Abstract
As mobile operating systems reach the same level of complexity of computer operating systems, these may be affected by the same vulnerabilities and may be subject to the same kind of attacks. Bluetooth provides connectivity to a mobile phone but this network can also be used as a channel to deploy attacks and access its resources, such as personal information, confidential files or the possibility of making phone calls and consume the user’s balance. When the first attacks to early Bluetooth mobile phones came up, manufacturers were forced to raise awareness about Bluetooth and make improvements in the security of the implementation. In spite of the improvements, we introduce a multi-platform vulnerability for mobile phones that allows a remote attacker to list arbitrary directories, and read and write arbitrary files via Bluetooth. Our experience shows that the attack can be performed in a real environment and it may lead to data theft.
Chapter PDF
Similar content being viewed by others
References
Bluetooth SIG: Profiles overview, http://bluetooth.com/English/Technology/Works/Pages/Profiles_Overview.aspx
Laurie, A., Holtmann, M.: BlueSnarf (2003), http://trifinite.org/trifinite_stuff_bluesnarf.html
Laurie, A., Holtmann, M., Herfurt, M.: BlueSnarf++ (2005), http://trifinite.org/trifinite_stuff_bluesnarfpp.html
Herfurt, M.: BlueBug (2004), http://trifinite.org/trifinite_stuff_bluebug.html
Laurie, A.: HeloMoto (2004), http://trifinite.org/trifinite_stuff_helomoto.html
Finisterre, K.: Blueline, Motorola Bluetooth Interface Dialog Spoofing Vulnerability, CVE-2006-1367 (2006)
Zuckschwerdt, C.W.: ObexFTP (2002), http://dev.zuckschwerdt.org/openobex
Whitehouse, O.: War Nibbling: Bluetooth Insecurity (2003), http://www.atstake.com/research/reports/acrobat/atstake_war_nibbling.pdf
Shaked, Y., Wool, A.: Cracking the Bluetooth PIN. In: Proceedings of the 3rd International Conference on Mobile Systems, MOBISYS 2005, Seattle, Washington (2005)
Zoller, T.: BTCrack (2007), http://secdev.zoller.lu/btcrack.zip
Zoller, T.: Scheunentor Bluetooth, Heise Security konferenz, Hamburg (2007)
Hulton, D.: btpincrack (2006), http://openciphers.sourceforge.net/oc/btpincrack.php
Moser, M.: Busting the Bluetooth Myth - Getting RAW Access (2007), http://packetstormsecurity.org/papers/wireless/busting_bluetooth_myth.pdf
Spill, D., Bittau, A.: BlueSniff: eve meets alice and bluetooth. In: Proceedings of the First Conference on First USENIX Workshop on Offensive Technologies, Boston, Massachusetts, pp. 5–5 (2007)
Bittau, A.: BTSniff (2007), http://darkircop.org/bt/bt.tgz
Lindell, A.Y.: Attacks on the Pairing Protocol of Bluetooth v2.1, Black Hat USA, Las Vegas, Nevada (2008)
Moreno Tablado, A.: HTC / Windows Mobile OBEX FTP Service Directory Traversal Vulnerability, CVE-2009-0244 (2009)
HTC: Hotfix to enhance the security mechanism of Bluetooth service, http://www.htc.com/asia/SupportDownload.aspx?p_id=140&cat=0&dl_id=609 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Moreno, A., Okamoto, E. (2011). BlueSnarf Revisited: OBEX FTP Service Directory Traversal. In: Casares-Giner, V., Manzoni, P., Pont, A. (eds) NETWORKING 2011 Workshops. NETWORKING 2011. Lecture Notes in Computer Science, vol 6827. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23041-7_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-23041-7_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23040-0
Online ISBN: 978-3-642-23041-7
eBook Packages: Computer ScienceComputer Science (R0)