I am thinking of doing a demo of blue snarfing / blue bugging or some other bluetooth attack for my networking class project.
I currently do not own a bluetooth phone to attack. Does anyone know what phones a most vulnerable to these types of attacks and if it is possible to get them cheaply on ebay and attack them without actvating them with phone service?
ps I would be doing this demo right next to my computer so do you think I could just use a BT100 without any external antenna or anything to do this demo?
Moved from the "How-to's & Guides" section.
This is neither a "how-to" or a "guide" - it's a question!
(FYI: The accepted use of the phrase "how-to" in as an intended step-by-step guide of how to do something)
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
No my other thread was for car whisperer. I dont think I will have the resources to do that one
The Nokia 6310/6310i models are good targets for the Bluebugger attack.
First of all, I doubt that Nokia ever patched the firmware properly, although this certainly is speculation. I just can tell you that I haven't seen a Nokia 6310/6310i that is not vulnerable to the Blugbugger attack yet - I mean it's a pretty old model anyway. What about buying a used one at ebay or so? If you just need it for demonstration purposes it does not need to be a brand new model. As of the firmware downgrading, I have to admit that I have no clue actually. Never dealed with this topic before - I'm sorry.If I buy a new one will it still have this flaw or will the firmware patch this? If the flaw is fixed is in possible to downgrade the firmware?
I did a class project on this a few years ago. Most of the Nokia 6310 phones are vulnerable. You may have some issues activating such an old phone. It would require an older SIM card. Make sure it comes with one, and that at&t will activate it for you. I did a video on the project:
Intro To Bluesnarfing By Williamc and Twinvega (Hacking Illustrated Series InfoSec Tutorial Videos)
great bluetooth tutorial
That tutorial is why i actually purchased this phone and bt100.
I tried the bluesnarfer command, but in my case the phone asks me to accept the connection, I then try and do just that and it asks for a pairing code, like a password. I tried typing 12345 in to the phone , thats the default code i thought. it then said bluetooth connection failed and it disconnects.
I then see the following error in my konsole session.
device name: Nokia 6310i
bluesnarfer:tcgetattr failed, Input/output error
bluesnarfer:unable to create rfcomm connection
bluesnarfer: release rfcomm ok
also i have a newer trackphone sim card in it.... the guy unlocked it so it takes all kinds of sims, i had at&t and t mobile trac phone ones working (could make calls). However do i need somthing activated? I dident purchase the phone to actually use infact i dont even care if it makes calls, i bought it for 12 bucks just for this demo.
pretty sure my prob is the phones firmware...