Skip to content
Branch: master
Find file History

Latest commit

Latest commit d06fce5 Mar 25, 2020

Files

Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
screen
README.MD Update README.MD Mar 25, 2020
bluevisku.sh koshinudze-v-1.1 Mar 25, 2020
p0c_blue koshinudze-v-1.1 Mar 25, 2020
p0c_blue.c Update p0c_blue.c Mar 25, 2020

README.MD

CVE-2020-0022

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0022

http://exploit.kitploit.com/2020/03/android-bluetooth-remote-denial-of.html

https://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html

p0c_blue for CVE-2020-0022

usage

      • Kali Linux
      • Find d#v1c#s
https://github.com/nu11secur1ty/Kali-Linux/tree/master/Bluetooth
https://github.com/nu11secur1ty/Kali-Linux/tree/master/Blueranger
      • Ditrect program
https://github.com/nu11secur1ty/Kali-Linux/tree/master/Bluevisku
        • Scan...
      • Need to install
apt install libbluetooth-dev
      • Compiling
gcc p0c_blue.c -lbluetooth -o p0c_blue
      • Attack
./p0c_blue MAC_ADDR

info

  • This poc_hould be stable on android 8.1.0,once it run into truncating packet, crash. But it cloud be very unstable, on Samsung s9 plus surely unstable.
  • Run poc on raspberry pi 3B has been tested okay.
  • run ubuntu/arch with vmware in windows 10 on thinkpad x1c 2018 or ubuntu with pd in mac os x could not run into truncating code , don't know why.

Test List

  • OnePlus 5T with Android 8.1.0: stable.
  • Samsung s9 plus with Android 9.0: unstable.
  • Nova 3 with Android 9: stable.

      • Fix on OS 10

CVE	                References	      Type	       Severity	   Updated AOSP versions
-------------------------------------------------------------------------------------------------
CVE-2020-0022	      A-143894715	      DoS	         Moderate	       10
      • Table:

https://source.android.com/security/bulletin/2020-02-01

You can’t perform that action at this time.