Bluejacking in Linux
”You have been bluejacked !”… and now your blood turns cold…
Relax.. real bluejacking wont’ do anything to your phone.. It is just another prank.. to pump up some adrenaline to your blood stream.
Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAsby sending a vCard which typically contains a message in the name field to another bluetooth enabled device via the Obex protocol.
The http://www.bluejackq.com/ has some interesting information regarding bluejacking.
We can do Bluejacking in Linux using ussp-push , an OBEX object pusher for Linux, using the BlueZ BlueTooth stack. If you have the bluetooth dongle in your machine(Laptop), you can bluejack your friends (certainly don’t do it on strangers, as it may hurt their feelings..).
Download ussp-push from http://freshmeat.net/projects/ussp-push/ and compile it. It depends on the Bluez library, openobex library and usblib libraries. Make sure you satisfy all these dependencies. For that , install the bluez-devel, openobex-devel and libusb-devel packages.
After compiling it, run it as
./ussp-push $MAC@$OCHAN $FILENAME $FILENAME
here MAC is the address of the bluetooth device obtained by the
hcitool scan
and OCHAN can be 1, but if it is not given, the ussp-push uses the sdp protocol to find the supported channel on the device.FILENAME is the name of the file to be sent to the remote phone.
Well, if you really want to see the wild side of ussp-push, see this shell program. http://archives.neohapsis.com/archives/fulldisclosure/2007-01/att-0435/obex_dos.sh
It successfully performed a DOS attack on my friend Jibin’s phone (done with his consent, just to check whether it works on a Sony Ericsson K700i)
