This page has been robot translated, sorry for typos if any. Original content here.

Bluetooth (FAQ and hacking)

* What is Bluetooth?
* How does Bluetooth work?
* Is the frequency conflict between Bluetooth devices and others using wireless radio possible?
* Is Bluetooth technology certified in Russia?
* Why do many people call bluetooth bluetooth?
* What are some Bluetooth devices?
* How can I use Bluetooth?
* At what distance can a Bluetooth connection be made?
* What is the power consumption and data transfer rate via a bluetooth connection?
* Is it possible to protect data transmitted via Bluetooth, and how does it work?
* Who can access my Bluetooth device while the wireless function is active?
* How to set up a Bluetooth device to interact? * What is pairing Bluetooth devices?
* When I communicate with two Bluetooth-enabled devices, I am constantly being asked for a password. Is it possible to automate the process of their identification?
* I have completed all the settings for Bluetooth, but the devices cannot establish a connection. How can this problem be solved?
* Who makes Bluetooth chips?
* Should we expect the integration of Bluetooth technology with personal computers?
* Does Bluetooth have competitors?
* How much does Bluetooth production cost and when will the technology be available to the average user?
* What are the prospects for the development of technology?

Technical part:

What is Bluetooth?
Globally, Bluetooth is a wireless data transmission technology for any device with its support: mobile phones, PDAs, laptops, desktops, printers, digital devices, and even home appliances. The physical incarnation of Bluetooth is a small chip representing a short-range high-frequency transceiver operating in the ISM (Industrial, Scientific and Medical) frequency band 2.4465-2.4835 GHz. The range is designed for the operation of medical devices, household appliances, cordless phones, wireless LAN networks of the IEEE standard. No license is required to use it.

How does bluetooth work?
Bluetooth works as a multipoint radio channel controlled by a multi-layer protocol, like GSM cellular communication. Bluetooth is able to “bypass” the obstacles (including walls), so the connected devices may be out of sight. The connection can occur not only on the basis of the point-to-point principle (two devices), but also on the principle of a point-several points (one device works with several others). In addition to having a Bluetooth chip in various devices, certain software is required to operate the system. The technology uses small short-range transceivers, either directly embedded in the device, or connected via a free port or expansion slot (USB, СF, SD / MMC, MS, PCMCIA). The technology uses FHSS - frequency hopping (1600 hops per second) with spreading. When operating, the transmitter switches from one operating frequency to another using a pseudo-random algorithm in order to avoid conflicts with other devices. For full duplex transmission, time division duplex (TDD) is used. Isochronous and asynchronous data transfer is supported, and easy integration with TCP / IP is provided. Time slots are deployed for synchronous packets, each of which is transmitted at its own frequency of the radio signal. Each device has a unique 48-bit network address that is compatible with the IEEE 802.11x LAN standard format.

Is the frequency conflict possible between Bluetooth devices and others using wireless radio?
The frequency range of Bluetooth operation coincides with the working range of most modern wireless systems in industry, scientific and medical institutions, and everyday life. In the case of the so-called "frequency conflict" between Bluetooth and other wireless systems in this range, serious interference may occur. To solve this problem, the intermittent principle of Bluetooth operation was implemented. That is, during its operation, the frequency of the radio transmitter is constantly changing from one to another (1600 jumps per second). This allows you to release the necessary frequency to other devices and avoid conflicts.

Is Bluetooth technology certified in Russia?
At the time of this writing, Bluetooth in Russia has not yet been officially certified. Many countries of the world have already been convinced of its safety and usefulness, but in the Russian Federation, traditionally, everything new is treated with caution. How much longer the process of licensing the technology is not yet known. It is quite obvious that until this happens, large companies producing Bluetooth equipment will not ship it to the country, which, of course, hampers the spread and cheapening of technology in Russia. At the moment, only those devices that have Bluetooth support as a secondary function (cell phones, printers, etc.) are officially supplied. Devices that are primarily designed to carry out Bluetooth communication (Bluetooth adapters, etc.) while present on the market illegally.

