DirtyTooth for Raspberry Pi

This tool represents a software implementation of the DirtyTooth Speaker in the form of a .deb package for Raspberry Pi

Tool description

Bluetooth communications are on the increase. Millions of users use the technology to connect to peripherals that simplify and provide greater comfort and experience.

There is a trick or hack for iOS 10.3.2 and earlier that takes advantage of the management of the profiles causing impact on the privacy of users who use Bluetooth technology daily.

From the iOS device information leak caused by the incorrect management of profiles, a lot of information about the user and their background may be obtained.

This tool represents a software implementation of the DirtyTooth Speaker in the form of a .deb package for Raspberry Pi.

Functionalities

When the iOS system detects a Bluetooth signal, the user can visualize the device with which it wants to connect.

The speaker that appears in the Bluetooth discovery is announcing the A2DP profile, a profile to play audio via the Bluetooth connection. When the user clicks on it, the pairing is completed, with no need for a PIN in versions Bluetooth 2.1 or higher.

After a few seconds, the speaker Bluetooth can change its profile to a PBAP profile for example.

If this happens, iOS will perform the profile change without displaying any type of notification to the user.

Note the existence of a weakness or an accessibility configuration extra in iOS. When the profile change is carried out without notification, the synchronization of contacts is enabled by default, giving access to it. In other words, DirtyTooth is a trick or hack that can take advantage of this accessibility configuration.

The provided tool can start or stop a Bluetooth agent. The agent waits for a device to pair with it. The agent will not ask the device any PIN code, not token in order to pair. This represents an implementation of Bluetooth 4.0 (in the case of the Raspberry Pi 3), maximizing the ease of use.

Once an iOS device has been paired and connected, the dirtytooth script is automatically called in order to collect the contact info, as well as the call history, at the /root/dirtytooth folder.

The tool does not require any mayor interaction: it simply works automatically.
DirtyTooth for Raspberry Pi
OUR TOOLS

m33tfinder

THREATS AND VULNERABILITIES

m33tfinder is a tool to detect active conference ID ranges in a Cisco Meeting Server.

Neto

THREATS AND VULNERABILITIES

Neto is a tool which is used to analyze browser extensions.

Pn Patrol for Firefox

IDENTITY AND PRIVACY

Firefox extension that shows in a readable format, the state of HSTS (HTTP Strict Transport Security) and HPKP (HTTP Public Key Pins) domains stored by the browser.