BlueSnarf++

BlueSnarf++ is an attack that is very similar to the famous BlueSnarf attack. The main difference is that BlueSnarf++ is an attack where the attacker has full read/write access to the device’s filesystem. The manufacturers of the devices that are known to be vulnerable have been informed about this issue.

Method

BlueSnarf++ gives the attacker full read/write access when connecting to the OBEX Push Profile. Instead of a less functional OBEX Push daemon, these devices run an OBEX FTP server that can be connected as the OBEX Push service without pairing. Here the attacker can see all files in the filesystem (ls command) and can also delete them (rm command). The filesystem includes eventual memory extensions like memory sticks or SD cards.

People Involved

For questions about the BlueSnarf++ attack, feel free to ask Adam Laurie, Marcel Holtmann or Martin Herfurt.

Sharing is caring!