Explore the vulnerabilities of Bluetooth Low Energy (BLE) devices in this 40-minute Black Hat conference talk. Dive into the world of IoT security as Slawomir Jasek introduces a new BLE proxy tool for intercepting and manipulating BLE communications. Learn about common security flaws in BLE implementations, including improper authentication, static passwords, and weak random number generation. Discover how to exploit these vulnerabilities to take control of smart locks, disrupt smart home systems, and even obtain unauthorized access. Gain insights into best practices for mitigating these attacks and protecting BLE-enabled devices. Get hands-on experience with the open-source BLE MITM proxy tool, which can be run on a portable Raspberry Pi for on-the-go IoT device exploitation, reverse engineering, and debugging.
Overview
Syllabus
Gattacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool
Taught by
Black Hat