Adam Laurie wrote:
My apologies - I took the posting to "full-disclosure" too
literally... You are right - background info is also useful for those
that are starting to get into this (rich) field of research...
No worries.
Boat loads of theoretical papers and over used paragraphs from existing
documents seem to be all that exists. Its nice to get some other info
out there.
I do not have that code, but I know it exists...
The israelis practice security through Obscurity so good luck getting it
from them. =]
Heh. No, mine cost me $0.00 :)
Hahah sounds like I got ripped off then. =P
Fair point. Leverage one vulnerability to exploit another, and you
have a useful attack.
As a side note if anyone knows the method that Widcomm uses to obfuscate
the keys stored in the registry I am all ears. If you take a key from
the registry on Windows you will need to reverse the obfuscation first.
On PocketPC platforms however the Link Key is in plain text.
AFAIK 'bdaddr -h' and the source are the only docs, but it works with
all of the dongles I've tried it with (all CSR based). Check with
Marcel for full capabilities, but I know it supports Ericsson, CSR and
Zeevo.
Yeah that is a nice tool... it would have saved me the trouble of
hunting down an ROK101004 chip and dev board if I had known about it. =]
In general I do not think the vendors want us to be able to set the
BD_ADDR. Every time I asked Ericsson or Infineon how to do it they
usually responded with "Why do you want to change your BD_ADDR" and the
HCI commands document for ROK 101 008 mysteriously leaves out the opcode
to set the bd_addr.
Once again, my apologies if I came across too critical - I really was
looking at your post from the wrong angle...
No worries... I did feel like ya grilled me at first so thanks for the
clarification and thanks for that extra info on the CSR setbdaddr!
-KF
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
