Results 1 to 4 of 4

Thread: Bluetooth

  1. #1
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    2

    Default Bluetooth

    I have read the hread of MR Green about bluesnarfing, i did whatever it mentioned, i can ping my mobile but i cannot lunch bluesnarfer it display an error for bt_rfcomm_config and problem is that i don't now where to change such configuration. Anyone any suggestion

  2. #2
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    2

    Default Logs from my laptop

    bt ~ # hciconfig hci0
    hci0: Type: USB
    BD Address: 00:00:00:00:00:00 ACL MTU: 0:0 SCO MTU: 0:0
    DOWN
    RX bytes:0 acl:0 sco:0 events:0 errors:0
    TX bytes:0 acl:0 sco:0 commands:0 errors:0

    bt ~ # mkdir -p /dev/bluetooth/rfcomm mknod -m 666 /dev/bluetooth/rfcomm/0 c 216 0

    bt ~ # hciconfig hci0 up

    bt ~ # hciconfig hci0
    hci0: Type: USB
    BD Address: 00:0C:BF:01:11:E3 ACL MTU: 192:8 SCO MTU: 64:8
    UP RUNNING
    RX bytes:79 acl:0 sco:0 events:8 errors:0
    TX bytes:30 acl:0 sco:0 commands:8 errors:0

    bt ~ # hcitool scan hci0
    Scanning ...
    00:13:70:11:5A:6B BlueJack

    bt ~ # bluesnarfer -r 1-100 -b 00:13:70:11:5A:6B
    device name: BlueJack
    bluesnarfer: open /dev/bluetooth/rfcomm/0, Is a directory
    bluesnarfer: bt_rfcomm_config failed
    bluesnarfer: unable to create rfcomm connection
    bluesnarfer: release rfcomm ok

    bt bp # sdptool browse --tree --l2cap 00:13:70:11:5A:6B
    Browsing 00:13:70:11:5A:6B ...
    Attribute Identifier : 0x0 - ServiceRecordHandle
    Integer : 0x0
    Attribute Identifier : 0x1 - ServiceClassIDList
    Data Sequence
    UUID16 : 0x1000 - ServiceDiscoveryServerServiceClassID
    Attribute Identifier : 0x2 - ServiceRecordState
    Integer : 0x0
    Attribute Identifier : 0x4 - ProtocolDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x0100 - L2CAP
    Attribute Identifier : 0x5 - BrowseGroupList
    Data Sequence
    UUID16 : 0x1000 - ServiceDiscoveryServerServiceClassID
    Attribute Identifier : 0x6 - LanguageBaseAttributeIDList
    Data Sequence
    Code ISO639 (Integer) : 0x656e
    Encoding (Integer) : 0x6a
    Base Offset (Integer) : 0x100
    Attribute Identifier : 0x7 - ServiceInfoTimeToLive
    Integer : 0x4b0
    Attribute Identifier : 0x8 - ServiceAvailability
    Integer : 0xff
    Attribute Identifier : 0x100
    Data : 53 44 50 20 53 65 72 76 65 72 00
    Attribute Identifier : 0x101
    Data : 50 72 6f 76 69 64 65 73 20 6c 6f 63 61 6c 20 73 65 72 76 69 63 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 66 6f 72 20 72 65 6d 6f 74 65 20 64 65 76 69 63 65 73 2e 00
    Attribute Identifier : 0x102
    Data : 53 79 6d 62 69 61 6e 20 4c 74 64 2e 00
    Attribute Identifier : 0x200 - VersionNumberList
    Data Sequence
    Integer : 0x100
    Integer : 0x101
    Attribute Identifier : 0x201 - ServiceDatabaseState
    Integer : 0x12

    Attribute Identifier : 0x0 - ServiceRecordHandle
    Integer : 0x10006
    Attribute Identifier : 0x1 - ServiceClassIDList
    Data Sequence
    UUID16 : 0x111f - HandsfreeAudioGateway
    UUID16 : 0x1203 - GenericAudio
    Attribute Identifier : 0x2 - ServiceRecordState
    Integer : 0x8
    Attribute Identifier : 0x4 - ProtocolDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x0100 - L2CAP
    Data Sequence
    UUID16 : 0x0003 - RFCOMM
    Channel/Port (Integer) : 0x1
    Attribute Identifier : 0x5 - BrowseGroupList
    Data Sequence
    UUID16 : 0x1002 - PublicBrowseGroup
    Attribute Identifier : 0x6 - LanguageBaseAttributeIDList
    Data Sequence
    Code ISO639 (Integer) : 0x454e
    Encoding (Integer) : 0x6a
    Base Offset (Integer) : 0x100
    Attribute Identifier : 0x9 - BluetoothProfileDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x111f - HandsfreeAudioGateway
    Version (Integer) : 0x101
    Attribute Identifier : 0x100
    Data : 48 61 6e 64 73 2d 46 72 65 65 20 41 75 64 69 6f 20 47 61 74 65 77 61 79 00
    Attribute Identifier : 0x301
    Integer : 0x1
    Attribute Identifier : 0x311
    Integer : 0xf

