Hacking Cell Phones via Bluetooth Tools under Linux

to:

name "BlueZ mycomputername";

Next, create a PIN for the computer to access the cell phone. Open the /etc/bluetooth/pin file, and add the following:

PIN:1234

The actual PIN number can be anything you like, and it may not be included in a separate file, depending on your distribution. It may be part of your hcid.conf file and called a passkey instead of a PIN.

The reason for the PIN number is that Bluetooth devices need to be paired or tethered together. This is a standard Bluetooth security measure to prevent unwanted connections between devices. The first time you connect to your phone via Bluetooth, the phone notifies you that a connection is being attempted and prompts you for a PIN number. If the PIN number entered on the phone does not match the PIN in the configuration file, the connection will be rejected. Most cell phones will give you the option to connect devices automatically on subsequent connections or prompt for intervention.

Next, restart the Bluetooth server on the connecting computer:

root@host# /etc/init.d/bluetooth restart

Some cell phones have a “Find Me” mode that needs to be turned on when scanning. Take a look in your particular phone's Bluetooth connection menu. Now, you're ready to see if the Bluetooth dongle can see your cell phone or any other nearby devices with Bluetooth capability. So, type:

root@host# hcitool scan

which returns the following:

Scanning ...
        00:0F:86:89:EC:3D       Blackberry 7290
        00:14:9A:C9:BB:62       Motorola Phone
        00:16:CB:2A:7D:DB     Mac_1

Each device name is listed with its MAC address.

Mac_1 is my USB Bluetooth dongle. Motorola Phone is the name I have designated in the phone's Bluetooth setup menus. BlackBerry 7290 is a nearby device that the my dongle is picking up as well.

Another useful command is sdptool search DUN. This provides detailed information for your device:

Inquiring ...
Searching for DUN on 00:16:CB:2A:7D:DB ...
Searching for DUN on 00:14:9A:C9:BB:62 ...
Service Name: Dial-up networking Gateway
Service Description: Dial-up networking Gateway
Service Provider: Generic Cellphone Service
Service RecHandle: 0x10001
Service Class ID List:
  "Dialup Networking" (0x1103)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 1
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100
  code_ISO639: 0x6672
  encoding:    0x6a
  base_offset: 0xd800
  code_ISO639: 0x6573
  encoding:    0x6a
  base_offset: 0xd803
  code_ISO639: 0x7074
  encoding:    0x6a
  base_offset: 0xd806
Profile Descriptor List:
  "Dialup Networking" (0x1103)
    Version: 0x0100

Now, you're ready to start pushing and pulling files to/from your cell phone. Let's investigate the available tools in both KDE and GNOME.

The KDE Bluetooth framework is built on the BlueZ stack and can utilize all the functionality of the command-line tools in an intuitive GUI interface. Originally, it was an add-on application, but because of the proliferation of Bluetooth devices, it has been merged into the baseline KDE desktop. The easiest way to access your data is through the Konqueror file manager. Once the Bluetooth dongle is plugged in to your computer, you should see the Bluetooth icon appear on the Kicker panel. Open Konqueror, and enter bluetooth:/// in the navigation toolbar.

You should see a listing of nearby devices that are Bluetooth-enabled (Figure 1). Click on your phone, and you should see a listing of available services (Figure 2). For pushing and pulling files, we're most concerned with OBEX File Transfer and OBEX Object Push. Selecting OBEX File Transfer shows the media file folders residing on your device (Figure 3). In my case, I have separate folders for audio, pictures and video clips. Clicking on any of the folders should reveal the files currently on your device. Now you simply can copy/move a file to your home folder on your computer by doing a copy and paste in Konqueror. The first time you do this, you'll be prompted for a PIN number on the cell phone. Subsequent file transfers will not require a PIN unless it has been specified in the cell phone's Bluetooth setup. If you want to copy files from your computer to your device, select OBEX Object Push.

Figure 1. Install KDEBluetooth to make Konqueror aware of Bluetooth devices.

Figure 2. Select your device to get to OBEX Object Push.

Figure 3. The obex option is where you can launch the OBEX Object Push client.

The system displays a pop-up asking if you want to open the kbluetooth client. Select yes, and you should see your device list in the left-hand (device selector) column of the client (Figure 4). The top of the client application shows your system folders. The right-hand side of the screen contains a blank area that's titled Files to send. Simply go into one of your system folders and click the file you want to copy to your phone. Now, drag and drop it into the Files to send pane. Click the Send button. Your phone will alert you and ask if you want to accept the file transfer from your computer. Click yes, and the file transfer starts (Figure 5). Once the file transfer is complete, you should be able to find the file on your cell phone or PDA. It doesn't get any easier than that. Konqueror once again proves what a fantastic file manager it is.

Figure 4. The OBEX Object Push client lets you transfer files with drag and drop.

Figure 5. The OBEX Object Push Client with Multiple Devices Available