• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Hijacking bluetooth headsets
 

Hijacking bluetooth headsets

on

  • 3,049 views

null Pune Chapter - November 2012 Meet

null Pune Chapter - November 2012 Meet

Statistics

Views

Total Views
3,049
Views on SlideShare
2,612
Embed Views
437

Actions

Likes
1
Downloads
50
Comments
1

2 Embeds 437

http://null.co.in 436
http://208.20.155.55 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Hijacking bluetooth headsets Hijacking bluetooth headsets Presentation Transcript

    • BySwaroop YermalkaR
    • 1. Finding Visible & InvisibleBluetooth Devices along with their specifications 2. Cloning Bluetooth Devices 3. Remotely Inject audio in Bluetooth headsets and record audio from it.
    • BT5 r3 laptop Nokia Bluetooth Bluetooth Dongle Galaxy Headset pop
    • 79 channels 2.4-GHz ISM bandDevices hop across these channels at a rate of 1600 times per secondBluetooth Device Address (BD_ADDR)
    • Source: www.techtree.com
    • Initial Setup
    • 1. Everything is in visible Android Settings Ubuntu Settings
    • Find a target First#hcitool scan #hcitool inq
    • btscanner
    • Bluemaho
    • 2. Let’s Find the Invisible Devices… Source: http://hwaddress.com/
    • Let’s Find the Invisible Devices…
    • Android Settings
    • Start sniffing Sniff on mon0
    • SAMSUNG
    • It is Samsung device
    • We have: 00:07:AB:ff:CF:88~MAC address plus one ~ MAC address minus 1 ~MAC address minus one FOUND!!!
    • #hcitool inq <bd_addr>
    • Enumerate the services for further attack
    • Recall PreviousInformation…
    • #hcitool scan#bdaddr -i hci1 <new_bd_addr>
    • #hciconfig hci1 name “android” #hciconfig hci0 class 0x58020c
    • Observe the Fields
    • Laptop
    • Why to Clone the bluetooth device?In certain premises, some bluetooth type device may berestricted. Does it still bother you? For many attacks such as attacks on bluetooth headset it isnecessary to make our device headset compatible.
    • Is our bluetooth dongle headset compatible?No? change itsclass.
    • Device conforms to the Headset Profile
    • Find your victim
    • Download url:http://trifinite.org/Downloads/carwhisperer-0.2.tar.gz
    • #./carwhisperer <interface> <injecting audio file> <Outputfile> <victim BD_ADDR>
    • Built on AIRcable XR™ long-rangetechnology1 km external antenna includedExtended range for up to 30 km***No external power neededAluminum case for reduced interferenceand increased sensitivity
    • 1. Bluetooth Hacking: The state of art by trifinite.org 2. Bluetooth WikiYi-Bing Lin
    • Oct-2012 Sep-2012 Nov-2012 www.chmag.in
    • Feedback, questions and suggestions:swaroop.wireless@gmail.com