    Attribute Identifier : 0x0 - ServiceRecordHandle
    Integer : 0x10007
    Attribute Identifier : 0x1 - ServiceClassIDList
    Data Sequence
    UUID16 : 0x1106 - OBEXFileTransfer
    Attribute Identifier : 0x2 - ServiceRecordState
    Integer : 0x6
    Attribute Identifier : 0x4 - ProtocolDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x0100 - L2CAP
    Data Sequence
    UUID16 : 0x0003 - RFCOMM
    Channel/Port (Integer) : 0xa
    Data Sequence
    UUID16 : 0x0008 - OBEX
    Attribute Identifier : 0x5 - BrowseGroupList
    Data Sequence
    UUID16 : 0x1002 - PublicBrowseGroup
    Attribute Identifier : 0x6 - LanguageBaseAttributeIDList
    Data Sequence
    Code ISO639 (Integer) : 0x454e
    Encoding (Integer) : 0x6a
    Base Offset (Integer) : 0x100
    Attribute Identifier : 0x9 - BluetoothProfileDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x1106 - OBEXFileTransfer
    Version (Integer) : 0x100
    Attribute Identifier : 0x100
    Data : 4f 42 45 58 20 46 69 6c 65 20 54 72 61 6e 73 66 65 72 00

    Attribute Identifier : 0x0 - ServiceRecordHandle
    Integer : 0x10008
    Attribute Identifier : 0x1 - ServiceClassIDList
    Data Sequence
    UUID128 : 0x00000002-0000-1000-8000-0002ee00-0002
    Attribute Identifier : 0x2 - ServiceRecordState
    Integer : 0x6
    Attribute Identifier : 0x4 - ProtocolDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x0100 - L2CAP
    Data Sequence
    UUID16 : 0x0003 - RFCOMM
    Channel/Port (Integer) : 0xb
    Data Sequence
    UUID16 : 0x0008 - OBEX
    Attribute Identifier : 0x5 - BrowseGroupList
    Data Sequence
    UUID16 : 0x1002 - PublicBrowseGroup
    Attribute Identifier : 0x6 - LanguageBaseAttributeIDList
    Data Sequence
    Code ISO639 (Integer) : 0x454e
    Encoding (Integer) : 0x6a
    Base Offset (Integer) : 0x100
    Attribute Identifier : 0x9 - BluetoothProfileDescriptorList
    Data Sequence
    Data Sequence
    UUID128 : 0x00000002-0000-1000-8000-0002ee00-0002
    Version (Integer) : 0x100
    Attribute Identifier : 0x100
    Data : 53 79 6e 63 4d 4c 43 6c 69 65 6e 74 00

    Attribute Identifier : 0x0 - ServiceRecordHandle
    Integer : 0x10009
    Attribute Identifier : 0x1 - ServiceClassIDList
    Data Sequence
    UUID128 : 0x00005005-0000-1000-8000-0002ee00-0001
    Attribute Identifier : 0x2 - ServiceRecordState
    Integer : 0x6
    Attribute Identifier : 0x4 - ProtocolDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x0100 - L2CAP
    Data Sequence
    UUID16 : 0x0003 - RFCOMM
    Channel/Port (Integer) : 0xc
    Data Sequence
    UUID16 : 0x0008 - OBEX
    Attribute Identifier : 0x5 - BrowseGroupList
    Data Sequence
    UUID16 : 0x1002 - PublicBrowseGroup
    Attribute Identifier : 0x6 - LanguageBaseAttributeIDList
    Data Sequence
    Code ISO639 (Integer) : 0x454e
    Encoding (Integer) : 0x6a
    Base Offset (Integer) : 0x100
    Attribute Identifier : 0x9 - BluetoothProfileDescriptorList
    Data Sequence
    Data Sequence
    UUID128 : 0x00005005-0000-1000-8000-0002ee00-0001
    Version (Integer) : 0x100
    Attribute Identifier : 0x100
    Data : 4e 6f 6b 69 61 20 4f 42 45 58 20 50 43 20 53 75 69 74 65 20 53 65 72 76 69 63 65 73 00

