Wireless Hacking Tools
devices. Once the key regeneration is done, the attacker has full access to any services provided by the victim's device.
5.1 Bluetooth Attack Tools
The number of tools available to attack Bluetooth devices is also growing with the growing popularity of Bluetooth devices. For DoS attacks, the BlueSmack  tool can be used to launch the ping of death attack on Bluetooth devices. It works by requesting an echo from a Bluetooth device. When thousand of these echoes are requested, the device cannot service anything but the echoes and causes a DoS. Other DoS tools include BlueChop  and BluePass . BlueChop can be used to disrupt the established piconet and BluePass can be used to create Bluetooth packets to cause the buffer overflow attack.
BlueSnarf  is a tool that can be used for bluesnarfing. Again means obtaining unauthorized files from a Bluetooth device by keeping the connection open and requesting those file. BlueBump  is a tool that can be used to obtain the victim's key. Some PDAs will allow an attacker to request a key regeneration that can be used later to gain full access to the system. The table below summarizes the Bluetooth attack tools presented.
As Bluetooth technology becomes more prevalent in user's everyday lives and as more product become available, more attack tools will emerge. There are several DoS attacks that can be used to disrupt normal Bluetooth communication. Also there are attacks to gain full access to a victim's device. All of which can cause major problems for the user.
Table 4 - Summary of Bluetooth attack tools
Type of Attack
BlueSmack Issues ping of death attack
Disrupts and existing BlueChop piconet
Causes a buffer overflow attack
Obtain unauthorized access BlueSnarf to files.
BlueBump Obtains the piconet key
Back to Table of Contents
In this paper we discussed several attack tools for 802.11 and Bluetooth systems. Since both of these protocols are a major part of everyday lives, many attack tools exist. The attacks can be categorized into three major categories: confidentiality, integrity, and availability. Confidentiality attac ks include sniffing, encryption cracking, and AP attacks. Integrity attacks include attacks on the data while in transmission. This includes frame manipulation, addition, and subtraction. Finally, the availability attacks in all DoS attacks.
Presented were wireless hacking tools and possible attacks on wireless networks. Although wireless networks will probably never be completely secure because research on protocol vulnerabilities will always continue, one can keep their network as secure as possible. Staying educated on the latest encryption schemes and other network security related items is probably the best way to keep your network secure. You will not be able to stop the sniffing of your traffic; however, you can prevent the attacker from being able to decipher the traffic. The protocols
9 of 12
12/19/2007 5:16 PM