37 matches found
Bluetooth RFCOMM 1.1 Signal-Triggered Air-Gap Interaction
This project demonstrates how Flipper Zero can be used to interact with devices in an Air-Gap context using Bluetooth RFCOMM signals. The system monitors RSSI signal strength and uses statistical peak detection Z-Score analysis to identify significant signal spikes from target devices. When a pea...
EUVD-2005-4828
Malware in sbrugna...
EUVD-2015-8113
Malware in sbrugna...
Noisy Networks, Nosy Neighbors: Inferring Privacy Invasive Information from Encrypted Wireless Traffic
This thesis explores the extent to which passive observation of wireless traffic in a smart home environment can be used to infer privacy-invasive information about its inhabitants. Using a setup that mimics the capabilities of a nosy neighbor in an adjacent flat, we analyze raw 802.11 packets an...
PT-2023-30832 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a possible out of bounds read in the SignalStrengthAdapter::FillGsmSignalStrength function of protocolmiscadapter.cpp. This is due to a missing bounds check, which...
Google Pixel Buffer Error Vulnerability
The Google Pixel is a smartphone from Google, Inc. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in SignalStrengthAdapter::FillGsmSignalStrength of protocolmiscadapter.cpp, which may result in out-of-bounds reads...
OPENSUSE-SU-2023:0370-1 Security update for connman
This update for connman fixes the following issues: - Update to 1.42 Fix issue with iwd and signal strength calculation. Fix issue with iwd and handling service removal. Fix issue with iwd and handling new connections. Fix issue with handling default online check URL. Fix issue with handling...
OPENSUSE-SU-2023:0369-1 Security update for connman
This update for connman fixes the following issues: Update to 1.42 Fix issue with iwd and signal strength calculation. Fix issue with iwd and handling service removal. Fix issue with iwd and handling new connections. Fix issue with handling default online check URL. Fix issue with handling...
Aruba Networks ArubaOS and InstantOS Security Vulnerabilities
Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc. Aruba Networks InstantOS is an Arch Linux-based distribution. A security vulnerability exists in Aruba Networks ArubaOS and InstantOS due to an arbitrary file deletion vulnerability in the RSSI service...
PT-2023-17776 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In the btm read rssi complete function of btm acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with...
SUSE CVE-2005-4835
The athratesample function in the athrate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service failed KASSERT and system crash by moving a connected system to a location with low signal strength, and possibly other vectors related to a race...
dBmonster - Track WiFi Devices With Their Recieved Signal Strength
With dBmonster you are able to scan for nearby WiFi devices and track them trough the signal strength dBm of their sent packets sniffed with TShark. These dBm values will be plotted to a graph with matplotlib. It can help you to identify the exact location of nearby WiFi devices use a directional...
ROS-20220721-01
Vulnerability in the ProcXkbSetGeometry call handler of X.Org Server is related to improper protection of the of signal strength warnings during request length processing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code or escalate privileges A...
New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G
Researchers have disclosed security vulnerabilities in handover, a fundamental mechanism that undergirds modern cellular networks, which could be exploited by adversaries to launch denial-of-service DoS and man-in-the-middle MitM attacks using low-cost equipment. The "vulnerabilities in the...
Netenum - A Tool To Passively Discover Active Hosts On A Network
Network reconnaisance tool that sniffs for active hosts Introduction Netenum passively monitors the ARP traffic on the network. It extracts basic data about each active host, such as IP address, MAC address and manufacturer. The main objective of this tool is to find active machines without...
Code injection
Samsung Galaxy S8 plus Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3, Samsung Galaxy S3 Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8, and Samsung...
CVE-2019-16401
Samsung Galaxy S8 plus Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3, Samsung Galaxy S3 Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8, and Samsung...
CVE-2018-9581
In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSICHANGE and android.net.wifi.STATECHANGE intents. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
Android RSSI Broadcast Information Disclosure
Blog post here: https://wwws.nightwatchcybersecurity.com/2018/11/11/cve-2018-9581/ NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-9581 and CVE-2018-15835. A presentation covering all three bugs was given at BSides DE in the fall ...
Counting People Through a Wall with WiFi
Interesting research: In the team's experiments, one WiFi transmitter and one WiFi receiver are behind walls, outside a room in which a number of people are present. The room can get very crowded with as many as 20 people zigzagging each other. The transmitter sends a wireless signal whose receiv...