O'Reilly logo

Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

7.5. Mounting a Bluetooth Attack

Hacking Bluetooth devices is secondary in the overall scheme of wireless devices so I'm not going to spend too long talking about it; however I will introduce you to a couple of tools and attacks that, if nothing else, will give you some fun.

See Chapter 8 for some discussion of Bluetooth kit. Attacks against Bluetooth devices (predominantly mobile phones) fall into three categories:

  • BlueJacking – This means using a phone to send anonymous messages to people using the Bluetooth protocol. This can be very entertaining and has its uses in a social engineering context.

  • BlueSnarfing – This means taking details from mobile phones without the permission of the owner. This can include calendar entries, address book entries, and short message service (SMS) messages. In general, only older phones are vulnerable to BlueSnarfing.

  • Eavesdropping Attacks – A lot of people use Bluetooth headsets. It is sometimes possible to capture and record this voice traffic. Occasionally, it is possible to inject voice into the stream. A tool released a few years ago allowed you to do exactly this to car radios. (This tool is called Car Whisperer and is on the BackTrack CD-ROM.)

7.5.1. BlueJacking

A few years ago at the Infosec conference in London, a friend of mine, furious at his recent redundancy, decided to get even with the company in question, which had exhibitors in attendance. (We'll call it Company X for the purposes of this discussion.) He wrote a small program that ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required