BlueDucky: A New Tool Exploits Bluetooth Vulnerability With 0-Click Code Execution – CybersecurityNews

2 minutes, 21 seconds Read

A new tool dunned BlueDucky, automating the exploitation of a critical Bluetooth pairing vulnerability that allows for 0-click code execution on unpatched devices.

This revelation comes on the heels of Marc Newlin’s January 2024 publication of a proof of concept script, which targets a Bluetooth vulnerability identified as CVE-2023-45866.

The vulnerability, as detailed by Newlin, enables attackers to inject keystrokes into any Android and Linux device within Bluetooth range without the need for pairing, by masquerading as a Bluetooth keyboard.

The exploit tool, dubbed “hi_my_name_is_keyboard,” was initially designed to demonstrate the feasibility of such an attack.

The mobile hacker team successfully compromised a range of devices, including Android smartphones, Google Chromecast TVs, Meta Quest 3, and Linux-based smart TVs.

However, the original script required users to manually discover and enter the MAC address of the target Bluetooth device and modify the code to change the injected keys.

BlueDucky Automating the Process

BlueDucky, developed by Opabinia and made available on GitHub, addresses these limitations by automating the entire process.

Document

Download Free CISO’s Guide to Avoiding the Next Breach

Are you from The Team of SOC, Network Security, or Security Manager or CSO? Download Perimeter’s Guide to how cloud-based, converged network security improves security and reduces TCO.

  • Understand the importance of a zero trust strategy
  • Complete Network security Checklist
  • See why relying on a legacy VPN is no longer a viable security strategy
  • Get suggestions on how to present the move to a cloud-based network security solution
  • Explore the advantages of converged network security over legacy approaches
  • Discover the tools and technologies that maximize network security

Adapt to the changing threat landscape effortlessly with Perimeter 81’s cloud-based, unified network security platform.


The tool, which can be run on a Raspberry Pi 4 with Kali Linux or a rooted Android device running Kali NetHunter, scans for nearby Bluetooth devices, allowing the user to select a target from a list.

It then executes a Rubber Ducky script stored in a payload.txt file, eliminating the need for manual script modifications.

One of the standout features of BlueDucky is its potential for true automation. By editing the script, it could be configured to continuously discover devices and attempt exploitation, logging the results of each attempt.

According to the developer’s experience, if a device is vulnerable, the script completes successfully, highlighting the critical importance of patching the CVE-2023-45866 vulnerability to protect against such attacks.

BlueDucky represents a significant advancement in the exploitation of Bluetooth vulnerabilities by automating the process, making it more accessible to attackers, and potentially increasing the risk to unpatched devices.

Its development underscores the importance of patching known vulnerabilities like CVE-2023-45866 to protect against such automated attacks.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

This post was originally published on the 3rd party site mentioned in the title of this this site

Similar Posts