Girovagando in rete, ho trovato alcune pagine molto ben fatte sull’hacking Bluetooth.

In particolare, oltre al spiegare cosa sia questo campo (e la differenza tra Bluejacking e Bluesnarfing) vengono fatte delle liste di software che possono essere utili ad avvicinarsi a questo “mondo” :)

Questo un elenco di software che possiamo installare sul nostro telefono cellulare con supporto Java o Windows Mobile.

Quest’altra lista, invece, contiene software per linux (secondo me i “migliori”).

Ne cito uno, in particolare: Bluediving

Di seguito riporto alcuni importanti comandi (per linux) per gestire la nostra periferica bluetooth (via http://bluetooth-pentest.narod.ru/ ):

usefull tools/commands:
lsusb -v – linux tool to list USB devices

hciconfig from BlueZ – configure Bluetooth devices
hciconfig hciN -a – get extended info about hciN device
hciconfig hciN commands – display supported commands
hciconfig hciN features – display device features
hciconfig hciN revision – display revision information



bccmd from BlueZ – utility for the CSR BCCMD interface
bccmd -d hciN buildname – get the full build name
bccmd -d hciN memtypes – get memory types
bccmd -d hciN pslist – list all PS keys
bccmd -d hciN psread – read all PS keys

hcidump from BlueZ – reads raw HCI data coming from and going to a Bluetooth device (which can be specified with the option -i, default is the first available one) and prints to screen commands, events and data in a human-readable form.
hcidump -i hciN -t -X -V – prints a lot of data

firmware
dfutool from BlueZ – device firmware upgrade utility
dfutool verify <dfu-file> – display information about the firmware file
dfutool modify <dfu-file> – change DFU specific values in the firmware file
dfutool -d hci0 upgrade <dfu-file> – upgrade the device with a new firmware
dfutool -d hci0 archive <dfu-file> – archive the current firmware of the device

device visibility
hciconfig hciN piscan – enable page and inquiry scan visibility
hciconfig hciN noscan – disable page and inquiry scan visibility
hciconfig hciN iscan – enable inquiry scan, disable page scan visibility
hciconfig hciN pscan – enable page scan, disable inquiry scan visibility

change the name and class of device
set local name to name fue: hciconfig hciN name <fue>
set class of device to 0×00000: hciconfig hciN class <0×00000>
~ web-based Bluetooth Class of Device/Service (CoD) Generator
~ change the CoD of your Bluetooth enabled PalmOS device – BTClass
q. smartphones?

change the VID&PID
set usb vendor id to 0×0a12: bccmd -d hciN psset -s 0×0001 0×02be 0×0a12
set usb product id to 0×0001: bccmd -d hciN psset -s 0×0001 0×02bf 0×0001
~ List of USB ID’s http://www.linux-usb.org/usb.ids

change the BT device address (BD_ADDR)
bccmd from BlueZ, set the bluetooth address to 01:02:03:04:05:06:
bccmd -d hciN psset -r bdaddr 0×04 0×00 0×06 0×05 0×03 0×00 0×02 0×01
setbtaddr.py – python wrapper for the bccmd command to set the btaddr
setbd-affix.c Tool to Set Ericsson ROK 101 008 Bluetooth Address using Affix stack
setbd-bluez.c set BD_ADDR on Ericsson ROK 101 008 using bluez
setbd-gumstix-bluez.c Bluez tool to set BD_ADDR on Infineon ROK 104 001
bdaddr from BlueZ for some Ericsson, CSR, Texas Instruments, Zeevo, ST Microelectronics:
bdaddr -i hciN <new_addr>
~ public OUI listing – http://standards.ieee.org/regauth/oui/index.shtml


Popularity: 17% [?]