Follow up: Got a suggestions from NoVaHackers to use Car Whisperer. It works great and I'm just mucking around with coverting raw to wav with sox now.
Should be a fun demo. Thanks all. Craig L Bowser ____________________________ This email is measured by size. Bits and bytes may have settled during transport. On Mon, Mar 14, 2011 at 2:20 PM, Bill Swearingen <[email protected]>wrote: > agreed -- but I was assuming you would be in control of the wireless ;-) > > > On Mon, Mar 14, 2011 at 12:17 PM, Josh More <[email protected]> wrote: > >> I think that you should seriously consider the possibility of finding >> things that you do not wish to find. As you are dealing with minors the >> penalties that we all face when doing something "cool" are going to be >> higher. >> >> Driftnet could result in displaying certain images to a group of kids >> that, if it occurred, could be rather unfortunate for you personally. If >> your bluetooth attack finds stuff you are in a tricky reporting scenario. >> >> I think that the game idea is the best one, but don't run it on some >> random kid's phone. Instead, do it on your own kid's phone (or get a parent >> or teacher to volunteer their own kid). >> >> -Josh More >> >> >> On Mon, Mar 14, 2011 at 10:18 AM, Bill Swearingen >> <[email protected]>wrote: >> >>> dude.. >>> >>> Dont do the bluetooth stuff, go with Driftnet. >>> >>> Always a winner with crowds, and shows why free wifi is scrrrrrzy! >>> >>> >>> On Mon, Mar 14, 2011 at 9:08 AM, Robin Wood <[email protected]> wrote: >>> >>>> On 14 March 2011 11:44, craig bowser <[email protected]> wrote: >>>> > >>>> > So, I'm giving a talk at my son's school for career day. My talk is >>>> mostly >>>> > on the IA/Infosec career, but I thought I would do a quick simple >>>> bluetooth >>>> > hack to cut into the drone of person after person yapping up front. >>>> These >>>> > are 6-8th graders... attention span is limited. I know, I have two. >>>> > >>>> > Anyway, I've been trying to get bluenarfer and bluebugger to work to >>>> either >>>> > pull out an address book or dial a phone number. However, I can't >>>> seem to >>>> > get it working. When any connection is made, the phone asks for a pin >>>> or >>>> > asks if I want to allow a connection. I would like the hack to work >>>> without >>>> > interaction from the user of the phone. >>>> > >>>> > With bluesnarfer I get: >>>> > >>>> > >>>> > root@Joshua:/media/disk/files/ >>>> > bluesnarfer# ./bluesnarfer -r 1-100 -C 1 -b 00:11:22:33:44:55 >>>> > device name: Craig >>>> > ^Cbluesnarfer: release rfcomm ok >>>> > >>>> > >>>> > I control-C out after a while because bluesnarfer waits and waits, I'm >>>> > guessing waiting for the phone to accept the connection. >>>> > >>>> > With bluebugger I get: >>>> > >>>> > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger >>>> -m >>>> > Craig -c 1 -a 00:11:22:33:44:55 info >>>> > >>>> > bluebugger 0.1 ( MaJoMu | www.codito.de ) >>>> > ----------------------------------------- >>>> > >>>> > Target Device: '00:11:22:33:44:55' >>>> > Target Name: 'Craig' >>>> > >>>> > Mobile Identification >>>> > --------------------- >>>> > >>>> > ...done >>>> > >>>> > >>>> > but no data. >>>> > >>>> > I tried: >>>> > >>>> > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger >>>> -m >>>> > Craigc 1 -a 00:11:22:33:44:55 dial 7xxxxxxxxx >>>> > >>>> > bluebugger 0.1 ( MaJoMu | www.codito.de ) >>>> > ----------------------------------------- >>>> > >>>> > Target Device: '00:11:22:33:44:55' >>>> > Target Name: 'Craig' >>>> > >>>> > Dialing '7xxxxxxxx' ....call to '7xxxxxxxx' should be active now >>>> > >>>> > Press <enter> to abort bluetooth connection >>>> > * shows 'cancel call too?'-popup on Nokia 6310i) >>>> > >>>> > but nothing actually dialed. >>>> > >>>> > The phones I've been trying are: >>>> > >>>> > HTC Droid Incredible >>>> > LG Cosmos >>>> > Samsung Intensity >>>> > Palm Centro >>>> > >>>> > I've been doing this on my Ubuntu 10.04 box, but I am definitely open >>>> to a >>>> > bootable backtrack CD or other bootable iso. >>>> > >>>> > Any suggestions? Can I somehow pass it the pin or several pins? >>>> > >>>> > Thanks >>>> > >>>> > >>>> > Craig L Bowser >>>> >>>> There is no way I'd try this without permission, you could get >>>> yourself into all sorts of trouble. >>>> >>>> Probably best get a dummy phone, ask someone to put a contact in it >>>> then show them how you can get that. >>>> >>>> Robin >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>>> >>> >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
