PoCs of Vulnerabilities on Bluedroid
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Dissect Android Bluetooth for Fun & Profit.pdf
README.md
avrcp_CVE-2017-13281.c
poc_CVE-2017-13255.c
poc_CVE-2017-13256.c
poc_CVE-2017-13266.c
poc_CVE-2017-13267.c
poc_CVE-2018-9356.c
poc_CVE-2018-9357.c
poc_CVE-2018-9358.c
poc_CVE-2018-9359.c
poc_CVE-2018-9360.c
poc_CVE-2018-9361.c
poc_CVE-2018-9365.c
poc_CVE-2018-9381.c

README.md

Vulnerability PoCs of Android Bluetoodh.

avrcp_CVE-2017-13281.c is the CVE-2017-13281 poc code.

$ mv avrcp_CVE-2017-13281.c blue-5.37/profiles/audio/avrcp.c

just replace blue-5.37/profiles/audio/avrcp.c with poc, and compile the source code on ubuntu 16.04, run bluetoothd manually, and paired my pixel xl with my laptop. Once paired, the attack payload will be sent automatically.

CVE-2018-9358 - CVE-2018-9361 are information disclosure, to see the leaked data which were sent back, you can use wireshark to capture the pcaps.

Note: just for research and test, not for illegal use.