Hi, I've done some surface-level research into Bluetooth protocols, and I'm wondering if it's possible to send a spoofed disconnect/connection rejection. The general idea would be that an attacker's computer would impersonate a connectable device (i. e., a speaker or similar) and then would send an HCI disconnect to the device(a phone, for example) that's currently connected to the real speaker, causing the connection to collapse. Is this feasible? I understand that modern Bluetooth has keys that make things like this difficult, but is there a way of sending packets that would cause a connection to collapse? I assume there must be, given that a connection can fail before the key is sent.
Edit: I should mention I'm specifically referring to 2 already connected and paired devices here, not one that's advertising over BLE. Oh, and if that's not possible, is there anything in this general idea that could prevent the connectable device from connecting to the device it's paired with? (not a jammer, but something within the protocol)
[link] [comments]
from hacking: security in practice https://ift.tt/sD1MG5J
Comments
Post a Comment