Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE ID: WVE-2005-0010
Type: Exploit
Status: Candidate
Classification:
Other
Description:
Blueprint is a tool that can be used to identify the make and model of a particular Bluetooth device remotely.
Discussion:
The Blueprint tool can identify the make and model of a Bluetooth device remotely by looking at two key pieces of information. First the device's BD_ADDR is examined.
BD_ADDRs are a six byte number that uniquely identify any given Bluetooth device. These addresses are much like the MAC addresses used in ethernet and 802.11. The format of the address is XX:XX:XX:YY:YY:YY, where the first three bytes in the address (those denoted by X's) uniquely correspond to a vendor. Thus, the manufacturer of the device can be determined by examining this portion of the device's address.
The second piece of information examined by Blueprint is used to determine the model of the device. To do this is it examines the SDP (Service Discovery Protocol) records which advertise the services the device provides.
These two pieces of information are combined and run through a hashing function to create a unique fingerprint of the device. If a matching hash in Blueprint's database is found then the remote device's model can be successfully determined. However, if it is not in the database and the model of the remote device is known in advance, then the device's hash can be added to the database.
Credits
Author:
Collin
Mulliner
(collin@trifinite.org)
: trifinite.org
Author:
Martin
Herfurt
(martin@trifinite.org)
: trifinite.org
References
URL:
http://trifinite.org/trifinite_stuff_blueprinting.html
Released: 2004-12-28
Submitter
Andrew
Lockhart
(alockhart@networkchemistry.com)
: Network Chemistry
Submitted: Tue Oct 18 15:42:34 -0700 2005
Candidate Date: Mon Oct 24 10:04:43 -0700 2005
