This article is part of the IoT article series that demonstrates how IoT devices can be hacked – some mitigations are recommended at the end of the article. Today we will talk about the security posture of a smart lock, which features fingerprint and wireless unlocking. We will analyze the communication between an android application…
Category: Blog
Introduction to Bluetooth Low Energy – 50k ft
Introduction to Bluetooth Low Energy – 50.000 ft: Bluetooth Low Energy (BLE) is based on Bluetooth classic. However, in Bluetooth low energy protocol, energy matters more than anything else! The BLE protocol is based on the most basic and important principle: low power consumption. A BLE device can be powered for a year; non-stop, by…
BLE Penetration Test of Anboud Smart Lock
Introduction This article is part of a series which educates people on how to properly conduct a penetration test on IoT devices. The IoT Pentest Series will start the hacking journey with Bluetooth Low Energy protocol. This article analyzes a commercial padlock and discusses the different phases a penetration tester shall follow when pen-testing a…
Features of BLE:Bit v1
BLE:Bit : The first of its kind Bluetooth Low Energy Penetration Testing Security Assessment Device. What is BLE:Bit – The state of the art in Bluetooth Low Energy Hacking Often penetration testers wish to make a quick check, automated check of IoT devices that support multiple protocols. There are different stacks and libraries that can be…
Brute-force BLE PIN with BLE:Bit
The goal of this article is to educate how to properly configure BLE:Bit by using the BLE:Bit sdk v1.5, in order to build a high-level brute-force device in case the target peripheral, is using a static key – a very possible scenario, especially when the pairing method is display-only. This kind of attack is very…