Hacking Trick For Mobiles Via Bluetooth Through Linux..

The hardware which provides Bluetooth connectivity on the PC is a small device called a `USB-Bluetooth dongle' which you can plug onto a spare USB port of your machine. I approached the local electronics dealer asking him for such a device and got one which didn't even have the manufacturer's name printed on it. The driver CD which came with it of course contained only Windows software. I plugged the device on and booted my system running Fedora Core 3 - bluetooth service was started manually by executing:

sh /etc/init.d/bluetooth start

Here is the output I obtained when the command `hciconfig' ( which is similar to the `ifconfig' command used to configure TCP/IP network interfaces) was executed:

hci0: Type: USB
BD Address: 00:11:B1:07:A2:B5 ACL MTU: 192:8 SCO MTU: 64:8
UP RUNNING PSCAN ISCAN
RX bytes:378 acl:0 sco:0 events:16 errors:0
TX bytes:309 acl:0 sco:0 commands:16 errors:0

My no-name USB-Bluetooth dongle has been detected and configured properly! The number 00:11:B1:07:A2:B5 is the Bluetooth address of the device.
Detecting the mobile

The next step is to check whether Linux is able to sense the proximity of the mobile. If your phone has bluetooth disabled, enable it and run the following command (on the Linux machine):

hcitool scan

Here is the output obtained on my machine:

Scanning ...
00:0E:6D:9A:57:48 Dijkstra

The `BlueZ' protocol stack running on my GNU/Linux box has `discovered' the Nokia N-Gage sitting nearby and printed its Bluetooth address as well the name which was assigned to it, `Dijkstra'.
Pairing the mobile

For security reasons, some interactions with the mobile require that the device is `paired' with the one it is interacting with. First, store a number (4 or more digits) in the file /etc/bluetooth/pin (say 12345). Stop and restart the bluetooth service by doing:

sh /etc/init.d/bluetooth stop
sh /etc/init.d/bluetooth start

Now initiate a `pairing' action on the mobile (the phone manual will tell you how this is done). The software on the phone will detect the presence of the Bluetooth-enabled Linux machine and ask for a code - you should enter the very same number which you have stored in /etc/bluetooth/pin on the PC - the pairing process will succeed.
Transferring files

Files can be transferred to/from the Linux machine using a high level protocol called OBEX (standing for OBjectEXchange, originally designed for Infrared links). First, you have to find out whether the mobile supports OBEX based message transfer. Try running the following command on the Linux machine (the number is the bluetooth address of the phone):

sdptool browse 00:0E:6D:9A:57:48

You might get voluminous output - here is part of what I got:

Service Description: OBEX Object Push
Service RecHandle: 0x10005
Service Class ID List:
"OBEX Object Push" (0x1105)
Protocol Descriptor List:
"L2CAP" (0x0100)
"RFCOMM" (0x0003)
Channel: 9
"OBEX" (0x0008)

OBEX is built on top a lower-level protocol called RFCOMM. The `Object Push' service uses RFCOMM `channel' 9. Let's try to upload a file to the phone; run the following command on the Linux machine:

obex_push 9 00:0e:6d:9a:57:48 a.txt

The phone will respond by asking you whether to accept the message coming over the bluetooth link. The same command, invoked without any option, can be used to receive files sent from the mobile over the bluetooth link (read the corresponding `man' page for more details).