lập trình Bluetooth tools
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (3.77 MB, 30 trang )
BLUETOOTH TOOLS
Sil Janssens
April 18, 2005
Abstract
Many different tools to access Bluetooth devices can be found on the internet and p2p
networks. This document gives a very short overview of the different tools related to
Bluetooth security.
Date Author Comment
18/05/2005 Sil Janssens small error corrected
14/05/2005 Sil Janssens adding new tools dicovered
08/05/2005 Sil Janssens adding new tools dicovered
05/05/2005 Sil Janssens adding new tools dicovered
07/12/2004 Sil Janssens corrections after remarks of Dave Singelee
26/11/2004 Sil Janssens additions and corrections
24/11/2004 Sil Janssens additions
22/11/2004 Sil Janssens First Draft
Table 1: Version History
Contents
1 Introduction 6
1.1 Purpose and scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.2 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2 Bluetooth Tools 7
2.1 Affix Bluetooth Stack . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 8
2.2 Blooover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 9
2.3 BlueAlert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.3.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.4 BlueBug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.4.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.4.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.4.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.4.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 10
2.5 BlueFish . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.5.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.5.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.5.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.5.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 11
2.6 BluePrinting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.6.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.6.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.6.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.6.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 12
2.7 BlueSmack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.7.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.7.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.7.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2
2.7.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 12
2.8 BlueSnarfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.8.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.8.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.8.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.9 BlueSniff . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.9.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.9.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.9.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.9.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 13
2.10 BlueSniper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.10.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.10.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.10.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.10.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 14
2.11 BlueSpam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.11.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.11.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.11.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.11.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 15
2.12 Bluetooth Location Tracker Project . . . . . . . . . . . . . . . . . . . 15
2.12.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.12.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.12.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.12.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 15
2.13 Bluetooth Phone Book Dumper . . . . . . . . . . . . . . . . . . . . . 16
2.13.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.13.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.13.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.14 BlueZ Bluetooth Stack . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.14.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.14.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.14.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.14.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 17
2.15 Braces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.15.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.15.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.15.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.15.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 18
2.16 bt audit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.16.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.16.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.16.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.17 BTBrowser - JABWT Browser . . . . . . . . . . . . . . . . . . . . . 18
2.17.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.17.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.17.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
2.17.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 19
2.18 btChat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.18.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3
2.18.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.18.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.18.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 20
2.19 BTFS Bluetooth FileSystemMapping . . . . . . . . . . . . . . . . . . 20
2.19.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.19.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.19.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.20 BthDisc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.20.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.20.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.20.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.21 btScanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.21.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.21.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.21.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.21.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 21
2.22 btXML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.22.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.22.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.22.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.22.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 22
2.23 Fine Tooth Comb . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.23.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.23.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.23.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
2.23.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 23
2.24 FreeJack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.24.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.24.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.24.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.24.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 23
2.25 Gnome Bluetooth Subsystem . . . . . . . . . . . . . . . . . . . . . . 23
2.25.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.25.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.25.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.25.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 24
2.26 Greenplaque . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.26.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.26.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.26.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
2.26.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 25
2.27 HCIDump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.27.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.27.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.27.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.28 Impronto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.28.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.28.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.28.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.28.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 26
4
2.29 OpenOBEX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.29.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.29.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 26
2.29.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.30 ObexFTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.30.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.30.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.30.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.31 PsmScan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.31.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.31.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.31.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.32 RedFang . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.32.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.32.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.32.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.32.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 28
2.33 RedSnarf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.33.1 Manufacturer . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.33.2 Link - Source . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2.33.3 Description . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
2.33.4 Screenshots / Logo . . . . . . . . . . . . . . . . . . . . . . . 29
5
Chapter 1
Introduction
1.1 Purpose and scope
The purpose of this document is to provide a brief overview of the existent Bluetooth
security tools.
1.2 References
• Sil Janssens, Preliminary study, VUB, 2004, .
be/˜sijansse/2elic/BT/Voorstudie/PreliminaryStudy.pdf
• Sil Janssens, SoftwareRequirement Specifications, VUB, 2004, http://student.
vub.ac.be/˜sijansse/2elic/BT/SRS/SRS.pdf
• other references are included for each tool in the document
6
Chapter 2
Bluetooth Tools
2.1 Affix Bluetooth Stack
2.1.1 Manufacturer
Affix: Nokia Research Center at Mobile Networks Lab and released under GPL.
2.1.2 Link - Source
•
2.1.3 Description
Affix is a Bluetooth Protocol Stack for Linux Affix supports core Bluetooth protocols
like HCI, L2CAP, RFCOMM, SDP and various Bluetooth profiles (see bellow).
Affix features:
• Modular implementation.
• Socket interface to HCI, L2CAP and RFCOMM protocols.
• Bluetooth module interface independence.
• SMP safe.
• Multiple Bluetooth devices support.
Affix currently supports the following Bluetooth Profiles:
• General Access Profile
• Service Discovery Profile
• Serial Port Profile
• DialUp Networking Profile
• LAN Access Profile
7
• OBEX Object Push Profile
• OBEX File Transfer Profile
• PAN Profile
affix-kernel provides kernel modules implementing core protocols and Bluetooth de-
vice drivers. Kernel modules can be used separately from the kernel or can be linked
statically into the kernel.
affix provides control tools, libraries, and server daemons.
2.1.4 Screenshots / Logo
2.2 Blooover
2.2.1 Manufacturer
Trifinite
2.2.2 Link - Source
• />2.2.3 Description
Blooover is a proof-of-concept tool (similar to BlueSnarf) that is intended to run on
J2ME-enabled cell phones. Blooover is an audit tool that people can use to check
whether their phones and phones of friends and employees are vulnerable.
8
2.2.4 Screenshots / Logo
2.3 BlueAlert
2.3.1 Manufacturer
TDK
2.3.2 Link - Source
• />4
• />2.3.3 Description
TDK Systems’ BlueAlert Windows tool creates a ’pop-up ’icon from the system tray,
notifying you in advance:
• When a Bluetooth device is active, or in range of your PC
• If a particular device goes out of range and a connection is lost
I only supports TKS Bluetooth devices.
2.4 BlueBug
2.4.1 Manufacturer
Trifinite
2.4.2 Link - Source
• />2.4.3 Description
BlueBug is the name of a Bluetooth security loophole on some Bluetooth-enabled cell
phones. Exploiting this loophole allows the unauthorized downloading phone books
and call lists, the sending and reading of SMS messages from the attacked phone and
many more things.
The tool and source code is NOT available!
9
2.4.4 Screenshots / Logo
2.5 BlueFish
2.5.1 Manufacturer
nobodaddy
2.5.2 Link - Source
• />2.5.3 Description
Bluefish is a surveillance system which tracks the presence of Bluetooth devices, and
their users.
Bluefish constantly scans for Bluetooth-enabled devices, such as phones, PDA’s,
and wireless peripherals. When a new device is found, Bluefish takes a picture of the
area in which the device is discovered and catalogues all retrievable information about
the device. If the device is ever discovered again, the user will be sent the last image
captured of them via Bluetooth. All images are tagged with the device’s name and the
time it was last observed.
Over time, a profile is built for each discovered device, making it possible to track
individual users who frequent the scanning area.
10
2.5.4 Screenshots / Logo
2.6 BluePrinting
2.6.1 Manufacturer
Collin Mulliner and Martin Herfurt, Trifinite
2.6.2 Link - Source
• />• />• />2.6.3 Description
Blueprinting is a method to remotely find out details about bluetooth-enabled devices.
Blueprinting can be used for generating statistics about manufacturers and models and
to find out whether there are devices in range that have issues with Bluetooth security.
Every bluetooth-enabled device has some characteristics that are either unique (Blue-
tooth device address), maufacturer specific (the first part of the bluetooth device ad-
dress) or model-specific (service description records). Blueprinting is combining the
different information that Bluetooth-enabled devices reveal in order to determine the
manufacturer as well as the model of the device. Upon different characteristics it is
also possible to tell about the respective firmware version that runs on certain devices.
Every Bluetooth-enabled device that offers services to other Bluetooth-enabled devices
does announce these services via the service discovery protocol (SDP). So, remote de-
vices can query devices upon the offered capabilities.
11
2.6.4 Screenshots / Logo
2.7 BlueSmack
2.7.1 Manufacturer
Trifinite
2.7.2 Link - Source
• />• />2.7.3 Description
BlueSmack is a Bluetooth attack that knocks out some Bluetooth-enabled devices im-
mediately. This Denial of Service attack can be conducted using standard tools that
ship with the official Linux Bluez utils package.
2.7.4 Screenshots / Logo
2.8 BlueSnarfer
2.8.1 Manufacturer
Dante Alighieri
12
2.8.2 Link - Source
• />• />2.8.3 Description
rfcomm connection to bdaddr and send/recv AT command from gsm extension
2.9 BlueSniff
2.9.1 Manufacturer
The Shmoo Group, Bruce Potter - Brian Caswell
2.9.2 Link - Source
• />• />• />2.9.3 Description
Bluesniff is proof of concept code for a Bluetooth wardriving utility. It provided a GUI
for finding discoverable and hidden Bluetooth devices. It is focused on providing a UI
Front-end for Redfang.
2.9.4 Screenshots / Logo
13
2.10 BlueSniper
2.10.1 Manufacturer
Flexilis
2.10.2 Link - Source
•
• />News&file=index&catid=&topic=14
2.10.3 Description
The BlueSniper is a rifle stock with a scope and yagi antenna attached. A cable at-
taches the antenna to the Bluetooth card, which can be in a PDA or laptop computer.
The laptop can be carried in a backpack with the cables connecting into the backpack,
giving it the Ghostbusters look.
The Flexilis teams demonstrated the gun with some home-brewed Bluetooth scanning
software. They pointed the gun down the hallways and out windows. Almost instantly,
vulnerable phones with their unique Bluetooth device numbers appeared on the laptop
screen. The device is powerful enough to detect devices through building walls.
2.10.4 Screenshots / Logo
2.11 BlueSpam
2.11.1 Manufacturer
Collin R. Mulliner
14
2.11.2 Link - Source
• />2.11.3 Description
BlueSpam is a Palm OS application that searches for all discoverableBluetooth devices
and send a arbitrary file to them if they support OBEX.
2.11.4 Screenshots / Logo
2.12 Bluetooth Location Tracker Project
2.12.1 Manufacturer
Collin R. Mulliner, Andreas ”Steini” Steinhauser, Daniel Dorau.
2.12.2 Link - Source
• />• />• />• />• />2.12.3 Description
Linux software to track Bluetooth devices in combination with a GPS devices, client
and server architecture.
2.12.4 Screenshots / Logo
15
2.13 Bluetooth Phone Book Dumper
2.13.1 Manufacturer
Collin R. Mulliner
2.13.2 Link - Source
• />2.13.3 Description
Bluetooth phone book dumper creates a backup of the Nokia 6310i via bluetooth. It
also works on some Ericsson mobile phones.
The data is written to stdout in a standard xml format. There is no need to enter any data
on the host or phone side and no pairing is needed, it simply uses GSM AT commands
over a RFCOMM connection.
The software uses the Linux BlueZ Bluetooth stack.
2.14 BlueZ Bluetooth Stack
2.14.1 Manufacturer
BlueZ Project
2.14.2 Link - Source
•
2.14.3 Description
BlueZ is an implementation of the Bluetooth wireless standards specifications for Linux.
The code is licensed under the GNU General Public License (GPL) and is now included
in the Linux 2.4 and Linux 2.6 kernel series.
BlueZ provides support for the core Bluetooth layers and protocols. It is flexible,
efficient and uses a modular implementation. It has many interesting features:
• Complete modular implementation
• Symmetric multi processing safe
• Multithreaded data processing
• Support for multiple Bluetooth devices
• Real hardware abstraction
• Standard socket interface to all layers
• Device and service level security support
16
Currently BlueZ consists of many separate modules:
• Bluetooth kernel subsystem core
• L2CAP and SCO audio kernel layers
• RFCOMM, BNEP, CMTP and HIDP kernel implementations
• HCI UART, USB, PCMCIA and virtual device drivers
• General Bluetooth and SDP libraries and daemons
• Configuration and testing utilities
• Protocol decoding and analysis tools
The BlueZ kernel modules, libraries and utilities are known to be working prefectly on
many architectures supported by Linux.
2.14.4 Screenshots / Logo
2.15 Braces
2.15.1 Manufacturer
The Shmoo Group, Bruce Potter, Brian
2.15.2 Link - Source
• />2.15.3 Description
Bluetooth tracking application used at a demonstration on the BlackHat conference
USA 2004.
17
2.15.4 Screenshots / Logo
2.16 bt audit
2.16.1 Manufacturer
Collin R. Mulliner
2.16.2 Link - Source
• />2.16.3 Description
bt audit is a suit of programs and scripts to do Bluetooth device auditing. The suit cur-
rently consists of two port scanners, psm scan for the L2CAP layer and rfcomm scan
for the RFCOMM layer.
2.17 BTBrowser - JABWT Browser
2.17.1 Manufacturer
Klings.org BenHui.net
2.17.2 Link - Source
• />• />• />• />• />18
2.17.3 Description
Bluetooth (JABWT) Browser is a J2ME MIDP MIDlet that can browse and explore the
technical specification of surrounding Bluetooth devices.
BTBrowser will discover nearby devices (if they are discoverable. You can browse
device Bluetooth information and all supported profiles and service records of each
device. This is a great utility tool to sniff bluetooth information.
This MIDlet MIDP2.0/CLDC1.0 works on phones that support JSR-82 (a.k.a JABWT
or Java Bluetooth) specification. Examples are Nokia 6600 and Sony Ericsson P900.
The following attributes will be shown if they are set in the Bluetooth service record:
• 0x0100, ServiceName
• 0x0101, ServiceDescription
• 0x0102, ProviderName
• 0x0000, ServiceRecordHandle
• 0x0003, ServiceID
• 0x0001, ServiceClassIDList
• 0x0004, ProtocolDescriptorList
• 0x0009, BluetoothProfileDescriptorList
• 0x0007, ServiceInfoTimeToLive
• 0x0008, ServiceAvailability
• 0x000A, DocumentationURL
• 0x000B, ClientExecutableURK
• 0x000C, IconURL
2.17.4 Screenshots / Logo
19
2.18 btChat
2.18.1 Manufacturer
Collin R. Mulliner
2.18.2 Link - Source
• />2.18.3 Description
btChat is a Bluetooth based chatting/IM (instant messaging) system
2.18.4 Screenshots / Logo
2.19 BTFS Bluetooth FileSystemMapping
2.19.1 Manufacturer
Collin R. Mulliner
2.19.2 Link - Source
• www.mulliner.org/bluetooth/btfs.php
2.19.3 Description
BTFS brings basic Bluetooth support to the filesystem by mapping functions like in-
quiry (search for Bluetooth devices) and file transfer (via OBEX) to normal file opera-
tions.
BTFS is a FUSE (Filesystem in USErspace) application.
With btfs a simple ls DEVICES shows you all Bluetooth devices within range and cp
somefile OPUSH/devicename sends the given file to the device (via OBEX).
