Critical Bluetooth vulnerability CVE-2023-45866
Vložit
- čas přidán 24. 07. 2024
- In this video I have explained a critical Bluetooth vulnerability CVE-2023-45866 that allows unauthenticated users to inject keystrokes to vulnerable devices including widely used android devices too. I have demonstrated this vulnerability using a python script: BlueDucky running on Raspberry Pi 5 with it's internal Bluetooth adapter. Impact, affected device, Mitigation and lot more I have explained using few slides and annotation. If You are interested to watch a particular section of this video, below mentioned timestamps can be used to navigate.
00:00 - Start
01:27 - Warning ! This video is for educational purposes only
02:10 - CVE-2023-45866 vulnerability Details
03:49 - Impact(s) of the vulnerability: CVE-2023-45866
05:27 - Known affected devices
06:55 - The actual flaw as per CVE-2023-45866
07:35 - Initial Setup for BlueDucky
08:21 - Setup: Using Raspberry Pi 5
09:01 - Setup: Installing Dependencies and cloning GitHub Repo.
10:07 - Setup: Installing older version of BlueDucky on Raspberry Pi 5
12:35 - Running Blueducky on Raspberry Pi 5
16:06 - Mitigation
18:40 - Important Information
Slides and the commands can be downloaded from this Link: bit.ly/3xG0Yvi
Disclaimer: This video is for informational and educational purposes only. Information security, cybersecurity and ethical hacking is for everyone who is using digital information, smartphones and computers. To protect your information from hackers, you need know how hacking is done. That is why I am sharing my knowledge of such tools on this channel.
Related Videos on HID attack:
All about HID and WHID attacks and devices: • All about HID and WHID...
Learn HID attack on Kali NetHunter | show a fake Windows : • Learn HID attack on Ka...
Bypass Android lock screen, in case you have forgotten the PIN or pattern : • Bypass Android lock sc...
testing windows defender security with digispark: • Video
Follow us on:
Facebook: / clicksnbits
Instagram: / clicksnbits - Věda a technologie
I don't know this. But like to watch such awesome Videos.
Thank you ji.
Sir thank you new imfrtion
Is it possible to do this directly in Kali Linux after clone the repository
Ahmyth install in termux please make a video on this topic install to ho jata hai par payload building fail ho jata hai
sure
is it work on parrot virtual machine?
Script not working connection failure likha arha hai
Sir hum android k Lia HID script ksa lik Sakta ha a video bna da
#Ye hum laptop me Kali se krr skte hai pi tho nhi hai sir
Parsu se try kr rha hu bluez install hi nhi ho rha
Very interesting
Thank You and keep watching
Nice vedio sir
hello sir at this movement what to give input to start scanning 13:00
at the first run, the script will start scanning automatically. After that that you the script will request input from you to take further action.
❤❤❤❤❤❤❤❤ nice 👍
Make a video regarding Android rooting 😮😮😮
Nice Video❤
Thanks 🔥
sir ssp error aarha h
Sir , Bluetooth device hack kar ke liye Blutooth adaptor lena hota hai kya like Wifi Adapter ya jaise ka video me Raspberry Pi Device me Bluetooth Transmitter/ Recevier Rehta hai Kya Please Clear??
The inbuilt BT adapter will work
@@ClicksAndBits Lekin aapne Raspberry Pi Device se blutooth device ck kiya usme bhi pre installed rehta hai kya
Sir Android se script run kaise kare
Android nethunter cahiye hoga Android me or 4 se zyada gb ram cahiye hoga Kali nethunter ke liye 👍🏻
Isme bluetooth adaptar bhi jaroori hain kya
no Sir. the internal adapter will do the trick
Bhai bhut piche chal rha hai.... Kabki videos aa chuki hai iske upar..... Aapka sabun slow h kya
😄😄😄😄
Please help me sir 🙏🙏🙏🙏
Kal hi maine iske bare me ek article pada tha aur aaj video dekh rha hun 😂😂
burning vulnerability
Bro does this CVE exploit works without external bluetooth adapters? Also can we use it with inbuilt bluetooth device in Kali Linux(windows internal bluetooth adapter)
Sir mujhe aapki madad chihiye please sir mera complete data sd card me tha jo ki mere chacha ne chura liya hai or vo mere pariwar ke sath galat karna chahta hai sir mujhe apke help ki jarurat hai please help kijiye sir please 😭😭😭😭😭
What datas u have in that?
i got that error 2024-07-08 19:11:00,836 - ERROR - Error enabling SSP: Failed to enable SSP
Traceback (most recent call last):
File "/home/dark/Documents/Tools/blue/BlueDucky/BlueDucky.py", line 697, in
main()
File "/home/dark/Documents/Tools/blue/BlueDucky/BlueDucky.py", line 671, in main
adapter.enable_ssp()
File "/home/dark/Documents/Tools/blue/BlueDucky/BlueDucky.py", line 112, in enable_ssp
raise ConnectionFailureException("Failed to enable SSP")
ConnectionFailureException: Failed to enable SSP
Collecting pyobjc (from -r requirements.txt (line 6))
Using cached pyobjc-10.3.1-py3-none-any.whl.metadata (26 kB)
ERROR: Exception:
Traceback (most recent call last):
File "/home/kali/.local/lib/python3.11/site-packages/pip/_internal/cli/base_command.py", line 179, in exc_logging_wrapper
status = run_func(*args)
Error
Hi sir kya aap shi vidio ko Hindi me banake samja sakte he 😅😅
czcams.com/video/UCItygRLuBM/video.htmlsi=5YCC6q-pYrermWe5
Nice Video❤
Thank you! 😊