Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Re[2]: Bluetooth Wireless Keyboards
From: "Nathan Keltner" <shiftnato () gmail com>
Date: Mon, 25 Sep 2006 14:53:17 -0500

I'm sure you don't want to elaborate too much when you're giving a
talk on this topic next month, but can you elaborate any?

Just FYI:
No need to capture anything, you only need to (physicaly, I mean on
the HD) grab the Link key and your set. No need for a pin code either.

If you have physical access to the HD, what extra does possessing the
link key get you?  You already have complete control of the device.
The link key would allow you to decrypt captured packets, but you're
not talking about captured traffic, so I'm confused.

Again, sorry for the cheap plug, but Kevin Finistere and myself are
going to demonstrate both approaches (and a lot more) at Hack.lu
this octobre. If everything goes well I might aswell release some
0day stuff - reconstructing the link key from a pairing exchange
sniff. (In other words 0wnage)

How did you perform the sniff?  Physical tap of some sort?

See you at: http://www.hack.lu


--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7

Regards,
N

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault