Android Bluetooth Hacking

Big thank you to Brilliant for sponsoring this video! Try Brilliant for free (for 30 days) and to get a 20% discount, visit: https://Brilliant.org/DavidBombal

CVE-2023-45866 allows attackers to remotely control an Android phone (and other devices) without pairing.

Details: Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. Source: Mitre

See CVE details here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45866 https://nvd.nist.gov/vuln/detail/CVE-2023-45866

// Occupy The Web Books // Linux Basics for Hackers: US: https://amzn.to/3wqukgC UK: https://amzn.to/43PHFev

Getting Started Becoming a Master Hacker US: https://amzn.to/4bmGqX2 UK: https://amzn.to/43JG2iA

Network Basics for hackers: US: https://amzn.to/3yeYVyb UK: https://amzn.to/4aInbGK

// OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: https://hackers-arise.net/

// Occupy The Web SOCIAL // X: https://twitter.com/three_cube Website: https://hackers-arise.net/

// GitHub CODE // https://github.com/pybluez/pybluez

// Amazon LINKS // Rasberry Pi 5: US: https://amzn.to/3JZKoZD UK: https://amzn.to/3JTBixC

ASUS USB/BT-500USB US: https://amzn.to/4abnPfl UK: https://amzn.to/3QDsOOO

// Playlists REFERENCE // Linux Basics for Hackers: https://www.youtube.com/watch?v=YJUVNlmIO6E&list=PLhfrWIlLOoKOs-fjCPHdzD2icF2vORfwK&pp=iAQB

Mr Robot: https://www.youtube.com/watch?v=3yiT_WMlosg&list=PLhfrWIlLOoKNYR8uvEXSAzDfKGAPIDB8q&pp=iAQB

Hackers Arise / Occupy the Web Hacks: https://www.youtube.com/watch?v=GxkKszPVD1M&list=PLhfrWIlLOoKOf1Ru_TFAnubVuWc87i-7z&pp=iAQB

// David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal

// MY STUFF // https://www.amazon.com/shop/davidbombal

// SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

// MENU // 00:00 - Bluetooth hacking quick demo 03:25 - Brilliant sponsored segment 04:17 - The Bluetooth vulnerability explained // OccupyTheWeb 05:46 - How the vulnerability works 08:36 - Bluetooth hacking demo 09:46 - Setting up for the hack // BlueZ 12:32 - BlueZ tools demo 14:00 - Scanning for Bluetooth devices 18:08 - Other tools 23:40 - Running BlueDucky // Hacking Bluetooth demo 26:00 - The possibilities of Bluetooth hacking 28:24 - Older Android versions are at risk // Keeping devices up to date 30:37 - Bluetooth hacking for other operating systems 31:02 - Hacking Bluetooth speakers 34:24 - OTW books & plans for future videos 35:12 - Conclusion

android iphone bluetooth raspberry pi macos windows samsung pixel google apple microsoft linux ubuntu blue tooth flipper zero google pixel ble

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#android #iphone #bluetooth ... https://www.youtube.com/watch?v=IevVEUzXA30