Most wireless device is nowadays have built in Bluetooth technology. And while it’s handy, sometimes it’s not always that secure. So this video is going to talk about certain unsecurities of it and how to prevent those unsecurities.
In the movie The Dark Knight by Christopher Noah, they introduced a technology that sends and receives sounds from a mini cellphone and then using sonar maps out that location. While it seems a little bit farfetched, the underlying principal of it can be found in this hack minus the sonar map.
I’m going to be using Linux for these tutorials. I’m going to go to System Administration and then Synoptic Package Manager. What you want to do in the Quick Search just type in Bluetooth. And this brings up all the applications that you can install in Linux. If you’re curious about one, just select it and then it will give you a description of it below. So I’m going to install libbluetooth-dev and then also btscanner. We won't be using btscanner but it still cool to look into. And then when you got everything, just click Apply and close out of it.
Now what you want to do is open up a new web browser and we’re going to download a program called the CarWhisperer from the link below. CarWhisperer is a program that allows you to access Bluetooth headsets and not only seen sounds to it but also record sounds that are coming from it. Anything that’s being said into the Bluetooth headset you can record. So I’m going to choose to open it with the Archive Manager and then just extract it to the desktop. And just for your reference, the link that’s scrolling below for the tinkernut.com forums. If you have any questions about links or anything that you see here, any scripts you can find it in the forums.
So now I just opened up the terminal and I’m going to create an hcid.com file in the etc/Bluetooth folder. You can do that using GEdit. And what I just pasted here you can find in the forms just copy that and paste it and find where it says passkey and type in 0000 and then just save and close out of it. And that should take you back to the terminal.
So now I’m going to navigate to the CarWhisperer folder that we just extracted to the desktop by using the CD function. And then I’m going to type in DIR to show everything that’s listed in there. And you’ll see what’s called a Makefile. Now if you just sudo make, that will start the installation process. And normally you would do sudo make install after that but as you can see it gives an error. So what we’re going to do is edit that make file that I just showed you and find where it says cw_pin.sh and it send to location just changed the .sh to .pl. and then just save and close out of it to get back to the terminal. And now if you type in sudo make install, it should complete the installation process.
So now what you want to do is get information about your Bluetooth device by typing in hciconfig hci0. And if it says it is down just do your sudo hciconfig hci0 up to put it into up status, up and running status. Now if you type hciconfig –a, that will give you the device class which says that it’s a computer desktop workstation but we want to change that to a phone to full a Bluetooth device. So to change that, type in sudo hciconfig hci0 class 0x500204. And now if you do hciconfig –a, you’ll see that under device class has a listed as a phone.
So now to perform the hack, what you want to do is type in hcitool scan hci0. And that scans all the Bluetooth devices that are in a range. As you can see, I have a Jabra headset. Now just type in carwhisperer to show all the commands a carwhisperer accepts. And now I’m going to go back to desktop, the CarWhisperer folder that we created and just did the DIR again. And now you can type in carwhisperer and then hci0. And then looking at the DIR list above, you want to type in message.raw to send an audio file and then out.raw is what is going to record to. That’s the file that you’re going to be receiving. And now I’m just typing the address of the Bluetooth device that’s found above and hit Enter. And it will send the message.raw file to play in the Bluetooth device. And as you can see by these dots, it’s going to start recording what’s being said into the Bluetooth device until you hit control C to exit.
And out.raw, it’s recorded in a raw format because that’s the audio format that phone’s used. If you want to convert it to say like a wave file or mp3 file, you’ll need to get a program called sox or just do sudo apt-get install sox and that will install it for you. Now I’m just going to navigate to the carwhisperer directory again and you’re probably already there. But I’m just going to navigate to it. And now you want to type in the script as listed here. If you want the full script and you want more information on this and how to improve it, how to improve the sound quality, just go to the tinkernut.com forums. But this is a script to convert it to a wave file when you hit enter. And this is what it sounds like.
Alright, that’s it for this tutorial. For more, go to tinkernut.com
Transcription by:
Scribe4you Transcription Services