Hacking Cell Phones via Bluetooth Tools under Linux
name "BlueZ mycomputername";
Next, create a PIN for the computer to access the cell phone. Open the /etc/bluetooth/pin file, and add the following:
The actual PIN number can be anything you like, and it may not be included in a separate file, depending on your distribution. It may be part of your hcid.conf file and called a passkey instead of a PIN.
The reason for the PIN number is that Bluetooth devices need to be paired or tethered together. This is a standard Bluetooth security measure to prevent unwanted connections between devices. The first time you connect to your phone via Bluetooth, the phone notifies you that a connection is being attempted and prompts you for a PIN number. If the PIN number entered on the phone does not match the PIN in the configuration file, the connection will be rejected. Most cell phones will give you the option to connect devices automatically on subsequent connections or prompt for intervention.
Next, restart the Bluetooth server on the connecting computer:
root@host# /etc/init.d/bluetooth restart
Some cell phones have a “Find Me” mode that needs to be turned on when scanning. Take a look in your particular phone's Bluetooth connection menu. Now, you're ready to see if the Bluetooth dongle can see your cell phone or any other nearby devices with Bluetooth capability. So, type:
root@host# hcitool scan
which returns the following:
Scanning ... 00:0F:86:89:EC:3D Blackberry 7290 00:14:9A:C9:BB:62 Motorola Phone 00:16:CB:2A:7D:DB Mac_1
Each device name is listed with its MAC address.
Mac_1 is my USB Bluetooth dongle. Motorola Phone is the name I have designated in the phone's Bluetooth setup menus. BlackBerry 7290 is a nearby device that the my dongle is picking up as well.
Another useful command is sdptool search DUN. This provides detailed information for your device:
Inquiring ... Searching for DUN on 00:16:CB:2A:7D:DB ... Searching for DUN on 00:14:9A:C9:BB:62 ... Service Name: Dial-up networking Gateway Service Description: Dial-up networking Gateway Service Provider: Generic Cellphone Service Service RecHandle: 0x10001 Service Class ID List: "Dialup Networking" (0x1103) Protocol Descriptor List: "L2CAP" (0x0100) "RFCOMM" (0x0003) Channel: 1 Language Base Attr List: code_ISO639: 0x656e encoding: 0x6a base_offset: 0x100 code_ISO639: 0x6672 encoding: 0x6a base_offset: 0xd800 code_ISO639: 0x6573 encoding: 0x6a base_offset: 0xd803 code_ISO639: 0x7074 encoding: 0x6a base_offset: 0xd806 Profile Descriptor List: "Dialup Networking" (0x1103) Version: 0x0100
Now, you're ready to start pushing and pulling files to/from your cell phone. Let's investigate the available tools in both KDE and GNOME.
The KDE Bluetooth framework is built on the BlueZ stack and can utilize all the functionality of the command-line tools in an intuitive GUI interface. Originally, it was an add-on application, but because of the proliferation of Bluetooth devices, it has been merged into the baseline KDE desktop. The easiest way to access your data is through the Konqueror file manager. Once the Bluetooth dongle is plugged in to your computer, you should see the Bluetooth icon appear on the Kicker panel. Open Konqueror, and enter bluetooth:/// in the navigation toolbar.
You should see a listing of nearby devices that are Bluetooth-enabled (Figure 1). Click on your phone, and you should see a listing of available services (Figure 2). For pushing and pulling files, we're most concerned with OBEX File Transfer and OBEX Object Push. Selecting OBEX File Transfer shows the media file folders residing on your device (Figure 3). In my case, I have separate folders for audio, pictures and video clips. Clicking on any of the folders should reveal the files currently on your device. Now you simply can copy/move a file to your home folder on your computer by doing a copy and paste in Konqueror. The first time you do this, you'll be prompted for a PIN number on the cell phone. Subsequent file transfers will not require a PIN unless it has been specified in the cell phone's Bluetooth setup. If you want to copy files from your computer to your device, select OBEX Object Push.
The system displays a pop-up asking if you want to open the kbluetooth client. Select yes, and you should see your device list in the left-hand (device selector) column of the client (Figure 4). The top of the client application shows your system folders. The right-hand side of the screen contains a blank area that's titled Files to send. Simply go into one of your system folders and click the file you want to copy to your phone. Now, drag and drop it into the Files to send pane. Click the Send button. Your phone will alert you and ask if you want to accept the file transfer from your computer. Click yes, and the file transfer starts (Figure 5). Once the file transfer is complete, you should be able to find the file on your cell phone or PDA. It doesn't get any easier than that. Konqueror once again proves what a fantastic file manager it is.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- New Container Image Standard Promises More Portable Apps
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide