Android Bluetooth Hacking with Python
Vložit
- čas přidán 13. 09. 2024
- Make sure you patch your phone (unfortunately older devices cannot be patched). See CVE here: nvd.nist.gov/v...
How to stop / mitigate this attack:
1) Upgrade your phone / install security patches on Android for versions 11 and later. Unfortunately earlier versions cannot be patched (Android 10 and earlier)
2) Note: For the script to discover the MAC address of the phone, the phone needs to be in pairing mode.
3) Turn off Bluetooth if not being used
Learn more here: • Android Bluetooth Hacking
#android #bluetooth #iphone
Full video explaining this here: czcams.com/video/IevVEUzXA30/video.html
Make sure you patch your phone (unfortunately older devices cannot be patched). See CVE here: nvd.nist.gov/vuln/detail/CVE-2023-45866
How to stop / mitigate this attack:
1) Upgrade your phone / install security patches on Android for versions 11 and later. Unfortunately earlier versions cannot be patched (Android 10 and earlier)
2) Note: For the script to discover the MAC address of the phone, the phone needs to be in pairing mode.
3) Turn off Bluetooth if not being used
Can you suggest a blutooth adaptor for pentest?
@@User-mm3uyyes recommend something that is chep in price?
Dude your mac address is exposed in the confirmation message
Timestamp 00:34
It doesn't matter because MAC addresses are only used on the local network. There's literally nothing you can do with one over the Internet.
Yeah I just got rick rolled by a raspberry Pi 😂
I had to do it 😂
@@davidbombaldo you realise HOW MUCH POWER YOU HAVE!!! You can rick roll anyone at anytime.no man should have this much power
@@Mr.forgettable_wastaken not anytime they gotta be close to you
@@KrisinaCrossing2011r/whoosh
R/wooooshwith4os
"the phone needs to be in pairing mode" is kind of a big if.
Ty. That's what I was curious about
@miss_sapphire This man just emulating a wireless keyboard😬😬
Look up blueborne vulnerability doesn't need to be in pairing mode for that
@@Severartery that was 7 years ago, if the device is a decade old you might be vulnerable but google provides a scan tool made by Armis, the people who reported the bugs.
Another big if "the bluetooth need to be ON'
Bro rickrolls himself so we can learn something, huge respect
Nice deflection
bro rick rolled us bro
@@Cysmoke Gottem
Yea
Blurring mac addresses on list but not blurring after selecting device is genius
ahahaha this.
😂😂😂😂😂 bro just made that phone unusable
Lamo
how about mac emulation 🍿
"im not gonna touch it"
2 sec later: he touched the phone
yeah to pause the video lol
Yeah, u got rick rolled bruh. U thought he wouldn’t touch it.
The action happened before the touch men 😎
I was about to say the same thing 😢
@@itconsgeniohaha nice one
This vulnerability affects Android ~4.2.2 and later.
> Android 4.2.2 - 10 will not be patched
> Android 11 - 14 have patches available (2023-12-05 security patch level)
Pretty much just old ass phones
Bro forgot most android phones have 2-3 years of OS, if you bought an older Android... RIP
@@Hhhh22222-wif you're buying an old phone, get one that supports lineageos at least
The phone demonstrated ran on android 12
@@Bravin_Joshuathen it did not get the security update.
@@Bravin_JoshuaOnePlus 7T originally came with Android 10, the guy probably hasn't updated it.
The fact that he Rick Rolls all of us with a straight face is just hilarious.
> I'm not gonna touch it.
> Touches it in less than a second
I was laughing so hard on it 😂
He had to enable the sound for the rickroll to count 😂
🤣🤣
I thought l was the only one who noticed 😂😂😂
Only after the attack was run 😂
"No officer wait listen ...
It was just educationaaaaal!!"
Respect for the person who wrote that python code
ffs it's 2024 and I'm still getting rickrolled😭
Bro just rick rolled the entire cyber security community 🎉
This protocol was compromised so many times it should get an award for the less secure technology
Honestly, I want to do this in a public setting like a comicon and rick roll everyone all at once. It would be epic hearing that every where, all at once 🤣
Me too
Me sweating bricks as I always have Bluetooth on 😰
U all good G most modern android distributions make you accept the connection b4 you connect to his wireless keyboard
@@emetsalt7965 could it do it to a iPhone 😅
This isn't the first time you've Rock Rolled me!
Sorry! 😂
Why go through the trouble of blurring the 7T MAC address, when 3 seconds later it's fully shown (after 4 is selected)
Exactly what I thought ^^
Imagine doing this at school. Everyone just pulled out their phones and gets Rick rolled 😂😂😂
WE ARE GOING TO RICKROLL EVERYONE WITH THIS ONE 🔥🔥🗣️🗣️🗣️
😅
Even if is patched after android version 11 is a good security practice keep your bluetooth off when you are in public spaces.
That's Why I Keep My Bluetooth, Wifi, Etc. Types Of Wireless Communications Turned Off When Not Needed. Sometimes, Even Cellular Connection.
David been getting me paranoid about blue tooth lately
Why did I get Rick rolled in a Dvid Bombal video ? 😢
I had to do it 😂
this man single handedly keeping kali alive to date
Just curious what are the better operating systems than kali except parrot
Smoothest rickroll ever. 😭
Bro got that hacking rizz
Imagine you're chilling and some hacker hacked you're phone and rick rolled you 😂
Is there going to be a how to video? The rick roll 😂😂😂
Yes. Coming soon!
Full video here: czcams.com/video/IevVEUzXA30/video.html
@@davidbombal If this link is gonna sent me to a Rick Astley video....
@@klopf_Did it?
@@davidbombalyay!
Don't worry guys this vurniablity has been fix after A11
Basically most android phone older than 2018 will most likely be vulnerable, since most Androids only get 1-2 extra year of security update, meanwhile iPhone 6 from 2014 still gets security updates lol.
@@Hhhh22222-w androids in the same price range as an iphone mostly get 5 years of security updates and the google is on another level so yea .
@@Hhhh22222-wWhile Apple is doing a great job on updating its phones, there are some miss leading in your comment. First you are comparing a flagship phone (iphone 6) to budget phones out there. It's been a long time since Android flagships are getting 4 or 5 years of security updates(like pixels), and recently they offer 7 years of update. If any one wants to be picky and go for an iPhone, they should be picky in choosing Android phones too and not buying every crappy phone as Android phones and complaining.
No iPhone 6 cant be updated beyond iOS 12.5 as it doesnt meet the hardware requirement for the latest iOS. So unfortunately no latest security patches. Need to get a new phone for that. Tech simply cant backtrack to 10 year old devices.
@@Hhhh22222-w yea with every update, they reduce the battery and performance 😂😂
*mee eh eh apple Sheep detected*
bro, just Rick rolled me
"not gonna touch it" then proceeds to unmute the thing
Also... I don't know if it's ok showing your MAC address like that... you censored the four... but when you entered 4.. it asked you if you like to enter the device with 22:22:1B:10:52:A5... why not censor it as well?
p.s.: please don't answer my question like it's a matter of course... I know close to nothing when it comes to networking...
never thought i would get rick rolled by a computer
Most technologically advanced RickRoll ever 😂
That was a serious rick roll
That phone was already unlocked.
I love how he went to press the 'unmute' button as its muted by default.
Bro just did all of this for rickroll us, what a legend.
Calling this, a hack is a little bit of a reach. You already have the phone paired with the device so you have to have physical access and then you’re just emulating a USB keyboard to open a browser. Now it’ll be one thing if you were able to allow the raspberry pie to connect to the phone without previously being paired.
thanks, I was wondering the same thing. can it be possible to mimic a paired device?
Mimicking a paired device is exactly how vulnerabilities like this (which doesn't affect newer OSes) go from minor to extreme.
“The bluetooth device is ready to pair”
“I’m not gonna touch it”
Proceeds to touch it 💀
I constantly have this happen to me when I’m driving around at the moment
Technology have advanced so much but people still gets rickrolled 😂
In the year 2525,
if man is still alive
there will be RickRolling
@@prophetzarquon1922 fr ☠️
ricky roll has been
going around since 2011
This is why you disable your phone being visible to other devices after being done pairing your phone with your stuff.
You never know when a new or custom hack is out.
+1
There's really no reason to leave all the wireless on when devices aren't connected; Bluetooth, NFC, UWB, WiFi, & even Location services, are best kept off when not in use.
Seriously everything is.possible besides using just for Internet..
it's like it is accepting unauthorized things or commands from other source even it is not connected !
I wonder if It does work on WiFi?😅
The good old hacking days. When LOIC and IRCs were the thing.
