[TOOL] HeloMoto - Bluetooth Device Planter

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -



HeloMoto - Bluetooth Device Planter
------------------------------------------------------------------------


SUMMARY



DETAILS

The HeloMoto attack has been discovered by
<http://trifinite.org/trifinite_group_adam.html> Adam Laurie and is a
combination of the BlueSnarf attack and the
<http://trifinite.org/trifinite_stuff_bluesnarf.html> BlueBug attack. The
attack is called HeloMoto, since it was discovered on Motorola phones.

The HeloMoto attack takes advantage of the incorrect implementation of the
'trusted device' handling on some Motorola devices. The attacker initiates
a connection to the unathenticated OBEX Push Profile pretending to send a
vCard. The attacker interrupts the sending process and without interaction
the attacker's device is stored in the 'list of trusted devices' on the
victim's phone. With an entry in that list, the attacker is able to
connect to the headset profile without authentication. Once connected to
this service, the attacker is able to take control of the device by means
of AT-commands (as BlueBug).

HeloMoto - tool to extract personal information from early Motorola
V-Series (written for for Linux using BlueZ) by Adam Laurie Download
<http://trifinite.org/Downloads/helomoto.tgz> helomoto.tgz

HeloMoto-Maemo - HeloMoto tool compiled to be used on a Nokia 770 Tablet
PC (written for for Linux using BlueZ) by Adam Laurie
<http://trifinite.org/Downloads/helomoto-maemo.tgz> Download
helomoto-maemo.tgz


ADDITIONAL INFORMATION

The information has been provided by <mailto:adam@xxxxxxxxxxxxx> Adam
Laurie.
To keep updated with the tool visit the project's homepage at:
<http://trifinite.org/trifinite_stuff_helomoto.html>
http://trifinite.org/trifinite_stuff_helomoto.html



========================================


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx


====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages