Bluetooth
🛠️ This page is in progresss.....
Theory
Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances and building personal area networks (PANs). In the most widely used mode, transmission power is limited to 2.5 milliwatts, giving it a very short range of up to 10 metres (33 ft). It employs UHF radio waves in the ISM bands, from 2.402 GHz to 2.48 GHz
Practice
Tools
BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices.
sudo bluekit -t <TARGET_MAC_ADDR>Vulnerabilities
CVE-2023-45866
CVE-2023–45866 is a significant vulnerability affecting Android and iOS devices. It involves "Improper Authentication" in Bluetooth connections, which could allow attackers execute commands, keyboard inputs on devices
BlueDucky allow to exploit CVE-2023-45866 using DuckyScript, mleading to Code Execution (Using HID Keyboard).
python3 BlueDucky.pyLast updated