Results 1 to 8 of 8

Thread: Bluediving - Howto

  1. #1
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    24

    Default Bluediving - Howto

    Inspired by wrono's post Update to Install Bluediving, I made another attempt at compiling Bluediving.
    Here are the results if you just want to install it:
    bluedivingForBT_09-14-2006

    To compile I grabbed the source from the Bluediving Web Site.
    Each tool in the "tools" directory needs to be compiled seperately. There is no "configure" or "make" file.
    The key was to copy a few source files to the tools directory and add a few statements to the gcc compile line.

    Bluediving also needs btobex and btftp. You can grab the necessary BlueZ source following the instructions here.

    I've included the script I used to build Bluediving to avoid any typos.
    #!/bin/sh
    # Note: Had to copy fang.c to toolpath directory.
    # fang.c had /@ that needed to be removed.
    TOOLPATH="bluediving/tools"
    cp -R /usr/local/include/bluetooth $TOOLPATH
    cp -R /usr/local/include/readline $TOOLPATH
    PROGRAM=( rfcomm_shell hstest attest atshell bdaddr fang )
    for i in ${PROGRAM[@]}; do
    echo "Building "$i
    gcc $TOOLPATH/$i.c -o $TOOLPATH/$i -lbluetooth -lreadline -lncurses
    done
    In the module you'll find a script called dinoBluediving.pl. It's a heavily modified copy of bluedivingNG.pl and very much a work in progress.

    I would appreciate if some Backtrack users could test dinoBluediving.pl against their phones and let me know how it works. The main focus of my mods are the Scan and Attack (endless loop). Currently it just trys to do a root directory listing. I haven't had any success with it yet, but I have limited access to phones. It's worth noting that once Bluediving attacks a phone it will not attack the same phone again unless Bluediving is restarted.

  2. #2
    Junior Member
    Join Date
    Jun 2006
    Posts
    61

    Default

    well what bluetooth device did u use (hardware)?

    I was interested in bt pen testing long time ago, but never brought the hardware that'll work.
    "Only in America :P - where else can you find a company that makes a buggy product and makes tons of money from it, have people exploit the heck out of it and then make tonnes MORE money from selling their existing customers "upgrades" that induce MORE bugs?" -markds

  3. #3
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    24

    Default

    Hardware:
    lsusb scan results
    ID 0a12:0001 Cambridge Silicon Radio, Ltd Bluetooth Dongle
    Bought it from Radio Shack for around $40.
    Radio Shack Model BTA-6000
    It's a USB 2.0 device with a class 1 power rating. I'm thinking it might be the same chipset as the MSI device Irongeek uses. Although this is not confirmed.

    From Irongeek.com - Bluecasing: War Nibbling, Bluetooth and Petty Theft:
    MSI Star Key 2.0 USB Bluetooth 2.0 Transceiver on New Egg
    http://www.newegg.com/Product/Produc...82E16833158122

  4. #4
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    I can't figure out how to install BTOBEX and FTPOBEX. btobex says it's install, but ftpobex and bluediving do not find it. Is there a guide on how to install all of these packages? I got airpwn to work. Now I want to try this since I'm out in public 24/7.

    Any help at all I would appreciate it.

  5. #5
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    24

    Default

    I've created a module to be used with Backtrack 1.0:
    bluedivingForBT_09-14-2006


    You can install it using the mo2dir or uselivemod commands.

    You can install the module and have the bluediving program and tools. They install in the /pentest/bluediving directory.

    btftp does not work though. It has issues with /usr/local/lib/libreadline.so.5. I've replaced the libreadline before to get it working on my machine. I did not include libreadline in the module above because other programs may need the one provided with Backtrack 1.0.

    I can't figure out how to install BTOBEX and FTPOBEX
    I think you only need obexftp and not ftpobex. obexftp is included in the above module.

  6. #6
    Just burned his ISO
    Join Date
    Nov 2006
    Posts
    6

    Default

    Very nice. Looks good and after a few path adjustments she seems to be working fine.

    The scan and attack endless loop will be great for a phone book steeling project of mine.

    OS is BT2 final.

  7. #7
    Member
    Join Date
    May 2007
    Posts
    138

    Default

    Is this module only compatible with BT v1 or will it work for BT v2?

    Also, can anyone tell me how to setup the rfcomm channel for a bluetooth dongle, (specifically a Linksys USBBT100).

    Presumably i'll need to install the Bluez tools, or are they already installed?

    I can get it up, running and scanning using the "hciconfig" and "hcitool" commands but i haven't been able to get it to initialise an rfcomm channel to communicate with the outside world....although i haven't had time to have a real go at it yet, but if anyone can give me some pointers i'd really appreciate it.

    Thanks in advance,
    TAE

  8. #8
    Just burned his ISO
    Join Date
    Jan 2007
    Posts
    2

    Default

    could somebody post the module again? It seems that it is no longer hosted at the posted URLs..

    Or perhaps email it to me? spirit_of_69 AT hotmail DOT com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •