mailing list archives
Re: Bluetooth related security problem with Motorola E398 GSM phone
From: Thierry Zoller <Thierry () sniff-em com>
Date: Sat, 7 May 2005 15:21:30 +0200
Dear Tonu Samuel,
This is expected behaviour and refered to as the "Backdoor" attack,
once you have an existing pair (Backdoor) you can connect to it without
further warning message (again depends on implementation).
So yes as far as I am concerned there is not much to fix here, except
perhaps to display a warning message DEVICE XY connects (YES NO) even
BTW, Similar problems are in SonyEricsson.
Type? Lots of (older) Ericcson phones are known to be epxloitable.
(T68, 680 etc), this is documented on the bunker.net site.
TS> I got Motorola E398 phone and was trying all known bluetooth exploits on it.
TS> None of them worked (which is good of course). But meanwhile I got some ideas
TS> and after some modifications to existing exploits I found a way to fool my
TS> phone. This is not a very brilliant exploit, so I can post full disclosure
TS> here but would be nice if someone can forward it to right people in Motorola.
mailto:Thierry () sniff-em com
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/