CAPEC-666
BlueSmacking
Gemiddeld
Gemiddeld
Draft
2021-06-24
00h00 +00:00
00h00 +00:00
2022-09-29
00h00 +00:00
00h00 +00:00
Melding voor een CAPEC
Blijf op de hoogte van wijzigingen voor een specifieke CAPEC.
Beschrijvingen CAPEC
An adversary uses Bluetooth flooding to transfer large packets to Bluetooth enabled devices over the L2CAP protocol with the goal of creating a DoS. This attack must be carried out within close proximity to a Bluetooth enabled device.
Informatie CAPEC
Uitvoeringsstroom
1) Explore
[Scan for Bluetooth Enabled Devices] Using BlueZ along with an antenna, an adversary searches for devices with Bluetooth on.
Techniek
- Note the MAC address of the device you want to attack.
2) Experiment
[Change L2CAP Packet Length] The adversary must change the L2CAP packet length to create packets that will overwhelm a Bluetooth enabled device.
Techniek
- An adversary downloads and installs BlueZ, the standard Bluetooth utility package for Linux.
3) Exploit
[Flood] An adversary sends the packets to the target device, and floods it until performance is degraded.
Vereisten
The system/application has Bluetooth enabled.Vereiste vaardigheden
An adversary only needs a Linux machine along with a Bluetooth adapter, which is extremely common.Mitigaties
Disable Bluetooth when not being used.When using Bluetooth, set it to hidden or non-discoverable mode.
Gerelateerde zwakheden
| Zwakheidsnaam | |
|---|---|
CWE-404 |
Improper Resource Shutdown or Release The product does not release or incorrectly releases a resource before it is made available for re-use. |
Referenties
REF-655
What is BlueSmack Attack?Amrita Mitra.
https://www.thesecuritybuddy.com/bluetooth-security/what-is-bluesmack-attack/
Indiening
| Naam | Organisatie | Datum | Releasedatum |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Wijzigingen
| Naam | Organisatie | Datum | Opmerking |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |
