Bluetooth Vulnerability Assessment 3.0

Analysis On Bluetooth Vulnerability Assessment 3.0

The Bluetooth Team is beginning to wind down and finalize our culminating report, but we have still made tremendous progress since our last blog. Our Btlejuice Team has been able to solve their previous issue with the Schlage Sense Smart Deadbolt, which caused the lock to disappear from the app completely. Meanwhile, the BlueHydra Team has developed a plan: to have information from individual laptops running BlueHydra in an attempt to feed the information back to an individual machine for monitoring purposes.   

Process

The Btlejuice team has corrected the issue previously identified with the Schlage Sense smartphone application. Since we updated the firmware on the lock and not the iPhone, our issue with the lock disappearing from the app was corrected once we updated the iPhone from iOS 9.3.4 to iOS 10.1.1. From that point, we were able to intercept the GATTs (Generic Attributes) being sent from the iPhone to the lock once again.

In an attempt to make the Ubertooth One development platform work with their software, the BlueHydra team has been looking at possible hardware issues or software bugs that might stop the Ubertooth from communicating with BlueHydra. The Ubertooth One should allow BlueHydra to see the MAC address and signal strength of all devices with their Bluetooth enabled and report it back to the user, but currently we can only see devices that are in discovery mode. It is suspected that a hardware issue with certain USB controllers or an issue with the software is contributing to the problem that as of yet remains unresolved.

Conclusion

With Bluetooth 5.0 on its way and devices still in development continuing to implement Bluetooth connectivity without proper security, we hope to bring awareness to just how vulnerable this protocol really is.  

We are currently wrapping up our research and conducting our final tests with Btlejuice and BlueHydra. Stay tuned to our final report that will be published at the end of this semester.

Questions or comments? Please share with us in the comment section below! You can also reach out to our Twitter and Facebook or email us at champforensics@gmail.com. Also don’t forget to read our Blogs!

More Research Projects
CyberRange Team: Creating The Perfect Sandbox Environment
The Internet of Things Team: An Inside Look
CyberTech: Creating a Safer Internet Through Education