Donate to us!
You cannot teach a man anything; you can only help him find it within himself. - Galileo
Monday, December 17, 2018
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 136
Guests Online: 135
Members Online: 1

Registered Members: 108646
Newest Member: apollotv
Latest Articles
View Thread

HellBound Hackers | Computer General | Networking

Author

Bluetooth Hacking

Futility
Member

Your avatar

Posts: 751
Location: USA
Joined: 17.12.07
Rank:
God
Posted on 24-03-18 01:26
Hey guys!

So a while back someone posted in the shoutbox asking about good resources regarding hacking bluetooth. I've never really looked into bluetooth, but I figured it couldn't be too different from WiFi (which I have spent a bunch of time messing with) so I decided to look around a bit. Turns out I was super wrong. Three thousand pages later it turns out I couldn't be more wrong. Go figure. Anyway, I delved a bit deeper and found some pretty cool historic attacks thought it'd be neat to drop the links here and see if we could drum up some conversation. Maybe if anyone's interested we could work on mocking up and running the PoCs to see how they work and such. I dunno. Worst case someone sees something cool that they didn't know before.

- Anyway, first up is BlueBorne: a suite of attacks ranging from info disclosure and MitM to full-blown unauthenticated, connectionless, over-the-air, root RCE (on some systems. Regular RCE on others). And this is from earlier last year. Holy crap. Their technical whitepaper has tons of background info on Bluetooth and very good descriptions of the vulns themselves. A super cool read.
- Next we've got the slightly-less-exciting-yet-infinitely-more-approachable network-level attack against this garbage IoT device. Using an Ubertooth One to watch traffic between the device their mobile device allowed them to do some nasty things. Turns out safe companies don't know how to write software. Go figure. Also worth noting: more of a hack using bluetooth than a "bluetooth hack". I still count it.
- And, finally, a rather old overview of the general landscape (at the time) from a prestigious security conference in Germany.

As a general info point, a lot of these examples were found pivoting off of MITRE's CVE database, a pretty neat tool for tracking a searching through known vulnerabilities. While it's kind of tough getting the actual exploit of technical details from the site itself, it's a good enough starting point.

So what do you guys think? Is this something any of you would be interested in pursuing? I can continue dumping links as I come across them or get a firmware blob from a listed device or... I dunno? Start working on a fuzzer for some of the internal communication structures?

Whatever the case, thanks for reading!
- Futility
Futility91@hotmail.com Futility91
Author

RE: Bluetooth Hacking

rex_mundi
☆ Lucifer ☆



Posts: 2017
Location: Scotland
Joined: 20.02.08
Rank:
God
Posted on 24-03-18 17:35
Bluetooth hacking is something I've never really looked into, I've always meant to, but just never got around to it.
It's one of the few things on my phone that I never ever use, apart from when connecting to a bluetooth speaker.

And considering about 95% of all the pwning I do these days, is done solely from my android phone,  I feel a tiny bit ashamed for neglecting bluetooth so badly,  so count me in man.  Thumbs Up
U N ⓡⓔⓧ_ⓜⓤⓝⓓⓘ
Author

RE: Bluetooth Hacking

Rocket_Face
Member

Your avatar

Posts: 14
Location:
Joined: 02.05.17
Rank:
Moderate
Posted on 28-03-18 20:02
How is it possible to hack using just a phone ? Theres so many things you cant possibly do on a pbone that you can only do on a desktop .
Author

RE: Bluetooth Hacking

T0pspin
Member



Posts: 10
Location:
Joined: 01.05.17
Rank:
Moderate
Posted on 30-03-18 02:12
Burn the witch !!!!