IoT devices can be attacked via a new technique of this era called ‘The Blueborne’. Each and every IoT devices right now works on bluetooth. So, the only way to penetrate in to these IoT devices is the vulnerable Bluetooth of those respective devices. IoT devices works on various software platforms such as android, ios, Linux and windows. Since these devices has their bluetooth in various forms such as bluez in Linux, Bluetooth in ios, android and windows,which makes it comfortable for the attacker. So, if those Bluetooth are vulnerable then the devices working on them can possibly do the same.
How can we attack Bluetooth?
‘The blue borne’ exploit was released recently by the armis security lab. This exploit can be used against the Bluetooth devices so that we can penetrate into those devices without the knowledge of the user. Now in this tutorial I will tell you that how to attack a Bluetooth device in a step-by-step process.
Identify the bluetooth :
It is not necessary that the victim’s Bluetooth is to be discoverable. Once we target our destined bluetooth we can make it discoverable. Bluetooth pairing can be avoided through this methodology. While pairing of bluetooth a part of the mac address is shared between two devices and the remaining part of the mac address can be brute forced with (32 options only).This can be done with a tool called ‘ubertooth’. Ubertooth is a development platform for experimenting Bluetooth . So, with the help of this we can find the mac address of the device to be attacked and can finally fix the target. As the other side pairing device you will need to have a Bluetooth chipset compatible for nRF24 aurdino. Then, you have to build the chipset with the github code. Thus, the chipset is ready for receiving the mac address of the victim.
Setup the blueborne :
Fire up your kali linux and install the blue borne script from github and unwrap the code to setup blue tooth in your in your host. By using,
sudo apt-get install bluetooth libbluetooth-dev
sudo pip install pybluez
sudo pip install pwntools
Step 3 :
Start your exploit with the wifi mac address which you have recieved with your ubertooth tool. Exploit the target with,
Finally, the device will be prone to the attack and you will get the data packets for transmission and with the the help command ,you can see the available options for further action.