    Attribute Identifier : 0x0 - ServiceRecordHandle
    Integer : 0x1000a
    Attribute Identifier : 0x1 - ServiceClassIDList
    Data Sequence
    UUID16 : 0x1105 - OBEXObjectPush
    Attribute Identifier : 0x2 - ServiceRecordState
    Integer : 0x7
    Attribute Identifier : 0x4 - ProtocolDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x0100 - L2CAP
    Data Sequence
    UUID16 : 0x0003 - RFCOMM
    Channel/Port (Integer) : 0x9
    Data Sequence
    UUID16 : 0x0008 - OBEX
    Attribute Identifier : 0x5 - BrowseGroupList
    Data Sequence
    UUID16 : 0x1002 - PublicBrowseGroup
    Attribute Identifier : 0x6 - LanguageBaseAttributeIDList
    Data Sequence
    Code ISO639 (Integer) : 0x454e
    Encoding (Integer) : 0x6a
    Base Offset (Integer) : 0x100
    Attribute Identifier : 0x9 - BluetoothProfileDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x1105 - OBEXObjectPush
    Version (Integer) : 0x100
    Attribute Identifier : 0x100
    Data : 4f 42 45 58 20 4f 62 6a 65 63 74 20 50 75 73 68 00
    Attribute Identifier : 0x303
    Data Sequence
    Integer : 0xff

    Attribute Identifier : 0x0 - ServiceRecordHandle
    Integer : 0x1000b
    Attribute Identifier : 0x1 - ServiceClassIDList
    Data Sequence
    UUID16 : 0x1103 - DialupNetworking (DUN)
    Attribute Identifier : 0x2 - ServiceRecordState
    Integer : 0x6
    Attribute Identifier : 0x4 - ProtocolDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x0100 - L2CAP
    Data Sequence
    UUID16 : 0x0003 - RFCOMM
    Channel/Port (Integer) : 0x2
    Attribute Identifier : 0x5 - BrowseGroupList
    Data Sequence
    UUID16 : 0x1002 - PublicBrowseGroup
    Attribute Identifier : 0x6 - LanguageBaseAttributeIDList
    Data Sequence
    Code ISO639 (Integer) : 0x454e
    Encoding (Integer) : 0x6a
    Base Offset (Integer) : 0x100
    Attribute Identifier : 0x9 - BluetoothProfileDescriptorList
    Data Sequence
    Data Sequence
    UUID16 : 0x1103 - DialupNetworking (DUN)
    Version (Integer) : 0x100
    Attribute Identifier : 0x100
    Data : 44 69 61 6c 2d 55 70 20 4e 65 74 77 6f 72 6b 69 6e 67 00

    bt ~ # l2ping 00:13:70:11:5A:6B
    Ping: 00:13:70:11:5A:6B from 00:0C:BF:01:11:E3 (data size 44) ...
    0 bytes from 00:13:70:11:5A:6B id 0 time 77.84ms
    0 bytes from 00:13:70:11:5A:6B id 1 time 31.73ms
    0 bytes from 00:13:70:11:5A:6B id 2 time 32.76ms
    0 bytes from 00:13:70:11:5A:6B id 3 time 29.78ms
    0 bytes from 00:13:70:11:5A:6B id 4 time 36.79ms
    0 bytes from 00:13:70:11:5A:6B id 5 time 37.85ms
    0 bytes from 00:13:70:11:5A:6B id 6 time 36.86ms
    0 bytes from 00:13:70:11:5A:6B id 7 time 28.87ms
    0 bytes from 00:13:70:11:5A:6B id 8 time 34.92ms
    0 bytes from 00:13:70:11:5A:6B id 9 time 49.94ms
    10 sent, 10 received, 0% loss

  3. #3
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Try to bind hci0 with rfcomm.... search this forum on the issue and also read the man for rfcomm on how to do it
    dd if=/dev/swc666 of=/dev/wyze

  4. #4
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    Read again my friend, you need to set a channel. Looking at your logs EVERYTHING looks like its on channel 0. Bluesnarfer uses channel 17 by defaulf and you need to set it to 0. For everybody else Bluesnarfer and Bluebugger hacks work on the OBEXPUSH channel. Other hacks can use the RFCOMM channel of the device. For EG

    UUID16 : 0x0003 - RFCOMM
    Channel/Port (Integer) : 0x1

    Im not going to post the right command, I'm going to make you go back and study my guide some more you scanner lol

    After setting the channel if it still dosn't work post back

    Ps:

    I'm still learning linux, but try seting up RFCOMM like this insted of all one line:

    bt ~ # mkdir -p /dev/bluetooth/rfcomm
    bt ~ # mknod -m 666 /dev/bluetooth/rfcomm/0 c 216 0

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •