Bluetooth Tools
Bluetooth Tools
Bluetooth Tools
which fall in either one of two categories: discovery and exploitation. The tools for
Bluetooth stations without the necessity of pairing with the device. The tool uses passive
scanning methods to determine as much as possible about the Bluetooth devices that it
discovers.
Bluesniff is a discovery tool written by the Shmoo Group that has a front-end
interface, capable of detecting both hidden and discoverable Bluetooth devices. The
application is based off an older utility known as Redfang, which had the capacity to find
The BTBrowser application is Java-based, and allows the attacker to query device
The utility can be launched from a mobile phone to add ease of use to deployment and
remain inconspicuous.
service queries to determine what Bluetooth devices exist in the proximity. The most
recent version of BTCrawler supports bluejacking and bluesnarfing, which are attack
in which the attacker can steal information stored on the target’s Bluetooth device
(calendar, emails, text messages, contacts, etc.) without the target’s knowledge. Until
recent Bluetooth protocol updates, devices were vulnerable to this attack method, as they
did not require pairing in order to retrieve data from each other.
The previously discussed applications give a general overview of utilities that exist to
discover Bluetooth device targets in one’s proximity. Once the attacker has found his/her
target, the next phase is to launch an attack against it. Some of the utilities that exist to
serve this purpose are BTCrack, BlueBugger, Bluesnarfer, BlueTest, BTAudit, T-BEAR,
Bluediving, and CIHWB. The utilities range from simple scripts to fully-featured
on the device, without requiring the pairing or authentication phase. Bluebugging utilizes
hidden channels that are not advertised by the device’s service discovery protocol.
Within these channels are pathways to the target that do not require traditional Bluetooth
device pairing, thus the attacker has an unrestricted pathway to gain complete control of
the target.
a suite of tools that are used for Bluetooth device penetration testing. The Bluesnarfing
BlueDiving framework. In addition, the utility can perform MAC address spoofing,
connection resets, RFCOMM and AT control mechanisms. This suite of tools is similar
BlueTest is a simple application written in Perl whose sole function is to extract data
from vulnerable Bluetooth devices. This functionality is similar to the BlueBug utility