PenTestIT RSS Feed
No matter what part of the world you live in, Iām sure that you must have at least heard about the latest Bluetooth attack making rounds - BlueBorne. Iām also sure that if you have a vulnerable device and you have some time until your vendor releases a patch remediating this vulnerability. If this is the case, then this post is for you as this post discusses the different ways which you can perform to try and avoid being exploited with the BlueBorne Bluetooth vulnerability.
BlueBorne is a new, unauthenticated, set of vulnerabilities targetting multiple operating systems such as Android, iOS, Windows, and Linux, and the devices that have these operating systems installed. The name is concocted on the word āairborneā as it allows unauthenticated attackers to take over devices on air-gapped networks. Additionally, this set of attacks do not require the targeted device to be set on discoverable mode or to be paired to the attackerās device. More information about these set of vulnerabilities can be found here.
bnep_process_control_packet()
. This memory corruption can be triggered in the Personal Area Networking (PAN) profile of BNEP service and allows you to execute arbitrary. The vulnerability does not require any user interaction, authentication or pairing.With this theory about BlueBorne out of the way, letās get to the crux of this post.
Microsoft Windows: Apply patches listed in the September 2017 advisory - CVE-2017-8628 | Microsoft Bluetooth Driver Spoofing Vulnerability
* If you are not able to do so, you can deactivate the Bluetooth module itself. The best way to protect your Windows systems from BlueBorne attacks is by disabling the Bluetooth device from the Device Manager.
Android: If you are lucky enough you will have a supported phone which can get OTAs from your provider and upgrade to the latest September 9, 2017 Security Patch Level. If not, you always have an option of sideloading an OTA. Unfortunately, this patch will be available only for Nougat (7.0), Marshmallow (6.0). You also have an option of getting on a custom ROM such as LineageOS.
Apple: Upgrade to iOS version 10 and Apple TV versions above 7.2.2.R
*NIX: This is a bit tricky as some vendors have already released a patch and some have not. For example, RHEL and Debian CVE-2017-1000250 and CVE-2017-1000251 are already available. However, if you still want to disable Bluetooth, this is how:
Ubuntu/Debian:
sudo mv /etc/init/bluetooth.conf /etc/init/bluetooth.conf.disabled
Run:
#Disable and stop the Bluetooth service
systemctl disable bluetooth.service
systemctl mask bluetooth.service
systemctl stop bluetooth.service
#Remove Bluetooth modules
rmmod bnep
rmmod bluetooth
rmmod btusb
You can even follow the RHEL SCAP Security Guide here.
5. Armis Labs have also released an Android App āBlueBorne Vulnerability Scannerā to detect devices that are vulnerable to BlueBorne.
The post How to: Protect Systems From BlueBorne Attacks? appeared first on PenTestIT.