20
2.20 BthDisc
2.20.1 Manufacturer
2.20.2 Link - Source
• www.lookout.net/˜mike
• />00.01.zip
• />• />article&sid=1880
2.20.3 Description
Simple command line utility to list discoverable bluetooth devices. Example of win32
bluetooth device/service discovery API.
Requires Microsoft Bluetooth Stack (hotfix for XP SP1, included w/ XP SP2).
2.21 btScanner
2.21.1 Manufacturer
Pentest
2.21.2 Link - Source
• />01_bluetooth
2.21.3 Description
btscanner is a tool designed specifically to extract as much information as possible
from a Bluetooth device without the requirement to pair. A detailed information screen
extracts HCI and SDP information, and maintains an open connection to monitor the
RSSI and link quality. btscanner is based on the BlueZ Bluetooth stack, which is in-
cluded with recent Linux kernels, and the BlueZ toolset. btscanner also contains a
complete listing of the IEEE OUI numbers and class lookup tables. Using the informa-
tion gathered from these sources it is possible to make educated guesses as to the host
device type.
2.21.4 Screenshots / Logo
21
2.22 btXML
2.22.1 Manufacturer
Saftware, Andreas Oberritter, GNU General Public License
2.22.2 Link - Source
• www.saftware.de/bluetooth/btxml.c
2.22.3 Description
Creates a backup of the Nokia 6310i (and for Ericsson T610 and T68i) via Bluetooth.
2.22.4 Screenshots / Logo
2.23 Fine Tooth Comb
2.23.1 Manufacturer
The Shmoo Group
2.23.2 Link - Source
•
• />2.23.3 Description
A Bluetooth scanner for FreeBSD.
This tool tries to find other Bluetooth devices in three different ways:
• A periodic inquiry scan
About every minute (it varies) discoverable devices are listed. These show up as:
++¿IR¿MAC ADDRESS
• Report devices that try to connect to the scanning host
If somebody tries to check what services you are offering, it makes note of what
address tried to connect. (It rejects them.) You must have inquiry and page
scanning turned on for this to be of use. These show up as: ++¿CR¿MAC AD-
DRESS¿A for ACL, S for SCO¿Device Class
• Brute force
It steps through each of the manufacturers listed in ftc manuf.h and tries all
possible device IDs. This is very slow! Devices that are found show up as:
++¿BF¿MAC ADDRESS If the attempt times out, it will show: –¿BF¿MAC
ADDRESS
22
2.23.4 Screenshots / Logo
2.24 FreeJack
2.24.1 Manufacturer
Software13
2.24.2 Link - Source
• />2.24.3 Description
FreeJack is a Java based BlueJacking application for mobile devices. The aim of this
software is to allow the anonymous sending of messages to Bluetooth enabled devices
within range.
2.24.4 Screenshots / Logo
2.25 Gnome Bluetooth Subsystem
2.25.1 Manufacturer
Useful Information Company, GPL
2.25.2 Link - Source
• />2.25.3 Description
Current features include:
• Controller object to manage the discovery of nearby Bluetooth devices
• Controller will create serial (RFCOMM) connections for clients to devices
23
• libbtcl, a GObject wrapper for Bluetooth functionality An OBEX server, so you
can ”beam” files such as pictures, addresses or contacts from other Bluetooth
devices to your computer
• An OBEX push send tool, so you can beam files from your computer to remote
devices.
• Nautilus menu integration
2.25.4 Screenshots / Logo
2.26 Greenplaque
2.26.1 Manufacturer
Kevin Finisterre, Ollie Whitehouse
2.26.2 Link - Source
•
2.26.3 Description
Multi-dongle Bluetooth Hunter / Killer
RedFang was a small proof-of-conceptapplication to findnon discoveredablebluetooth
devices.
Greenplaque on the other hand is an application to find discoverable bluetooth devices.
After being found the device will promptly be slayed.
24