But if this issue can be resolved positively in the near future, then, for example, in France this will not happen soon. The fact is that there the 2.4 GHz band used by Bluetooth is occupied by the military, which, as is usually the case, does not make concessions. True, a small part of the ISM-band (2.4465-2.4835 GHz) still remains free. For France, it seems, special Bluetooth devices will be developed that are incompatible with devices manufactured for the rest of the world.

Why do many people call bluetooth bluetooth?
The fact is that the literal translation of Bluetooth from English is a “blue tooth”. However, the name of the technology did not come about by chance, and it was not a dentist who invented it. In fact, it is inextricably linked with history. Long ago Bluetooth was called the Danish Christian king, who lived in the 900s and ruled during the time of the Viking raids on Western Europe. King Harald Blue Tooth (Harald Bluetooth) made history as a collector of Scandinavian lands. In particular, he is credited with the union of Denmark and Norway. Apparently, the inventors of Bluetooth technology that are knowledgeable in historical issues decided that, by analogy with the story of the king-unifier of lands, it is intended to unite the world of mobile electronics.

What are Bluetooth devices?
Today, Bluetooth devices are as follows: wireless headsets (wireless handsfree or headset), cell phones, PDAs, Bluetooth adapters and modules, printers, car control systems, handwriting recognition pens, home appliances. In the future, their number and varieties will grow rapidly.

How can I use Bluetooth?
Already today, you can give a lot of examples of successful use of Bluetooth. Today the most common example is the transfer of various kinds of data between devices at a short distance. For example, the same telephone conversation via a wireless headset or Internet access from a mobile computer without using any cable connections. In this case, the telephone performs the function of a remote telephone set or modem, which can lie, say, in a jacket pocket or suitcase, without occupying the user's hand. Or the access point to the corporate network in the office may be out of sight in another room, but the equipment is able to work with remote data just as well, if its user's computer was connected to the local network via cable.

How far can a Bluetooth connection be made?
Initially, the technology was conceived for a rather narrow application in communication equipment and assumed the possibility of communication at a distance of up to 10 meters. Today, some firms already offer Bluetooth chips capable of supporting communication at a distance of up to 100 meters. Since Bluetooth radio technology is “not afraid” of obstacles, therefore, the connected devices may be out of sight. The connection occurs automatically as soon as the Bluetooth devices are within reach, not only with one device, but with several at once (if they are within reach).

What is the power consumption and data transfer rate via a bluetooth connection?
According to the established standard, the power consumption of Bluetooth devices should not exceed 10 mW (0.1 W). The data transfer rate stipulated by the standard is about 720 Kbps in asymmetric mode and 420 Kbps in full duplex mode. Three voice channels are transmitted, but not video.
Is it possible to protect data transmitted by

Bluetooth, and how does it work?
Yes. Firstly, a standard identification procedure is required to communicate with any Bluetooth enabled device. Each device has a unique 48-bit network address that is compatible with the IEEE 802.11x LAN standard format. At these addresses, the devices identify each other. For access from any Bluetooth device to another, active and within reach, a two-way password check is necessary. Only after this interaction can be carried out. Secondly, thanks to the software, encryption of data transmitted between any devices that support a compatible algorithm can be implemented.

Who can access my Bluetooth device while the wireless function is active?
It all depends on the mode of operation of your device. As a rule, the software of Bluetooth devices has a wide range of settings, which makes it easy to change its behavior with respect to communication partners. You can enable / disable the visibility of your device to other users. For example, by creating a list of devices periodically used by you, you can make your device inaccessible to any others. In this case, all attempts to access your device by the "outsiders" will be blocked, since they are not in the previously formed list of communication partners. Configuring the interaction of Bluetooth devices requires some experience and an understanding of their interaction patterns. In order to avoid unauthorized access to the data of your device, you must perform all the necessary settings under the conditions of interaction with the network environment.

How to set up Bluetooth devices for interaction? What is the pairing of Bluetooth devices?
First, Bluetooth is activated on at least two devices that need to be made to work together. They must be located within reach of each other (for mobile devices 8-10 m).
Then, one of them searches for available devices, and forms a list of the environment. Each Bluetooth device has its own unique 48-bit network address, like the MAC address of a network adapter in a regular PC, which is used to identify devices.
Further, the identification process itself is carried out. Suppose that when searching in a network environment found the network address of a mobile phone. It is stored in the memory of the device that was searched. Then you decide to “pair” the two devices for interaction and activate the corresponding cell phone record on the searched device. As a result, your device tries to access a mobile phone and sends it its unique network address. That, in turn, enters this address into its list of network environments, but before access to its resources is opened, the phone will ask for a numeric password. After entering it on the phone, a similar request will appear on the device that requested the communication session. If the passwords match on both devices, the interaction will be established. The second and third stages are called the process of "pairing" Bluetooth devices.

General issues:
"Click to show the spoiler - click again to hide ..."
Q: What is BlueChalking / BlueJacking?

A: BlueChalking is a way to meet and communicate with people, use network services (play over the network, access to file servers, the Internet) using devices equipped with a wireless Bluetooth interface. They are equipped with many modern mobile phones, PDAs, laptops.
Also - symbols used by blyuchery.
BlueJacking is almost the same as BlueChalking, only bluejackers usually send anonymous messages to have fun. Their interest is to observe the reaction of the people who received their messages.

Q: I want to start right now, what should I do?

A: First, turn on Bluetooth in your device (see the instructions and technical section FAQ), set there “visibility for others”, and also give your device a meaningful name (many use their network nicknames). Now you are a full member of the community. You can use the search to identify devices that are nearby or wait until they find you.

Q: Where can I get software for BlueChalking (Jacking)?

A: In the simplest case, software is not needed. Create a new contact in your address book, write a message in the name field (or any other) and send via Bluetooth (see how to do this, see the instructions for your device).
If you want additional features, then there are special programs. For example, BuZZone ( for Pocket PC, Mobiluck ( for Symbian Series 60 smartphones (Nokia 3650, 3660, 6600, 7650, etc. .)

Q: I managed to find some device, what should I do next?

A: See the question: Where can I get software for BlueChalking (Jacking)? You can also try sending a picture.

Q: I found "neighbors", but here they have some incomprehensible numbers instead of names or a phone model is indicated, why?

A: This situation usually occurs if the owner of the device does not know about the amazing possibilities that are available to him. These people need to be treated with special attention, because they are potential members of the few BlueChalkers that are still few in number. Unclear numbers is the unique address of the Bluetooth module. According to it, if you wish, you can determine the manufacturer of the module (here - .

* When I communicate with two Bluetooth-enabled devices, I am constantly being asked for a password. Is it possible to automate the process of their identification?

Can. Bluetooth device software has a wide range of settings that regulate their interaction with communication partners. There are a lot of settings, and they may differ from device to device. Among the common functions, there is usually the possibility of automatically identifying devices after they have been “paired”. In this case, no passwords will be requested again, since the necessary information for authentication is stored in the device memory after the initial identification.

* I have completed all the settings for Bluetooth, but the devices cannot establish a connection. How can this problem be solved?

Check if the Bluetooth function is activated on the second device with which you are connecting.
Make sure that the devices are within reach of each other (for mobile devices, this is a distance of 8-10 meters, which can decrease somewhat as the batteries run out).
Once again, carefully check all the settings. If data encryption is installed on one of the devices, the second must also support it.
If the auto-save password feature is enabled, disable it on both devices, perform the authentication process again.
Remove the old information from the list of partners for communication, re-search for active equipment and again “pair” the desired devices.
Check the availability of software updates on the websites of the developers of the devices used. While the software often causes incompatibility problems of some functions on devices from different manufacturers.

* Who makes Bluetooth chips?

The development of Bluetooth-devices can be engaged in any company. Bluetooth-stuffing is developed directly by the manufacturer of the equipment or purchased from other companies. The company Ericsson first created a device that actually works with Bluetooth technology. In early 1998, several giants of the computer and telecommunications market, such as Ericsson, 3COM, Nokia, Intel, IBM, Toshiba, joined to create a technology of wireless connection between mobile devices and peripheral equipment. Soon after, the Special Interest Group (SIG) was represented. Very quickly companies such as Motorola, Dell, Compaq, Xircom and many others joined it. A Bluetooth forum was created, which includes about two thousand companies ( The massive entry of technology into the open market has already begun, and we can personally see this for ourselves. Bluetooth technology is not for nothing called one of the most promising and rapidly developing, because it is convenient, easy to use and relatively cheap.

