Youtor
Android Bluetooth Hacking
>> YOUR LINK HERE: ___ http://youtube.com/watch?v=IevVEUzXA30
Big thank you to Brilliant for sponsoring this video! Try Brilliant for free (for 30 days) and to get a 20% discount, visit: https://Brilliant.org/DavidBombal • CVE-2023-45866 allows attackers to remotely control an Android phone (and other devices) without pairing. • Details: Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. Source: Mitre • See CVE details here: • https://cve.mitre.org/cgi-bin/cvename... • https://nvd.nist.gov/vuln/detail/CVE-... • How to stop / mitigate this attack: • 1) Upgrade your phone / install security patches on Android for versions 11 and later. Unfortunately earlier versions cannot be patched (Android 10 and earlier) • 2) Note: For the script to discover the MAC address of the phone, the phone needs to be in pairing mode. • 3) Turn off Bluetooth if not being used • // Script and instructions here // • GitHub: https://github.com/pentestfunctions/B... • // Occupy The Web Books // • Linux Basics for Hackers: • US: https://amzn.to/3wqukgC • UK: https://amzn.to/43PHFev • Getting Started Becoming a Master Hacker • US: https://amzn.to/4bmGqX2 • UK: https://amzn.to/43JG2iA • Network Basics for hackers: • US: https://amzn.to/3yeYVyb • UK: https://amzn.to/4aInbGK • // OTW Discount // • Use the code BOMBAL to get a 20% discount off anything from OTW's website: https://hackers-arise.net/ • // Occupy The Web SOCIAL // • X: / three_cube • Website: https://hackers-arise.net/ • // GitHub CODE // • https://github.com/pybluez/pybluez • // Amazon LINKS // • Rasberry Pi 5: • US: https://amzn.to/3JZKoZD • UK: https://amzn.to/3JTBixC • ASUS USB/BT-500USB • US: https://amzn.to/4abnPfl • UK: https://amzn.to/3QDsOOO • // Playlists REFERENCE // • Linux Basics for Hackers: • Linux for Hackers Tutorial (And Free ... • Mr Robot: • Hack like Mr Robot // WiFi, Bluetooth... • Hackers Arise / Occupy the Web Hacks: • Hacking Tools (with demos) that you n... • // David's SOCIAL // • Discord: / discord • X: / davidbombal • Instagram: / davidbombal • LinkedIn: / davidbombal • Facebook: / davidbombal.co • TikTok: / davidbombal • YouTube: / @davidbombal • // MY STUFF // • https://www.amazon.com/shop/davidbombal • // SPONSORS // • Interested in sponsoring my videos? Reach out to my team here: [email protected] • // MENU // • Hacking Wordpress Websites with Python in seconds (using the Dark Web and Telegram data) • 00:00 - Bluetooth hacking quick demo • 03:05 - Brilliant sponsored segment • 03:57 - The Bluetooth vulnerability explained // OccupyTheWeb • 05:26 - How the vulnerability works • 08:16 - Bluetooth hacking demo • 09:26 - Setting up for the hack // BlueZ • 12:12 - BlueZ tools demo • 13:50 - Scanning for Bluetooth devices • 17:58 - Other tools • 23:20 - Running BlueDucky // Hacking Bluetooth demo • 25:50 - The possibilities of Bluetooth hacking • 28:04 - Older Android versions are at risk // Keeping devices up to date • 30:17 - Bluetooth hacking for other operating systems • 30:52 - Hacking Bluetooth speakers • 34:04 - OTW books plans for future videos • 34:52 - Conclusion • android • iphone • bluetooth • raspberry pi • macos • windows • samsung • pixel • google • apple • microsoft • linux • ubuntu • blue tooth • flipper zero • google pixel • ble • Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! • Disclaimer: This video is for educational purposes only. • #android #iphone #bluetooth
#############################
