border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Sunday, June 12, 2011

SpoofTooph 0.4


SpoofTooph
SpoofTooph has been updated with some major bug fixes and new features. The new version runs scans MUCH faster, which also allows for more Device Names to be resolved during scans. There are some new features, including a Man-In-The-Middle mode which makes it easier to clone the Device Profile of two targeted devices. The updates also fixes a major bug, which caused SpoofTooph to crash after a few hundred unsuccessful scans.

SpoofTooph, along with other HFAC tools, are now being pre-loaded into many Live CDs including OSWA Assistant and Pentoo. If you would like to see any of these tools pre-loaded into other Live CD's please contact their respective developers.


New Features:

- Added -b flag for specifying the number of Bluetooth devices to display per page. I developed the new verion partially on a tiny 5.8 inch screen and got tired of the scrolling, so now you can scale up or down to fit your screen and resolution.
- Added -m flag for choosing multiple interfaces to use for cloning. This can be most useful in setting up Man-In-The-Middle attacks.
- Changed device array to dynamically resize.
- Changed probes for Device Name. The Device Name is no longer requested during each scan, only until the first successful name resolution. This modification makes scans run MUCH MUCH faster now.
- Changed logging format to CSV: ADDR,CLASS,NAME. This makes it easier to parse and analyze.
- Appends file after each new device is found.


Bug fixes:

- Fixed socket closing error. This would cause SpoofTooph to crash after around a finite number of unsuccessful scans.
- Fixed problem with saving log.
- Fixed log data verification for valid ADDR and CLASS.
- Fixed the problem with reading in the Class from a logfile.
- Fixed overflow problem with array of devices.
- Fixed selection of Bluetooth interface from a always using interface 'hci0'.


Description

Spooftooph is designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain site. Bluetooth scanning software will only list one of the devices if more than one device in range shares the same device information when the devices are in Discoverable Mode (specificaly the same Address).

Spooftooph has several options for Bluetooth device information modification:

   Option 1: Continuously scan an area for Bluetooth devices. Make a selection on which device in the list to clone. This option also allows for logging of the scanned devices.

   Option 2: Randomly generate and assign valid Bluetooth interface information. The class and address are randomly generated and the name is derived from a list of the top 100 most common names in US and the type of device. For example if the randomly generated class is a phone, SpoofTooph might generate the name "Bob's Phone".

   Option 3: Specify the name, class, and address a user wishes for the Bluetooth interface to have.

   Option 4: Read in the log of previous scans and select a device to clone. Users can also manually add Bluetooth profiles to these log files.

   Option 5: Incognito mode. Scan for and clone new devices at user assigned intervals.


This tool is heavily based on bdaddr (by Marcel Holtmann) and hciconfig (by Qualcomm Incorporated, Maxim Krasnyansky, and Marcel Holtmann) from BlueZ.

Download
Name: spooftooph-0.4.tar.gz
MD5: dbcc020aef5252aa17eee7b7af1c79eb
Download: Click Here
Log
v0.4 - 03/24/11 :

- Save file on exit.
- Fixed problem with saving log.
- Fixed problem with closing threads.
- Changed probes for device name. Scan runs much much faster now.
v0.3 - 02/14/11 :

- Fixed socket closing error
- Fixed log data verification for valid ADDR and CLASS
- Changed logging format to CSV: ADDR,CLASS,NAME
- Added -m flag for choosing multiple interfaces to use for cloning
(Useful to test Man-In-The-Middle attacks)
- Fixed the problem with reading in the Class from a log
- Fixed overflow problem with array of devices
- Fixed selection of Bluetooth interface from a always using interface hci0
- Changed device array to dynamically resize
- Added -b flag for specifying the number of Bluetooth devices to display per page
v0.1 - 03/03/10 :

- Initial release
Usage

To modify the Bluetooth adapter, spooftooth must be run with root privileges. Spooftooph offers five modes of usage:

1) Specify NAME, CLASS and ADDR.

> spooftooph -i hci0 -n new_name -a 00:11:22:33:44:55 -c 0x1c010c 
2) Randomly generate NAME, CLASS and ADDR.

> spooftooph -i hci0 -r 
3) Scan for devices in range and select device to clone. Optionally dump the device information in a specified log file.

> spooftooph -i hci0 -s -d file.log 
4) Load in device info from log file and specify device info to clone.

> spooftooph -i hci0 -l file.log 

5) Clone a random devices info in range every X seconds.

> spooftooph -i hci0 -t 10 

No comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More