* Should we expect the integration of Bluetooth technology with personal computers?

Yes, definitely. Recently, Bluetooth technology has received increasing attention, and this should facilitate its introduction into a wide variety of devices. While the price of Bluetooth devices is quite high, and many developers are not in a hurry with its implementation, which slows down the massive spread of technology. To date, the support of Bluetooth, even announced by Microsoft, which promises to soon release the necessary software updates for such devices under Windows XP. Some firms already provide for the possibility of installing internal Bluetooth modules when purchasing, for example, laptops.

* Does Bluetooth have competitors?

At the initial development stage, the blue tooth was not considered a competitor for technologies such as IEEE 802.11a, IEEE 802.11b and HomeRF. It works in the 2.44 GHz band in the same way as they do, but this project was focused on more formal specifications, less global and narrower in its purpose. Rather, the main competitor of Bluetooth at the first stage of development was IrDA - today the most widely used wireless technology for connecting computers and external devices. It converts information into infrared radiation and transmits from one device to another. However, along with the advantages of infrared communication has significant drawbacks: work on a point-to-point basis (only two devices at a time), the equipment must be in line of sight, the range of infrared transceivers is usually not more than a few meters. And Bluetooth acts as a multipoint radio channel (several devices at the same time), for a full connection of all the components it is not necessary for them to be very close (up to 8-10 meters or more), there may be physical barriers between them.

New, especially "long-range" Bluetooth equipment is now seen as a competitor to IEEE 802.11x, HomeRF, that is, as a technology for building local networks. Due to the fact that one of the most important parameters of the "blue tooth" was to be the low cost of communication devices, as well as the miniaturization of chips, the technology is becoming more and more attractive for a variety of applications. In the near future, Bluetooth may become the de facto standard for wireless communications, displacing other, more expensive and less mobile standards. The most significant competition for Bluetooth will be the specifications for IEEE 802.11x wireless local area networks.

* How much does Bluetooth production cost and when will the technology be available to the average user?

Analysts believe that the optimal price for a set of components to support Bluetooth: a processor, a radio transmitter, an antenna, and flash memory is $ 5. Now the manufacturers of various equipment embedding these elements costs $ 10-15, and this is a significant difference. For comparison, the infrared port costs companies only $ 1 per set. It turns out that as soon as the production volumes of Bluetooth components increase, and their prices decrease, the technology will become super popular. The solution can be a complex version of a Bluetooth device on a single chip, which will significantly reduce its cost, which some manufacturers are already implementing
Bluetooth components.

* What are the prospects for the development of technology?

They have huge Bluetooth. It is expected that this technology will be compatible with very many protocols and systems. Low cost, high degree of protection, convenience and ease of use are very significant advantages of the standard. The use of the 2.4 GHz frequency does not require licensing, and the distribution of other licenses for working with Bluetooth is made for a nominal fee. In addition to the general availability, this technology promises to become generally accepted, since in the near future the global industrial community will adopt the technology as a global standard. This unity is due to the fact that it is much easier and cheaper to supply all devices with standard chips than to develop computers for different interface cards. The cheapness of network adapters will allow them to be built into literally all means of communication, household appliances, computers and other office equipment.

Convenience for users who promises the introduction of technology, it is extremely tempting and will certainly be very popular. Say, when you come to the office, your PDA is automatically synchronized with the desktop PC and new contacts are transferred to your mobile phone. The technology will allow you to combine any electronic devices, including refrigerators, washing machines, microwave ovens and door locks. Just imagine how your refrigerator transmits to your mobile phone that it has run out of certain types of products, and that, in turn, adds to the list of necessary purchases on your PDA.

