What is Bluesnarfing and how to do it

Bluesnarfing is defined as the unauthorized access of information such as text messages, calenders and even pictures from a Bluetooth enabled device through a Bluetooth connection.

Some old mobile phone has a bug which may result in Blue Snarfing, for instance Sony Ericson’s T610 has such a bug. You could exchange information like phone book between Bluetooth devices once a connection is established to the OPP of the Bluetooth enable devices. But some Bluetooth devices has a bug which makes it possible to acquire this information without authentication. Bluesnarfing is based on this bug.

You can use a tool on Linux called obexftp, which is used to access the memory of mobile devices, to perform Bluesnarfing. Type on Linux consoles the following:

#obexftp –b your MAC address –B 10 –g telecom/pb.vcf and you can get the phone book file from the mobile phone which has this bug. Parameter telecom/pb.vcf is the target path of the phone book file of T610, replace it with telecom/cal.vcs and you get the to-do list.

Actually you could also get the victim’s photos, videos, ringtones and other files as long as you know their names and paths.

It’s important to know if your Bluetooth mobile has bugs and download fix and updates from the manufacturers web sites in time.