BlueSmack

Dec 2004

1 min read

Bluetooth Classic Security Vulnerability Denial of Service

bluetooth classic security vulnerability denial of service

BlueSmack is a Bluetooth attack that knocks out some Bluetooth-enabled devices immediately. This Denial of Service attack can be conducted using standard tools that ship with the official Linux Bluez utils package.

Introduction

The ‘Ping of Death’ is basically a network ping packet that used to knock out early versions of Microsoft Windows 95. The BlueSmack is the same kind of attack buit transferred in to the Bluetooth world. On the L2CAP layer there is the possibility to request an echo from another Bluetooth peer. As for the ICMP ping, the idea of the L2CAP ping (echo request) is also to check connectivity and to measure roundtrip time on the established link.

Method

Basically, the l2ping that ships with the standard distribution of the BlueZ utils allows the user to specify a packet length that is sent to the respective peer. This is done by meas of the -s option. Many (many) iPaqs react immidiately beginning with a size of about 600 bytes.

People Involved

For questions about the BlueSmack attack, feel free to ask Adam Laurie, Marcel Holtmann or Martin Herfurt.

Martin is an independent security researcher focusing - but not exclusively - on various aspects of product security related to Bluetooth wireless technology. As one of the co-founders of the trifinite.group, Martin worked with the Bluetooth SIG, helping the technology and its adopters overcome early design and implementation issues.

Adam Laurie is Chief Security Officer and a Director of The Bunker Secure Hosting Ltd. He started in the computer industry in the late Seventies, working as a computer programmer on PDP-8 and other mini computers, and then on various Unix, Dos and CP/M based micro computers as they emerged in the Eighties.

Marcel Holtmann is the maintainer and the core developer of the official Linux Bluetooth stack which is called BlueZ. He started working with the Bluetooth technology back in 2001. His work includes new hardware drivers, upper layer protocol implementations and the integration of Bluetooth into other subsystems of the Linux kernel.