Software for hacking:
"Click to show the spoiler - click again to hide ..."
For starters, who cares, a small list of AT commands for mobile phones can be found here:

Super Bluetooth Hack (* .jar)
When your smartphone is connected to another telephone via bluetooth, you can:
- read his messages
- read his contacts
- change profile
- listen to his rington
- listen to his songs (in his phone)
- turn off his phone, etc.;hl=bluetooth

Bluetooth scanner to identify nearby wireless devices, connections between them, working services and identify potential vulnerabilities. Works on XP with the obligatory second servispak. Details (in particular, the list of supported Bluetooth adapters) and download links can be found on the manufacturer’s website .

Utilities for foam test wireless networks. A software package that allows you to test bluetooth devices for Bluebug, BlueSnarf, BlueSnarf ++, BlueSmack and perform penetration tests. Works with a BlueZ stack. You can download / view here

The famous utility for hacking cellular, Blooover. In addition to the attack, BlueBug includes the implementation of the HeloMoto attack, BlueSnarf, and the ability to send malformed objects via OBEX.
Used on phones with J2ME support (with support for MIDP 2.0 and JSR-82 (Bluetooth API)). Developer page with download links ( jar & sis )
Russified versions of the bluvers:
Blooover1 (* .jar)
Blooover2 (* .jar)

BSS (Bluetooth Stack Smasher)
Fuzzer frames allowing Denial of Service attacks in a wireless environment. Download, see examples of use here .

A utility for obtaining detailed information from a bluetooth device (blueprinting). Uses bluecove library. Program page here . Version for XP download here for the Nix here .

Multi-dongle Bluetooth Discovery Scanner download on this site .

Bluetooth phone book dumping tool
Creates a backup phone book via bluetooth. Tested on the Nokia 6310i, Ericsson T610 and T68i .. Sources can be viewed here .

Proof of concept code for a bluetooth wardriving utility. Download / Watch .

An interesting tool for PC. Simply put, a toothy PC scanner. We swing .

BlueSpam (* .prc for PALM)
BlueSpam is a Palm OS application that allows you to send files to all bluetooth devices found, if they support OBEX. This happiness can be downloaded here .

CIHwBT is a Bluetooth Security Framework for Windows Mobile 2005. Currently it supports some bluetooth, bluetooth, and some DoS attacks. It is intended to work with any Microsoft Bluetooth Stack. In theory, an interesting program. Watch .

Here are the sources of a sufficiently fast scanner.

The Bluetooth protocol stack for Linux , developed in Qualcomm and included in the Linux kernel starting with version 2.4.18, but this package of libraries and utilities requires additional installation. By bluetooth hack'u refers to the fact that the main attacks are implemented by standard means.
This package includes the following utilities:
hcitool - Bluetooth scanner (with command line interface), allows you to detect all devices that are in open mode. Help (man) on hcitool can be found here.
l2ping - Bluetooth version of the ping command
l2test - utility for testing devices
hcidump - packet sniffer, bluetooth version of tcpdump utility
also contains daemons - hcid, hciemud and the configuration utility hciconfig. We swing .

Prog yuzatsya on Palm OS . Sends text messages via Bluetooth to the specified devices. Vobschem something like BlueSpam.

btCrawler is a simple bluetooth scanner for Windows Mobile devices . It searches for Bluetooth devices in range and can perform service requests. The user can also make service requests to his device for self-diagnosis equipment.
There is support for bluejacking and bluesnarfing.
- MS Bluetooth Stack (WIDCOMM / Broadcom not supported).
- Windows Mobile 5, PPC2003, PPC2003SE, Smartphone 2003, Smartphone 2003SE and Smartphone with WM5.

Super Bluetooth Hack New 2008
This is a new version of the program Super Bluetooth Hack for regular mobile phones and based on symbian .
If you do not know what Super Bluetooth Hack is, then this is a program that allows you to control someone’s mobile phone from a distance (10-15 meters)
"Click to show the spoiler - click again to hide ..."
What can?

1) Read SMS
2) Turn off the phone
3) Turn on the music
4) Choose modes (normal, no sound ...)
5) Block the phone


1) Download on comp.
2) Pour mobile
3) Run the installer (what you downloaded, by the way, you need JAVA)
4) He will install it and you can run the program
5) Select languages ​​and climb in the settings
6) Click Connection
7) Click search devices
8) Select the "victim"

FAQ-Frequently Asked Questions

1) Why does a white screen appear when I click to connect?
Answer: So this is an anamalous zone, in short, bluetooth works poorly there, or you have problems with JAVA (unlikely), just reboot and everything should go through.

