Open nsidesm opened 1 year ago
Hi, Thank you very much for this amazing PR. I don't have enough time to review it right know, but I'll do it as soon as possible. Thanks again for this great contribution !
@nsidesm where can your masters thesis be found?
This Pull Request contains the work done during my Master Thesis. Since this single commit contains a lot of changes, i tried to clarify the work, which was done.
Modified Files:
mirage/libs/ble.py:
mirage/libs/ble_utils/constants.py:
mirage/libs/ble_utils/dissector.py:
mirage/libs/ble_utils/packets.py
mirage/libs/ble_utils/scapy_link_layers.py
mirage/libs/bt.py
mirage/libs/bt_utils/scapy_vendor_specific.py
mirage/modules/ble_connect.py
mirage/modules/ble_discovery.py
mirage/modules/ble_pair.py
New Files:
Cryptographic functions for secure connections pairing:
Generic BLE Module, does nothing and is suitable for scenarios, which perform specific tasks:
BLE Relay Module (Requires the nRF 52840 Dongles with customized Zephyr
hci_usb
Firmware*):Secure Connections MITM Module, uses downgrade attack to pair with both devices using Just Works Pairing:
Secure Connections Pairing Module, for pairing Secure Connections devices:
Scenario to fuzz a writable GATT characteristic:
Scenario for Blue Door Attack https://dl.acm.org/doi/10.1145/3386901.3389025 (Requires the nRF 52840 Dongles with customized Zephyr
hci_usb
Firmware*):Scenario for BlueMirror Attack https://ieeexplore.ieee.org/document/9474325:
Scenario for Fixed Coordinate Invalid Curve Attack https://dl.acm.org/doi/abs/10.1007/978-3-030-38471-5_11:
Scenario for HID Injection Attack:
Scenario for KNOB Attack https://dl.acm.org/doi/10.1145/3394497:
Scenario for Replay Attacks (Without Pairing for Application Layer Security):
Scenario to scan for security Properties of the Device:
Scenario to test cryptographic implementation of Secure Connections Cryptography:
Scenario for Zero LTK Attack https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks/issues/13:
* https://github.com/nsidesm/zephyr/tree/zephyr_hci_extension