Expectation: Hackers steal stuff from our phone and put viruses in it
Reality: Hackers rickroll us from our own phone
"I wont touch it"
Proceds with touching
They call him the father of hacking, he used bluetooth to wirelessly play a song on another device.
I see a lot of trolling capabilities in this
Instructions unclear, rickrolled myself
its been a while with no rickrolls.
I never thought I would get Rick rolled again 😂
"I am not gonna touch it" touches it.
thank u now i can wirelessly rickroll my friends
Using a dummy phone as an example always wins.
I used to have a seperate windows box that i practiced exploits on but in real world, alot less likely
„I am not gonna touch it“
And that is why you turn bluetooth off.
Didn't see that coming, Good one David Good one.
I will not forget this.
A very professional way to get Rick rolled... 😄😄😄
I remembered back in the days I installed a Java programme in my old phone that can “hack” into other phone by Bluetooth pairing. And it works, I can see their messages, contacts, even photos and videos that are saved in their devices. I can even make calls and send messages with their phones from mine.
works or worked?
Imagine you in party house attacking all you homies phone and start raving to the songs… that is best party trick
now I may be wrong, but I'm pretty sure it doesn't need to be in pairing mode to get the Mac, as long as you can scan the area, or your own network with a wifi adapter with monitor mode. considering devices are usually always trying to connect to a wifi source anyway.
Im not gonna touch it - touches it
Only after the attack was run 😂
Only after the attack was run 😂
Best way to Rick roll
same technology used by a phone to a television when you want to share a screen
That's usually done by WiFi
Meanwhile android always push you to keep ur phone's Bluetooth on
Can you make a longer video, where you explain what the vulnerability is in bluetooth or how an attacker is gaining access to perform remote code execution?
yes, you can also hack a desktop/laptop using bluetooth, its called bluetooth rubber ducky. you don't even need a raspberry pi your laptop is enough to do the trick. You can also use a usb directly, basically any device that can act as a keyboard
I feel like I need get back at you for the Rick Roll 😂
Great tutorial sir
"Im not going to touch it". He touches it😮
You know your phone is hacked when it starts playing "Never gonna give you up" 😂
Moral . Keep Bluetooth and wifi off when not needed
I feel like that was missing as context, that if you are out on public lets say and still have Bluetooth on one could get rick rolled like that 😂
I wonder every thing has a weakness..even the USB😅
we got rickrolling from bluetooth before GTA6
Sir, I want to learn some basic Hacking Methods usually used in games.❤
Legend is "Rick is still Rollin' to this day"
It was not meant for computing at first. It was hands-free and audio as far as I remember. Laissez faire digital lines to a computer is madness. (Phone = computer at this point in time).
You can also get people's credit cards off their phones really easy most people walk around with NFC turned on. On your phone and go close to them and you can scan the NFC and take their card
I’d accidentally hack the phone in my pocket instead of my intended target
Haha. “Rick rolled” wins the internet today!
Best Channel On You-Tube Love Learning New Ways Of Useing A Online Way Of Some Good Tacticks,Thanks Very Much Sir Sheer GOLD 🥇
bluethout pairing security gonna prevent you from hacking the phone
Maybe try a newer phone that still receives security updates? It is expected that an older phone which no longer receives security updates ispre vulnerable to attacks.
Gotta love that you censor thr MAC in the device list, but as soon as you select the device and execute the script, it ahows the full uncensored MAC. Whoops. 😂
Let me just set this up in a starbucks coffee table
It is a Bluetooth Rubberducky!
"I'm not gonna touch it"
*touch touch touch touch*
It probably acts as a bluetooth keyboard
I can't believe how incompetent bluetooth developers are and how insecure it is. And how much we use it with no alternatives
Well its more dangerous for iOS cause in android when you turn off Bluetooth or wifi its off. But in ios it just disconnects the connected devices and don't turn it off. If you want to turn off you have to fo it in settings that most people don't do most of the time
He looks like Zed, the Android from the Future😂
Never gonna touch your devices🕺
Don’t broadcast your BT and you’ll be fine 😂
Noooo! You touch it! You said you're not going to touch it!!!
Damn like it’s 2007 all over again, I always loved getting rolled’ hats off to you sir
Not going to touch he said , continues to unmute and skip the video 😂
"I'm not going to touch it"
Touches it
Bro casually rick rolled us😂
I'm not gonna touch it, Touches the phone!