I think that you should seriously consider the possibility of finding things that you do not wish to find. As you are dealing with minors the penalties that we all face when doing something "cool" are going to be higher.
Driftnet could result in displaying certain images to a group of kids that, if it occurred, could be rather unfortunate for you personally. If your bluetooth attack finds stuff you are in a tricky reporting scenario. I think that the game idea is the best one, but don't run it on some random kid's phone. Instead, do it on your own kid's phone (or get a parent or teacher to volunteer their own kid). -Josh More On Mon, Mar 14, 2011 at 10:18 AM, Bill Swearingen <[email protected]>wrote: > dude.. > > Dont do the bluetooth stuff, go with Driftnet. > > Always a winner with crowds, and shows why free wifi is scrrrrrzy! > > > On Mon, Mar 14, 2011 at 9:08 AM, Robin Wood <[email protected]> wrote: > >> On 14 March 2011 11:44, craig bowser <[email protected]> wrote: >> > >> > So, I'm giving a talk at my son's school for career day. My talk is >> mostly >> > on the IA/Infosec career, but I thought I would do a quick simple >> bluetooth >> > hack to cut into the drone of person after person yapping up front. >> These >> > are 6-8th graders... attention span is limited. I know, I have two. >> > >> > Anyway, I've been trying to get bluenarfer and bluebugger to work to >> either >> > pull out an address book or dial a phone number. However, I can't seem >> to >> > get it working. When any connection is made, the phone asks for a pin >> or >> > asks if I want to allow a connection. I would like the hack to work >> without >> > interaction from the user of the phone. >> > >> > With bluesnarfer I get: >> > >> > >> > root@Joshua:/media/disk/files/ >> > bluesnarfer# ./bluesnarfer -r 1-100 -C 1 -b 00:11:22:33:44:55 >> > device name: Craig >> > ^Cbluesnarfer: release rfcomm ok >> > >> > >> > I control-C out after a while because bluesnarfer waits and waits, I'm >> > guessing waiting for the phone to accept the connection. >> > >> > With bluebugger I get: >> > >> > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger >> -m >> > Craig -c 1 -a 00:11:22:33:44:55 info >> > >> > bluebugger 0.1 ( MaJoMu | www.codito.de ) >> > ----------------------------------------- >> > >> > Target Device: '00:11:22:33:44:55' >> > Target Name: 'Craig' >> > >> > Mobile Identification >> > --------------------- >> > >> > ...done >> > >> > >> > but no data. >> > >> > I tried: >> > >> > root@Joshua:/media/disk/files/bluebugger/bluebugger-0.1# ./bluebugger >> -m >> > Craigc 1 -a 00:11:22:33:44:55 dial 7xxxxxxxxx >> > >> > bluebugger 0.1 ( MaJoMu | www.codito.de ) >> > ----------------------------------------- >> > >> > Target Device: '00:11:22:33:44:55' >> > Target Name: 'Craig' >> > >> > Dialing '7xxxxxxxx' ....call to '7xxxxxxxx' should be active now >> > >> > Press <enter> to abort bluetooth connection >> > * shows 'cancel call too?'-popup on Nokia 6310i) >> > >> > but nothing actually dialed. >> > >> > The phones I've been trying are: >> > >> > HTC Droid Incredible >> > LG Cosmos >> > Samsung Intensity >> > Palm Centro >> > >> > I've been doing this on my Ubuntu 10.04 box, but I am definitely open to >> a >> > bootable backtrack CD or other bootable iso. >> > >> > Any suggestions? Can I somehow pass it the pin or several pins? >> > >> > Thanks >> > >> > >> > Craig L Bowser >> >> There is no way I'd try this without permission, you could get >> yourself into all sorts of trouble. >> >> Probably best get a dummy phone, ask someone to put a contact in it >> then show them how you can get that. >> >> Robin >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
