[ Secuobs - Tools release ] BSS (Bluetooth Stack Smasher) fuzzer
[Software] BSS - Bluetooth Stack Smasher
[Version] 0.6
[Location] BSS could be downloaded on
http://www.secuobs.com/news/05022006-bluetooth10.shtml
[Credits] Pierre Betouin - pierre.betouin@xxxxxxxxxxxx
Bug was found on following devices : hcidump, Sony/ericsson K600i/V600i/W800i,
Nokia N70 & SAMSUNG E730 cell phones (feel free to debug yours and inform us :)
[Purpose]
BSS (Bluetooth Stack Smasher) is a L2CAP layer fuzzer, distributed under GPL
licence.
BSS requires the standard bluetooth library.
Usage: ./bss [-s size] [-m mode] [-p pad_byte for modes 1-11] [-M maxcrash]
Modes :
0 All mode listed below
1 L2CAP_COMMAND_REJ
2 L2CAP_CONN_REQ
3 L2CAP_CONN_RSP
4 L2CAP_CONF_REQ
5 L2CAP_CONF_RSP
6 L2CAP_DISCONN_REQ
7 L2CAP_DISCONN_RSP
8 L2CAP_ECHO_REQ
9 L2CAP_ECHO_RSP
10 L2CAP_INFO_REQ
11 L2CAP_INFO_RSP
12 L2CAP Random Fuzzing (-s: max_size) (-M: crashcount)
BSS Example :
./bss -s 100 -m 12 -M 0 XX:XX:XX:XX:XX:XX
This example sends short random (mode 12) packets (maxsize is set to 100
bytes), in an infinite loop (-M 0).