Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Bluetooth Pentesting?
From: Fabio Nigi <nigifabio () gmx it>
Date: Tue, 22 Aug 2006 14:07:18 +0200

 Mon, Aug 21, 2006 at 07:48:53PM -0500, Robert D. Holtz scrive:
Here's an interesting article on Blue tooth security:

http://ntrg.cs.tcd.ie/undergrad/4ba2.05/group15/index.html

There was also a story circulating awhile back about the ability to transmit
radio directly into someone's car stereo with a directional antenna.  I'm
sorry that I can't recall the details but I found it amusing that you can
mess with someone by having whatever you want coming out their radio ... not
truly a "real" security issue but amusing none the less.


it's a true story, and there is a project called carwhisperer that
make a dedicated software to do it.

http://trifinite.org/trifinite_stuff_carwhisperer.html

i have try some test on a yaris with bluetooth integrated and a standard passkey
and it easy to do

Fabio Nigi

-----Original Message-----
From: steven () lovebug org [mailto:steven () lovebug org] 
Sent: Monday, August 21, 2006 3:06 PM
To: pen-test () securityfocus com
Subject: Bluetooth Pentesting?

Greetings,

Does anyone on this list do bluetooth pentesting?  I have read tons of old
posts and found plenty of tools to do a few different things.  However, I
do not find any of it to be overly useful.  Most of the tools out there
seem to be aimed at certain cell phones or are very specific.  I am trying
to find out what the risks are of all kinds of devices.  I have found
btscanner to be pretty good at detecting devices but it doesn't do too
much other than detect it.  I can scan and pickup 150+ devices and the
Vulnerable to: section is always the same.. blank.  Are all the bluetooth
devices I find so super secure?  I pick up cars, phones, PDAs, computers,
keyboards, etc.  Are there really no risks with these devices?

Is there a better/good tool out there that can really find various
bluetooth devices and tell me what -real- risks might be associated with
them -- on top of that.. is there a good tool for trying to pull data or
use these devices?  Example: a dell or mac laptop has bluetooth on, or a
Treo with it on.. what are the possible risks?  What tools can actually
test if authentication is required for connecting with these devices.. or
whether I can bruteforce it or connect at all?

Any suggestions would be greatly appreciate and I am really trying to do
something more than just "detect" bluetooth devices.  I need to know if
there are risks here.

Thanks


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

-- 

'if you do not see the way, you do not see it even as you walk it'
nigifabio(at)gmx.it // fabiolone.no-ip.info



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]