Wednesday, June 11, 2008

bluetooth stacks insecurely saving linkkeys

Bluez - 2.x 3.x
The keystore resides in
/var/lib/bluetooth//linkkeys where is the device address of the machine running Bluez.
The linkkeys file format is <128 bit link key> .

Unencrypted.

# cat > linkkeys
00:04:3E:65:A1:C8 AA0F3125267C236E10B145F1DF5BA7D7 2

Bluesoleil v.5.0.5.178
%WINDIR%/system32/REMOTEDEVICE.INI

Unencrypted.

[5C:DA:12:E0:1E:20]
relation=0000
link_key=4DAC6F9E0C6700A5E9C44BF7529EF23C
dev_class=0×0050020C
name=Joe

Widcomm 6.0.1.5300

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys
There are keys under there that correspond with Mac addresses.
Unencrypted.

via

No comments: