Check out this video tutorial to see how to bluesnarf a Nokia 6310i handset (cell phone). What is Bluesnarfing exactly?
Answer: Serious flaws in Bluetooth security lead to disclosure of personal data. Three vulnerabilities have been found:
First, confidential data can be obtained, anonymously, and without the owner's knowledge or consent, from some Bluetooth enabled mobile phones.
Second, it has been found that the complete memory contents of some mobile phones can be accessed by a previously trusted ("paired") device that has since been removed from the trusted list. In essence, the entire device can be "backed up" to an attacker's own system.
Third, access can be gained to the AT command set of the device, giving full access to the higher level commands and channels, such as data, voice and messaging.
Finally, the current trend for "Bluejacking" is promoting an environment which puts consumer devices at greater risk from the above attacks.
It is possible, on some makes of device, to connect to the device without alerting the owner of the target device of the request, and gain access to restricted portions of the stored data therein, including the entire phonebook (and any images or other data associated with the entries), calendar, real time clock, business card, properties, change log, IMEI (International Mobile Equipment Identity, which uniquely identifies the phone to the mobile network, and is used in illegal phone 'cloning'). This is normally only possible if the device is in "discoverable" or "visible" mode, but there are tools available on the Internet that allow even this safety net to be bypassed.
Comments
No Comments Exist
Be the first, drop a comment!