Critical Bluetooth vulnerability CVE-2023-45866

Рет қаралды 6,333

Күн бұрын

In this video I have explained a critical Bluetooth vulnerability CVE-2023-45866 that allows unauthenticated users to inject keystrokes to vulnerable devices including widely used android devices too. I have demonstrated this vulnerability using a python script: BlueDucky running on Raspberry Pi 5 with it's internal Bluetooth adapter. Impact, affected device, Mitigation and lot more I have explained using few slides and annotation. If You are interested to watch a particular section of this video, below mentioned timestamps can be used to navigate.
00:00 - Start
01:27 - Warning ! This video is for educational purposes only
02:10 - CVE-2023-45866 vulnerability Details
03:49 - Impact(s) of the vulnerability: CVE-2023-45866
05:27 - Known affected devices
06:55 - The actual flaw as per CVE-2023-45866
07:35 - Initial Setup for BlueDucky
08:21 - Setup: Using Raspberry Pi 5
09:01 - Setup: Installing Dependencies and cloning GitHub Repo.
10:07 - Setup: Installing older version of BlueDucky on Raspberry Pi 5
12:35 - Running Blueducky on Raspberry Pi 5
16:06 - Mitigation
18:40 - Important Information
Slides and the commands can be downloaded from this Link: bit.ly/3xG0Yvi
Disclaimer: This video is for informational and educational purposes only. Information security, cybersecurity and ethical hacking is for everyone who is using digital information, smartphones and computers. To protect your information from hackers, you need know how hacking is done. That is why I am sharing my knowledge of such tools on this channel.
Related Videos on HID attack:
All about HID and WHID attacks and devices: • All about HID and WHID...
Learn HID attack on Kali NetHunter | show a fake Windows : • Learn HID attack on Ka...
Bypass Android lock screen, in case you have forgotten the PIN or pattern : • Bypass Android lock sc...
testing windows defender security with digispark: • Video
Follow us on:
Facebook: / clicksnbits
Instagram: / clicksnbits

Пікірлер: 42

@maheshpandya8145 29 күн бұрын

Sir thank you new imfrtion

@ROB9.6 23 күн бұрын

I don't know this. But like to watch such awesome Videos. Thank you ji.

@anujSingh-st1gs 26 күн бұрын

Nice vedio sir

@anujSingh-st1gs 28 күн бұрын

Very interesting

@ClicksAndBits 28 күн бұрын

Thank You and keep watching

@mayawithrahul Ай бұрын

❤❤❤❤❤❤❤❤ nice 👍

@RishavAggrawal Ай бұрын

Nice Video❤

@ClicksAndBits Ай бұрын

Thanks 🔥

@Unknown-User872 Ай бұрын

Ahmyth install in termux please make a video on this topic install to ho jata hai par payload building fail ho jata hai

@ClicksAndBits Ай бұрын

sure

@asimchhatar3604 17 күн бұрын

Make a video regarding Android rooting 😮😮😮

@sravanlucky5337 Ай бұрын

Is it possible to do this directly in Kali Linux after clone the repository

@headshot_gamingg 27 күн бұрын

is it work on parrot virtual machine?

@hackerbolte5686 Ай бұрын

#Ye hum laptop me Kali se krr skte hai pi tho nhi hai sir

@brocklezner76 24 күн бұрын

Script not working connection failure likha arha hai

@arhamjaved6815 18 күн бұрын

Sir hum android k Lia HID script ksa lik Sakta ha a video bna da

@Avshack Ай бұрын

hello sir at this movement what to give input to start scanning 13:00

@ClicksAndBits Ай бұрын

at the first run, the script will start scanning automatically. After that that you the script will request input from you to take further action.

@scorpionisready 27 күн бұрын

Parsu se try kr rha hu bluez install hi nhi ho rha

@mrZzz675 28 күн бұрын

Sir , Bluetooth device hack kar ke liye Blutooth adaptor lena hota hai kya like Wifi Adapter ya jaise ka video me Raspberry Pi Device me Bluetooth Transmitter/ Recevier Rehta hai Kya Please Clear??

@ClicksAndBits 28 күн бұрын

The inbuilt BT adapter will work

@mrZzz675 28 күн бұрын

@@ClicksAndBits Lekin aapne Raspberry Pi Device se blutooth device ck kiya usme bhi pre installed rehta hai kya

@sayyedshababali6409 3 күн бұрын

Please make one video without using raspberry pi

@amarjeetsingh-zo1lw Ай бұрын

sir ssp error aarha h

@subhasishdas3811 28 күн бұрын

Isme bluetooth adaptar bhi jaroori hain kya

@ClicksAndBits 28 күн бұрын

no Sir. the internal adapter will do the trick

@Thecruelworld1966 Ай бұрын

Kal hi maine iske bare me ek article pada tha aur aaj video dekh rha hun 😂😂

@ClicksAndBits Ай бұрын

burning vulnerability

@_ArfatFarooq 28 күн бұрын

Bro does this CVE exploit works without external bluetooth adapters? Also can we use it with inbuilt bluetooth device in Kali Linux(windows internal bluetooth adapter)

@Mr.r0b07 29 күн бұрын

Bhai bhut piche chal rha hai.... Kabki videos aa chuki hai iske upar..... Aapka sabun slow h kya

@ClicksAndBits 28 күн бұрын

😄😄😄😄

@xyzking120 18 күн бұрын

Sir Android se script run kaise kare

@RG_ANIME_STATUS 17 күн бұрын

Android nethunter cahiye hoga Android me or 4 se zyada gb ram cahiye hoga Kali nethunter ke liye 👍🏻

@RiseAure Ай бұрын

i got that error 2024-07-08 19:11:00,836 - ERROR - Error enabling SSP: Failed to enable SSP Traceback (most recent call last): File "/home/dark/Documents/Tools/blue/BlueDucky/BlueDucky.py", line 697, in main() File "/home/dark/Documents/Tools/blue/BlueDucky/BlueDucky.py", line 671, in main adapter.enable_ssp() File "/home/dark/Documents/Tools/blue/BlueDucky/BlueDucky.py", line 112, in enable_ssp raise ConnectionFailureException("Failed to enable SSP") ConnectionFailureException: Failed to enable SSP

@nileshahirwar1453 29 күн бұрын

Please help me sir 🙏🙏🙏🙏

@nileshahirwar1453 Ай бұрын

Sir mujhe aapki madad chihiye please sir mera complete data sd card me tha jo ki mere chacha ne chura liya hai or vo mere pariwar ke sath galat karna chahta hai sir mujhe apke help ki jarurat hai please help kijiye sir please 😭😭😭😭😭

@ajmlmac6590 28 күн бұрын

What datas u have in that?

@nitinotavkar6509 22 күн бұрын

Collecting pyobjc (from -r requirements.txt (line 6)) Using cached pyobjc-10.3.1-py3-none-any.whl.metadata (26 kB) ERROR: Exception: Traceback (most recent call last): File "/home/kali/.local/lib/python3.11/site-packages/pip/_internal/cli/base_command.py", line 179, in exc_logging_wrapper status = run_func(*args)

@nitinotavkar6509 22 күн бұрын

Error