OPS32 Posted September 12, 2017 Share Posted September 12, 2017 Quote The Bluetooth Pineapple – Man in The Middle attack (CVE-2017-0783)Man-in-The-Middle (MiTM) attacks allow the attacker to intercept and intervene in all data going to or from the targeted device. To create a MiTM attack using Wi-Fi, the attacker requires both special equipment, and a connection request from the targeted device to an open WiFi network. In Bluetooth, the attacker can actively engage his target, using any device with Bluetooth capabilities. The vulnerability resides in the PAN profile of the Bluetooth stack, and enables the attacker to create a malicious network interface on the victim’s device, re-configure IP routing and force the device to transmit all communication through the malicious network interface. This attack does not require any user interaction, authentication or pairing, making it practically invisible. Research Paper: http://go.armis.com/blueborne-technical-paper Quote Link to comment Share on other sites More sharing options...
digip Posted September 13, 2017 Share Posted September 13, 2017 Someone had just posted this at work the other day. Haven't had a chance to watch it yet. Interesting. I don't use bluetooth for anything but my cars have it on by default, so not good. Quote Link to comment Share on other sites More sharing options...
UnLo Posted September 13, 2017 Share Posted September 13, 2017 Literally just read about blue borne.. Good to see a spot to discuss it here. Need to do some more reading Quote Link to comment Share on other sites More sharing options...
Forkish Posted September 13, 2017 Share Posted September 13, 2017 Is the word Pineapple in this context an actual term used in BT trchnology stack or is Pineapple becomming synonymous with rogue AP and MiTM attacks? Quote Link to comment Share on other sites More sharing options...
UnLo Posted September 13, 2017 Share Posted September 13, 2017 Just now, Spoonish said: Is the word Pineapple in this context an actual term used in BT trchnology stack or is Pineapple becomming synonymous with rogue AP and MiTM attacks? I'm guessing the latter after seeing the video Quote Link to comment Share on other sites More sharing options...
digip Posted September 14, 2017 Share Posted September 14, 2017 Draw your own conclusions but I think the name is just a name and more or less to give people the sense of the same type of attacks as the hak5 pineapple. Still, if it doesn't work the same way as a pineapple with respect to listening for probes and then brining in device connections, it may be more or less just marketing hype to get the word out. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.