Re: @stake tool announcement: RedFang 2.5: The Bluetooth Hunter

From: Ollie Whitehouse (ollie_at_atstake.com)
Date: 11/02/03

  • Next message: Andy Cuff [Talisker]: "Scanning Tools" 
    To: "David J. Jackson" <djackson@netdmz.com>, <pen-test@securityfocus.com>
Date: Sun, 2 Nov 2003 20:39:31 -0000

    David,

    Have not used the Belkin device but if it's supported by the Bluez Linux stack
    then it will work with RedFang, also check out the 'OTHERS' file in the
    RedFang .tar.gz this lists two other programs besides RedFang and Bluesniff
    (one Windows one Linux).

    I would also recommend reading the 'War Nibbling' whitepaper on atstake.com as
    this is a good intro to hunting down those pesky Bluetooth devices ;)...

    Rgds

    Ollie
    ----- Original Message -----
    From: "David J. Jackson" <djackson@netdmz.com>
    To: "Ollie Whitehouse" <ollie@atstake.com>; <pen-test@securityfocus.com>
    Sent: Sunday, November 02, 2003 3:25 AM
    Subject: RE: @stake tool announcement: RedFang 2.5: The Bluetooth Hunter

    Does anyone know how to add a Belkin USB Bluetooth adapter (F8T003) to the
    list of known adapters with Red fang? Are there any other Bluetooth detection
    programs out there yet besides this one and Bluesniff? Has anyone used Red
    fang or Bluesniff at all?

    Thanks!
    David Jackson, GSEC

    -----Original Message-----
    From: Ollie Whitehouse [mailto:ollie@atstake.com]
    Sent: Monday, October 20, 2003 8:53 AM
    To: pen-test@securityfocus.com
    Subject: @stake tool announcement: RedFang 2.5: The Bluetooth Hunter

    All,

    Tool: Redfang - The Bluetooth Hunter
    Version: 2.5 (15 oct 2003)
    Platforms: Linux (tested on Redhat 9 / Mandrake 9.1)
    Author: Ollie Whitehouse, Simon Halsall (of QinetiQ), Stephen Kapp

    Redfang v2.5 is an enhanced version of the original application that finds
    non-discoverable Bluetooth devices by brute-forcing the last six bytes of the
    device's Bluetooth address and doing a read_remote_name(). This new version
    has streamlined code, enumerates service information, and supports multiple
    threads for substantial speed gains using multiple devices (maximum
    theoretical limit of 127 USB devices). This release of Redfang was developed
    in collaboration with QinetiQ as part of their work in the DTI Next Wave
    Technologies project FORWARD. (For more information about the underlying
    concepts of Bluetooth discovery, read our research report War Nibbling:
    Bluetooth Insecurity.)

    http://www.atstake.com/research/tools/info_gathering/

    Rgds

    Ollie 

    ---
Ollie Whitehouse
Director of Security Architecture
@stake Inc / Atstake Ltd
http://www.atstake.com/
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_pen-test_031015
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------
  • Next message: Andy Cuff [Talisker]: "Scanning Tools"

    Relevant Pages