Hacking Cell Phones via Bluetooth Tools under Linux

 in
Ditch the funky USB cable and connect to your cell phone and other devices with Bluetooth.

to:

name "BlueZ mycomputername";

Next, create a PIN for the computer to access the cell phone. Open the /etc/bluetooth/pin file, and add the following:

PIN:1234

The actual PIN number can be anything you like, and it may not be included in a separate file, depending on your distribution. It may be part of your hcid.conf file and called a passkey instead of a PIN.

The reason for the PIN number is that Bluetooth devices need to be paired or tethered together. This is a standard Bluetooth security measure to prevent unwanted connections between devices. The first time you connect to your phone via Bluetooth, the phone notifies you that a connection is being attempted and prompts you for a PIN number. If the PIN number entered on the phone does not match the PIN in the configuration file, the connection will be rejected. Most cell phones will give you the option to connect devices automatically on subsequent connections or prompt for intervention.

Next, restart the Bluetooth server on the connecting computer:

root@host# /etc/init.d/bluetooth restart

Some cell phones have a “Find Me” mode that needs to be turned on when scanning. Take a look in your particular phone's Bluetooth connection menu. Now, you're ready to see if the Bluetooth dongle can see your cell phone or any other nearby devices with Bluetooth capability. So, type:

root@host# hcitool scan

which returns the following:

Scanning ...
        00:0F:86:89:EC:3D       Blackberry 7290
        00:14:9A:C9:BB:62       Motorola Phone
        00:16:CB:2A:7D:DB     Mac_1

Each device name is listed with its MAC address.

Mac_1 is my USB Bluetooth dongle. Motorola Phone is the name I have designated in the phone's Bluetooth setup menus. BlackBerry 7290 is a nearby device that the my dongle is picking up as well.

Another useful command is sdptool search DUN. This provides detailed information for your device:

Inquiring ...
Searching for DUN on 00:16:CB:2A:7D:DB ...
Searching for DUN on 00:14:9A:C9:BB:62 ...
Service Name: Dial-up networking Gateway
Service Description: Dial-up networking Gateway
Service Provider: Generic Cellphone Service
Service RecHandle: 0x10001
Service Class ID List:
  "Dialup Networking" (0x1103)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 1
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100
  code_ISO639: 0x6672
  encoding:    0x6a
  base_offset: 0xd800
  code_ISO639: 0x6573
  encoding:    0x6a
  base_offset: 0xd803
  code_ISO639: 0x7074
  encoding:    0x6a
  base_offset: 0xd806
Profile Descriptor List:
  "Dialup Networking" (0x1103)
    Version: 0x0100

Now, you're ready to start pushing and pulling files to/from your cell phone. Let's investigate the available tools in both KDE and GNOME.

KDE Bluetooth Framework

The KDE Bluetooth framework is built on the BlueZ stack and can utilize all the functionality of the command-line tools in an intuitive GUI interface. Originally, it was an add-on application, but because of the proliferation of Bluetooth devices, it has been merged into the baseline KDE desktop. The easiest way to access your data is through the Konqueror file manager. Once the Bluetooth dongle is plugged in to your computer, you should see the Bluetooth icon appear on the Kicker panel. Open Konqueror, and enter bluetooth:/// in the navigation toolbar.

You should see a listing of nearby devices that are Bluetooth-enabled (Figure 1). Click on your phone, and you should see a listing of available services (Figure 2). For pushing and pulling files, we're most concerned with OBEX File Transfer and OBEX Object Push. Selecting OBEX File Transfer shows the media file folders residing on your device (Figure 3). In my case, I have separate folders for audio, pictures and video clips. Clicking on any of the folders should reveal the files currently on your device. Now you simply can copy/move a file to your home folder on your computer by doing a copy and paste in Konqueror. The first time you do this, you'll be prompted for a PIN number on the cell phone. Subsequent file transfers will not require a PIN unless it has been specified in the cell phone's Bluetooth setup. If you want to copy files from your computer to your device, select OBEX Object Push.

Figure 1. Install KDEBluetooth to make Konqueror aware of Bluetooth devices.

Figure 2. Select your device to get to OBEX Object Push.

Figure 3. The obex option is where you can launch the OBEX Object Push client.

The system displays a pop-up asking if you want to open the kbluetooth client. Select yes, and you should see your device list in the left-hand (device selector) column of the client (Figure 4). The top of the client application shows your system folders. The right-hand side of the screen contains a blank area that's titled Files to send. Simply go into one of your system folders and click the file you want to copy to your phone. Now, drag and drop it into the Files to send pane. Click the Send button. Your phone will alert you and ask if you want to accept the file transfer from your computer. Click yes, and the file transfer starts (Figure 5). Once the file transfer is complete, you should be able to find the file on your cell phone or PDA. It doesn't get any easier than that. Konqueror once again proves what a fantastic file manager it is.

Figure 4. The OBEX Object Push client lets you transfer files with drag and drop.

Figure 5. The OBEX Object Push Client with Multiple Devices Available

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Phone to Computer speakers

James C's picture

Pat,
My cell phone is able to stream audio to bluetooth devices. I was wondering if you knwe a way that I could connect the phone to the computer and then stream the music from my computer to the speakers using BlueZ

Thanks,
James

help

jen waterloo on canada's picture

Need to get family videos tele # pics text off samsung u740 asap phone is defective please contact me asap 5195783507 i dont know linUx and the cell will not use aknowledge the card in it and usb does not work thanks jen this was sent via the cell phone

regardsing n800

Anonymous's picture

hi ,
is this the same way you can connect the n800( as a computer) with the n95 ( as a mobile phone )
can u give me the simple guideline for doing same to connect them .

thanx ,
dave
uk

Nokia PC Suite Alternative

Conrad's picture

Hi,

I was wondering if you know of a application that does everything that the Nokia PC Suite for Windows does? I've been trying to find something that will work properly when it comes to syncing, but no joy yet. Please let me know.

Thanks.

just something i wanted to

anomit's picture

just something i wanted to ask you.....i use a ppp script to dial the connection. I couldn't figure how to configure wvdial for this thing. Does it have any performance gain/loss when compared to the wvdial method?

PIN

caleb@tcad.net's picture

I am using Mandriva 2007 and had a terrible time getting the PIN number to work. I would enter the correct pin of the computer into the phone and it would reject it. Finally had to issue the command

#passkey-agent --default /usr/bin/bluez-pin

and then it successfully allowed me to pair the phone with the computer.

passkey-agent

Anonymous's picture

Same for me! I spent almost two hours debugging this... maybe it should be noted somewhere above!

lower level access?

randy's picture

Hi Patrick, great and timely article, as I've recently tried using Bluetooth to talk to my son's phone (unsuccessfully). Looking forward to trying your approach. I was hoping to access the phone at lower than just the file level though, as he deleted a bunch of pictures, and I wanted to try to recover them. So I was hoping to get access to the phone as a filesystem or disk device so I could dump the whole thing to a file for further processing. Ideally I'd just be able to do something like "dd if=/dev/phone of=/home/phonedisk" and be able to use my tools on the "phonedisk" file I created. Is something like that possible? I'll try it myself from home tonight, just thought I'd ask in advance. Thanks!

re: lower level access

randy's picture

Thanks Pat. Looks like some useful info on those sites. I'll try putting everything together some night when I have the phone and computer together.

Thanks,
randy

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix