YoVDO

BLEEDINGBIT - Your APs Belong to Us

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Wireless Security Courses Network Administration Courses Zero-Day Vulnerabilities Courses Bluetooth Low Energy Courses

Course Description

Overview

Explore BLEEDINGBIT, two zero-day vulnerabilities in Texas Instruments' BLE chips used in Cisco, Meraki, and Aruba wireless access points, in this Black Hat conference talk. Delve into Bluetooth Low Energy technology, its use cases, and layers. Understand the potential impact of these vulnerabilities, including how attackers can penetrate enterprise networks over the air. Examine the packet structure, TI architecture, and the intricacies of the exploit. Witness demonstrations of the attack process, from initial exploitation to establishing a backdoor. Learn about mitigation strategies and gain three key takeaways to enhance network security against such threats.

Syllabus

Introduction
Agenda
Bluetooth Low Energy
Use Cases
Layers and Functions
Aruba
MM Compare
What can an attacker do
How would an attack look like
Access to multiple segments
Demonstration
Packet Structure
Length Field
TI Architecture
Advertising Packet
Data Entry Key
Data Received
Spray
Shellcode
Task at Hand
Preventing Future Overflows
Crushing the Chip
Restoring Execution
Backdoor
Backdoor Recap
Demo
Three takeaways


Taught by

Black Hat

Related Courses

Bluetooth Low Energy (BLE) From Ground Up™
Udemy Building More Reliable Bluetooth LE Products With Memfault
Nordic Semiconductor via YouTube Getting Started with ANT for NRF Connect SDK
Nordic Semiconductor via YouTube Introducing ANT Support to the NRF5340 SoC and NRF Connect SDK
Nordic Semiconductor via YouTube Introduction to the NRF21540 RF FEM for Range Extension
Nordic Semiconductor via YouTube