar (Aug 26)
- Re: Penetration Testing - Human Factor Marios A. Spinthiras (Aug 23)
- Re: Penetration Testing - Human Factor R. DuFresne (Aug 22)
- RE: Penetration Testing - Human Factor StyleWar (Aug 26)
- <Possible follow-ups>
- Re: Penetration Testing - Human Factor Catsworth (Aug 22)
- RE: Penetration Testing - Human Factor KeenerPB (Aug 22)
- Re: Penetration Testing - Human Factor Joey Peloquin (Aug 23)
(Thread continues...)
- Bluetooth Pentesting? steven (Aug 21)