2) Why when I connect to the "victim" messages like "User * your name * wants to access this phone, allow?"
Answer: this means the phone of the "victim" has something of a type of protection. To avoid this, try to make the victim add you to the contact list on bluetooth, this should bypass protection. By the way, on some phones there is no such protection and you immediately get access. The archive contains two programs for regular phones and for Symbian-based phones.

in the archive also btinfo
| DeposiFiles |
| RapidShare |

BT INFO v1.08 ( * .jar )
The program connects via bluetooth. From another phone you need to give permission.
"Click to show the spoiler - click again to hide ..."
- read SMS
-an book
- call from his phone
-to control buttons
- on / off pleer
- watch Java applications
and much more

Sharpened under Sony Ericsson, so Sony Ericsson is the best admin. On other phones, half the functions do not work.

download from off site

Bluetooth Hack made from this program

BT File Manager ( * .jar )
A program that allows you to view and change the file system via Bluetooth, as well as copy files to your phone. The interface in Russian is quite simple and convenient. Requires confirmation but when it asks, data exchange is asked ..
"there is no pale as a picture is transmitted."

A set of some programs from the magazine "Hacker"
"Click to show the spoiler - click again to hide ..."
Sorac, demonstrating attack connections. When compiling, you must specify
-l bluetooth, since the corresponding socket family is used.
Utility famous reshecher Joshua Wright. Everything described in the article you can create
with her help.
also in the archive:
BlueProximity 1.2.4
Bluetooth Remote Control 3.0
Connect btdos
LockItNow! 1.2
Redfang 2.5
Description of protocol vulnerability (in English)

TERMINAL, access to mobile resources via BT (Windows Mobile)
"Click to show the spoiler - click again to hide ..."

At the moment, the program has 6 possible modes of operation: OBEX FTP, AT, IrMC, sending files, sending messages, receiving files.

OBEX FTP mode allows you to access the file system of the target phone. You can download, send, delete files, create files. It is important to note that the implementation of OBEX is different in each phone, so not all the stated features will work.

AT mode allows you to send commands to the target phone. This mode provides almost unlimited possibilities to control the target phone.
You can easily find in the Internet information you need about AT commands.
Also in AT mode, you can get a phone book and SMS phone target. Because all phones respond differently to a phonebook / sms request, I can’t give you any guarantee that this will work.

IrMC mode allows you to access the phone book and the target phone calendar through a synchronization service. All received data is saved in VCARD (.vcf) format.
Unfortunately, I do not have enough information about this format, so its conversion to html is only partial. Supported encodings: UTF7, UTF8 and Quoted-Printable encoding method.
At the moment, the following fields should be normally defined: name, phone number, phone number type, e-mail, group membership.
Since version 0.9.7 in the IrMC mode, the BlueBug attack has appeared. It is valid only on phones from the time of the Sony-Ericsson T610!

The file transfer mode allows you to send multiple files to the target phone at once. Sending occurs in the same way as if you sent through the file manager.
But there is one nice point: sending files is pretty fast. For example, sending a file to the Nokia N80 is twice as fast as through Smart Explorer (measured with a stopwatch).

The message sending mode allows you to send a text message to the selected phone.

The file retrieval mode is the Obex Object Push server. Now you can receive files via BT directly to a USB flash drive! Files are saved to the folder selected in the settings (either \ My Documents \ Terminal, or \ Storage Card \ My Documents \ Terminal).
The method used is different from the method used in the moBlue and Sniper programs. In them, files were first taken to RAM memory, from where they were copied to their destination. In the Terminal, the file is immediately addressed to the final location.

The program is free for all Russian-speaking users and is distributed on the DonateWare principle, i.e. You can thank the author for his work.

The program requires a Bluetooth stack from Microsoft and the .NET Compact Framework 2.0

off site
(do not be intimidated by reports of price, immediately go to the Russian version, everything is free there)


.NET Compact Framework 2.0 CAB for 2003. (5.4 MB)

some AT commands (rename to .txt)