Cyber security

Manual Exploits – Assessing Device Security Through Direct Interaction

This check could be used to assess the severity of the attacks. If the target device is pairable even if the user does not navigate to the pairing/discovery menu then such a device has a higher exposure to the threats.

It should be noted that previous research showed that Bluetooth MAC addresses could be passively collected with a high probability.

To check the target device:

  • obtain a MAC address of a target
  • do not navigate to the pairing/discovery menu
  • try to connect to the target using bluetoothctl and hcitool

Only The Vehicle Can Initiate A Connection

This check applies mainly to the In-vehicle-infotainment systems (IVI).

IVI systems generally allow the phone to connect to them but lack the capability of connecting back.

There are also such IVI systems that allow the connection to be initiated in both ways.

The most secure one is a connection initiated by the IVI system.

It should be also noted that defences for the attacks might be implemented for a connection initiated by the phone but the same defences might be lacking when the connection is initiated by the IVI system.

Fast Reboot

This is a check whether or not it is possible to reboot the target device.

Some devices like In-Vehicle-Infotainment systems mainly do not allow to be rebooted unless one switches off and closes the vehicle for 10-20 minutes.

The result could be additionally used to assess the severity of Denial of Service exploits.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

The Growing Role of Digital Libraries in Remote Education

Learning Without Walls Remote education has long been a lifeline for students in rural areas…

3 days ago

How Do I Do Reverse Image Search

Have you ever come across a picture on the internet and wondered where it came…

3 days ago

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

2 weeks ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

2 weeks ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

2 weeks ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

2 weeks ago