Girovagando in rete, ho trovato alcune pagine molto ben fatte sull’hacking Bluetooth.

In particolare, oltre al spiegare cosa sia questo campo (e la differenza tra Bluejacking e Bluesnarfing) vengono fatte delle liste di software che possono essere utili ad avvicinarsi a questo “mondo”

Questo un elenco di software che possiamo installare sul nostro telefono cellulare con supporto Java o Windows Mobile.

Quest’altra lista, invece, contiene software per linux (secondo me i “migliori”).

Ne cito uno, in particolare: Bluediving

Di seguito riporto alcuni importanti comandi (per linux) per gestire la nostra periferica bluetooth (via http://bluetooth-pentest.narod.ru/ ):

usefull tools/commands:
lsusb -v - linux tool to list USB devices

hciconfig from BlueZ - configure Bluetooth devices
hciconfig hciN -a - get extended info about hciN device
hciconfig hciN commands - display supported commands
hciconfig hciN features - display device features
hciconfig hciN revision - display revision information

bccmd from BlueZ - utility for the CSR BCCMD interface
bccmd -d hciN buildname - get the full build name
bccmd -d hciN memtypes - get memory types
bccmd -d hciN pslist - list all PS keys
bccmd -d hciN psread - read all PS keys

hcidump from BlueZ - reads raw HCI data coming from and going to a Bluetooth device (which can be specified with the option -i, default is the first available one) and prints to screen commands, events and data in a human-readable form.
hcidump -i hciN -t -X -V - prints a lot of data

firmware
dfutool from BlueZ - device firmware upgrade utility
dfutool verify <dfu-file> - display information about the firmware file
dfutool modify <dfu-file> - change DFU specific values in the firmware file
dfutool -d hci0 upgrade <dfu-file> - upgrade the device with a new firmware
dfutool -d hci0 archive <dfu-file> - archive the current firmware of the device

device visibility
hciconfig hciN piscan - enable page and inquiry scan visibility
hciconfig hciN noscan - disable page and inquiry scan visibility
hciconfig hciN iscan - enable inquiry scan, disable page scan visibility
hciconfig hciN pscan - enable page scan, disable inquiry scan visibility

change the name and class of device
set local name to name fue: hciconfig hciN name <fue>
set class of device to 0×00000: hciconfig hciN class <0×00000>
~ web-based Bluetooth Class of Device/Service (CoD) Generator
~ change the CoD of your Bluetooth enabled PalmOS device - BTClass
q. smartphones?

change the VID&PID
set usb vendor id to 0×0a12: bccmd -d hciN psset -s 0×0001 0×02be 0×0a12
set usb product id to 0×0001: bccmd -d hciN psset -s 0×0001 0×02bf 0×0001
~ List of USB ID’s http://www.linux-usb.org/usb.ids

change the BT device address (BD_ADDR)
bccmd from BlueZ, set the bluetooth address to 01:02:03:04:05:06:
bccmd -d hciN psset -r bdaddr 0×04 0×00 0×06 0×05 0×03 0×00 0×02 0×01
setbtaddr.py - python wrapper for the bccmd command to set the btaddr
setbd-affix.c Tool to Set Ericsson ROK 101 008 Bluetooth Address using Affix stack
setbd-bluez.c set BD_ADDR on Ericsson ROK 101 008 using bluez
setbd-gumstix-bluez.c Bluez tool to set BD_ADDR on Infineon ROK 104 001
bdaddr from BlueZ for some Ericsson, CSR, Texas Instruments, Zeevo, ST Microelectronics:
bdaddr -i hciN <new_addr>
~ public OUI listing - http://standards.ieee.org/regauth/oui/index.shtml

Tags

Hacking, Informatica, Linux, Mobile

Popularity: 11% [?]

Leggi anche

• HTC Diamond - Acquistato, prime impressioni
• Wireless: craccare rete wifi (protetta da WEP)