Loading video...
Video Failed to Load
PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install #Metasploit payload without proper Bluetooth pairing (CVE-2023-45866) It still affects Android 10 and bellow #NetHunter
108,872 views • 2 years ago •via X (Twitter)
11 Comments

In a different 0-click exploit scenario: It is also possible to lock-out user from its smartphone by brute-forcing a lock-screen passcodes in a loop to trigger 30 seconds and then 60 seconds timeout. Injected key-presses are typed way faster then user taps to unlock the device.

How to prevent becoming a victim: 1) For Android 10 and below, the security patch is not available - so, turn off Bluetooth if not used 2) Android 11 and above, install 2023-12-05 security patch (if OEM already pushed it) 3) Don't start Discoverable Mode to disclose MAC address

Is victim interaction required for accept the bluetooth connect with the attacker device?

No. The exploit enforces the Bluetooth pairing without any victim interaction

Keep up the good work! Hope to see a new PoC video on macOS, iOS and Windows ;)

can you share the script to inject the metasploit payload? thanks

Since many of Android devices are still vulnerable without option to patch this issue, I decided not to share the PoC script to inject the metasploit payload. I hope you understand my concerns.

🔥

How to detect is metasplpot was installed or not?

🔥 But Target device rooted ?

It doesn't matter if target is rooted or not. It affects Bluetooth protocol of devices running Android version 10 and below
Related Videos
Sensitive content
💡Bruce Force 6 Digit Pin Using Cusom Wordlist CiLocks: Crack Interface lockscreen, Metasploit and More Android/IOS Hacking
Dark Web Informer
25,376 views • 1 year ago
