"the keywe smart lock is made by guardtec and uses bluetooth low energy ( ble ) to communicate with its mobile app on android or ios phones. it was successfully exploited back in december of last year by f - secure, and more recently by myself. inasmuch, the vendor has implemented…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1016System Network Configuration Discovery
86%
"addresses to build a history of device activity and / or for tracking purposes. the way they hide their mac address is by generating random mac addresses for connecting to networks. it ’ s fairly easy to determine if a mac address is random by looking at the 2nd digit of the oui …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557Adversary-in-the-Middle
67%
"machine - in - the - middle ( mitm ) ble attack machine - in - the - middle ( mitm ) ble attack ray felch / / introduction continuing with my ongoing smart lock attack research ( see blog reverse engineering a smart lock ), i decided to move my focus to a different type of attack…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557.001Name Resolution Poisoning and SMB Relay
64%
"machine - in - the - middle ( mitm ) ble attack machine - in - the - middle ( mitm ) ble attack ray felch / / introduction continuing with my ongoing smart lock attack research ( see blog reverse engineering a smart lock ), i decided to move my focus to a different type of attack…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557.001Name Resolution Poisoning and SMB Relay
51%
"now spoofing the lock ’ s mac address and sending the lock ’ s advertising beacons as recorded earlier, at a rate of every 20ms. both the central pi and the peripheral pi are now armed and ready for the attack ( as indicated by the “ initialized ” banner. the peripheral pi is now…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.004Unix Shell
49%
"- o - https : / / raw. githubusercontent. com / nvm - sh / nvm / v0. 36. 0 / install. sh | bash nano ~ /. bashrc append to end of bashrc file : export nvm _ dir = " $ home /. nvm " [ - s " $ nvm _ dir / nvm. sh " ] & & \. " $ nvm _ dir / nvm. sh " # this loads nvm [ - s " $ nvm _…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Ray Felch // Introduction Continuing with my ongoing Smart Lock attack research (see blog Reverse Engineering a Smart Lock), I decided to move my focus to a different type of […]
