agreed -- but I was assuming you would be in control of the wireless ;-)
On Mon, Mar 14, 2011 at 12:17 PM, Josh More <[email protected]> wrote: > I think that you should seriously consider the possibility of finding > things that you do not wish to find. As you are dealing with minors the > penalties that we all face when doing something "cool" are going to be > higher. > > Driftnet could result in displaying certain images to a group of kids that, > if it occurred, could be rather unfortunate for you personally. If your > bluetooth attack finds stuff you are in a tricky reporting scenario. > > I think that the game idea is the best one, but don't run it on some random > kid's phone. Instead, do it on your own kid's phone (or get a parent or > teacher to volunteer their own kid). > > -Josh More > > > On Mon, Mar 14, 2011 at 10:18 AM, Bill Swearingen <[email protected]>wrote: > >> dude.. >> >> Dont do the bluetooth stuff, go with Driftnet. >> >> Always a winner with crowds, and shows why free wifi is scrrrrrzy! >> >> >> On Mon, Mar 14, 2011 at 9:08 AM, Robin Wood <[email protected]> wrote: >> >>> On 14 March 2011 11:44, craig bowser <[email protected]> wrote: >>> > >>> > So, I'm giving a talk at my son's school for career day. My talk is >>> mostly >>> > on the IA/Infosec career, but I thought I would do a quick simple >>> bluetooth >>> > hack to cut into the drone of person after person yapping up front. >>> These >>> > are 6-8th graders... attention span is limited. I know, I have two. >>> > >>> > Anyway, I've been trying to get bluenarfer and bluebugger to work to >>> either >>> > pull out an address book or dial a phone number. However, I can't seem >>> to >>> > get it working. When any connection is made, the phone asks for a pin >>> or >>> > asks if I want to allow a connection. I would like the hack to work >>> without >>> > interaction from the user of the phone. >>> > >>> > With bluesnarfer I get: >>> > >>> > >>> > root@Joshua:/media/disk/files/ >>> > bluesnarfer# ./bluesnarfer -r 1-100 -C 1 -b 00:11:22:33:44:55 >>> > device name: Craig >>> > ^Cbluesnarfer: release rfcomm ok >>> > >>> > >>> > I control-C out after a while because bluesnarfer waits and waits, I'm >>> > guessing waiting for the phone to accept the connection. >>> > >>> > With bluebugger I get: >>> > >>> > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger >>> -m >>> > Craig -c 1 -a 00:11:22:33:44:55 info >>> > >>> > bluebugger 0.1 ( MaJoMu | www.codito.de ) >>> > ----------------------------------------- >>> > >>> > Target Device: '00:11:22:33:44:55' >>> > Target Name: 'Craig' >>> > >>> > Mobile Identification >>> > --------------------- >>> > >>> > ...done >>> > >>> > >>> > but no data. >>> > >>> > I tried: >>> > >>> > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger >>> -m >>> > Craigc 1 -a 00:11:22:33:44:55 dial 7xxxxxxxxx >>> > >>> > bluebugger 0.1 ( MaJoMu | www.codito.de ) >>> > ----------------------------------------- >>> > >>> > Target Device: '00:11:22:33:44:55' >>> > Target Name: 'Craig' >>> > >>> > Dialing '7xxxxxxxx' ....call to '7xxxxxxxx' should be active now >>> > >>> > Press <enter> to abort bluetooth connection >>> > * shows 'cancel call too?'-popup on Nokia 6310i) >>> > >>> > but nothing actually dialed. >>> > >>> > The phones I've been trying are: >>> > >>> > HTC Droid Incredible >>> > LG Cosmos >>> > Samsung Intensity >>> > Palm Centro >>> > >>> > I've been doing this on my Ubuntu 10.04 box, but I am definitely open >>> to a >>> > bootable backtrack CD or other bootable iso. >>> > >>> > Any suggestions? Can I somehow pass it the pin or several pins? >>> > >>> > Thanks >>> > >>> > >>> > Craig L Bowser >>> >>> There is no way I'd try this without permission, you could get >>> yourself into all sorts of trouble. >>> >>> Probably best get a dummy phone, ask someone to put a contact in it >>> then show them how you can get that. >>> >>> Robin >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
