francozappa / knob Goto Github PK
View Code? Open in Web Editor NEWKey Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
Home Page: https://knobattack.com/
License: MIT License
Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
Home Page: https://knobattack.com/
License: MIT License
I used two nexus 5 version phones to execute the CVE_2018_5383_Invalid_Curve_Attack_PoC.py file, but the following error occurred when this file was executed on the ubuntu system:
[] Using adb device: 04250993437df21a (AOSP on HammerHead)
[] Importing fw_5 for AOSP on HammerHead
[] Writing hooks to 0xd7800...
[] Installing hook patches...
[] - Hook public key receive path to replace y-coordinate with zero
[] patchRom: Choosing next free slot: 114
[] - Hook public key send path to replace y-coordinate with zero
[] patchRom: Choosing next free slot: 115
[*] - Hook private key generation function to always produce even private key
[!] patchRom: patch (\x00\x8e���) must be a 32-bit dword!
[CRITICAL] Installing patch for GEN_PRIV_KEY failed1!
Can you know what went wrong?
Hi,
i'm trying the knob attack on rooted nexus5.
got the following errors:
The bluetooth, HCI snoop log are active. Also, stack is debug enabled following the procedure here for nexus 5 https://github.com/seemoo-lab/internalblue/blob/master/android_bluetooth_stack/README.md.
am i missing something here?
Hello @francozappa,
Which plugin(s) (standard/legacy, btbb/btbredr) are you using to dissect the LMP packets? I can see only Ethernet II frames (Wireshark 2.6.8, Ubuntu 18.04) and I get an error while launching Wireshark.
Optionally install the LMP dissection plugin and our LMP coloring rules to easily follow the packet capture. I was able to install using Wireshark v2.6.10
The error:
btbb.so: undefined symbol: new_create_dissector_handle
I know it's not an error related to this project, but could you please share your modifications? Thanks a lot.,
Sam
Hi,
I'm wondering if my Bluetooth Classic device is vulnerable or not and if I could brute force and validate the low entropy E0 key. I got the packets below by using internalblue
and the command monitor lmp start
.
I got a LMP_encryption_key_size
packet with a defined key size of 1 byte.
No. Time Source Destination Protocol Length Info
379 -12.825905 controller aa:bb:cc:dd LMP 64 LMP_encryption_key_size_req
Frame 379: 64 bytes on wire (512 bits), 64 bytes captured (512 bits) on interface 0
Bluetooth
Bluetooth HCI H4
Bluetooth H4 Serial Broadcom Vendor Specific
Clock: 0x00000000
Remote MAC Address: aa:bb:cc:dd
Payload Header
.... ..11 = LLID: LMP message (ACL-C) (0x3)
.... .0.. = Flow: False
0001 0... = Length: 2
Bluetooth Link Manager Protocol
0 = TID: transaction initiated by master
0010 000. = Opcode: LMP_encryption_key_size_req (16)
Key Size: 1
Then, I got a LMP_accepted
packet, a LMP_start_encryption_req
and again a LMP_accepted
. Can I assume that the device is vulnerable?
Then, I would like to validate the entropy of the key with your code. I'm not able to find the value for the variable Kl
(the Wireshark filter doesn't display any packet).
btbrlmp.op == 11
--> 716c98e8c4be05e6dc0fa09c8598a6f7
LMP_sres
--> 24d9d395
btbrlmp.op == 17
--> 422e33c9efac7ac8e7c1c4978b5711e2
LMP_sres
--> 3f20daf7
Apart from the values above, do I have to modify something else?
Thanks in advance,
Sam
When I run "make bf", it seems to hang or be waiting for input after "BEGIN: 198775, END: 218775, KS_BYTES: 400", so my output initially looks like this:
make bf
python2 bf.py
2023-05-10 14:39:13,259 root WARNING attack Assuming FEC and whitening already computed by Ubertooth
2023-05-10 14:39:13,259 root INFO attack BTADDR_M : bytearray(b'\xcc\xfa\x00p\xdc\xb6')
2023-05-10 14:39:13,259 root INFO attack start lmp and hci iblue monitors: sudo ubertooth-rx -l 70dcb6 -u 00 -r nexus.pcap
2023-05-10 14:39:13,259 root INFO attack BTADDR_S : bytearray(b'\x82\x9ff\x9b\xda$')
2023-05-10 14:39:13,259 root INFO attack Kl : bytearray(b"\xd5\xf2\x07D\xc0]\x08`\x1d(\xfa\x1d\xd7\x9c\xdc\'")
2023-05-10 14:39:13,259 root INFO attack AU_RAND : 722e6ecd32ed43b7f3cdbdc2100ff6e0
2023-05-10 14:39:13,286 root INFO attack SRES : bytearray(b'\xb0\xa3\xf4\x1f')
2023-05-10 14:39:13,286 root INFO attack R_SRES : bytearray(b'\xb0\xa3\xf4\x1f')
2023-05-10 14:39:13,286 root INFO attack ACO = COF: bytearray(b'\x1c\xe4\xf9Bm\xc2\xbc\x11\x04r\xd6\x8e')
2023-05-10 14:39:13,286 root INFO attack ACO = COF: 1ce4f9426dc2bc110472d68e
2023-05-10 14:39:13,286 root INFO attack EN_RAND : d72fb4217dcdc3145056ba488bea9076
2023-05-10 14:39:13,310 root INFO attack Kc : bytearray(b"\xa3\xfc\xce\xf2*\xd2#,z\xcb\x01\xe9\xb9\xedg\'")
2023-05-10 14:39:13,310 root INFO attack Kc : a3fccef22ad2232c7acb01e9b9ed6727
2023-05-10 14:39:13,383 root INFO attack Kc_prime : bytearray(b'\x7f\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff'), entropy: 1 Byte
2023-05-10 14:39:13,383 root INFO attack Kc_prime : 7fffffffffffffffffffffffffffffff, entropy: 1 Byte
Make sure to make e0 with correct Kc_prime, and BTADDR_M
BEGIN: 198775, END: 218775, KS_BYTES: 400
If I wait for a bit and then hit ctrl-c or enter, I get:
2023-05-10 14:44:16,702 root INFO attack # BEGIN bruteforce : CT6-RCLK-KS400-198775-218775.bf
2023-05-10 14:44:16,702 root INFO attack 343 CT : ebad5675cf3a158575ecf90d0b842149364a5f85f69c9ac1d6c5442059dee18f1ba5af427b4ecd60eb6222902ceff0c78dd257a13da766b0753111489677f8e346e9abd09e5333d8ba980824cb3bfc71a3f45568cfa9196c5d4c0492e51dfeb851fa2ab4e7d40cb62e2602c9f20e7fdc287d15da736a065b1713816479873f6e94be0aed393583ad8b8940b2bcc31f374a5f85f69c9ac1d6c5442059dee18f1ba5af427b4ecd60eb6222902ceff0c78dd257a13da766b0753111489677f8e346e9abd09e5333d8ba980824cb3bfc71a3f45568cfa9196c5d4c0492e51dfeb851fa2ab4e7d40cb62e2602c9f20e7fdc287d15da736a065b1713816479873f6e94be0aed393583ad8b8940b2bcc31f374a5f85f69c9ac1d6c5442059dee18f1ba5af427b4ecd60eb6222902ceff0c78dd257a13da766b0753111489677f8e346e9abd09e5333d8ba980824cb3bfc71a3f45568cfa9196c5d
2023-05-10 14:44:16,702 root INFO
2023-05-10 14:44:16,702 root INFO PATTERNS: {'cccc': 'cccc', 'f_i_l_e': 'f\x00i\x00l\x00e', 'L2CAP1_R': '\x00\x01\x00\x08', 'L2CAP1_TR': '\x00I\x00\x03', 'image': 'image', 'L2CAP3': '\n\x00\x01\x00', 'bbbb': 'bbbb', 'L2CAP1_T': '\x03\x00I\x00', 'aaaa': 'aaaa', 'dddd': 'dddd', 'L2CAP1': '\x08\x00\x01\x00', 'L2CAP2': '\x0c\x00\x01\x00', 'L2CAP2_R': '\x00\x01\x00\x0c', 'jpeg': 'jpeg', 'j_p_e_g': '\x06a\x00p\x00e\x00g', 'L2CAP3_R': '\x00\x01\x00\n'}
Traceback (most recent call last):
File "bf.py", line 211, in <module>
p = Popen(ARGS, stdout=PIPE)
File "/usr/lib/python2.7/subprocess.py", line 394, in __init__
errread, errwrite)
File "/usr/lib/python2.7/subprocess.py", line 1047, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory
make: *** [Makefile:4: bf] Error 1
"CT6-RCLK-KS400-198775-218775.bf" is in the folder just fine, so I'm wondering if the file it can't find is the "nexus.pcap", in reference to the attack start lmp and hci iblue monitors: sudo ubertooth-rx -l 70dcb6 -u 00 -r nexus.pcap
line?
(I tried cp ../poc-internalblue/sample-nexmaster-galaxys9slave.pcapng nexus.pcap
but that didn't help)
Note: I don't seem to see any errors with "make tests" (if that was supposed to create the pcap or something.)
Ciao, innanzitutto volevo farti i miei complimenti per questo lavoro, è davvero interessante ed utile!
Stavo provando a riprodurre il codice utilizzando uno Z3 Compact che da quanto ho capito dalla documentazione di Internalblue dovrebbe avere lo stesso chip bluetooth del Nexus 5.
Per ora non riesco ancora a far funzionare correttamente Internalblue (il bluetooth crasha quando cerco di fare una accoppiamento con un altro dispositivo).
Quello che però non mi è chiaro leggendo il paper e la documentazione del repo è se il bluetooth sniffer (Ubertooth) è necessario per manipolare la procedura di negoziazione dell'entropia per la chiave K'c.
Inoltre non mi è chiaro se sia o meno possibile, una volta trovata forzata la chiave, recuperare i pacchetti trasferiti direttamente da Wireshark utilizzando Internalblue sul dispositivo modificato (Nexus 5 - Z3 Compact) e leggendo il log "btsnoop_hci.log".
Mi scuso per le domande, forse banali, e per l'inglese orribile con cui tradurrò questo messaggio per il resto della community.
Grazie e buona giornata!
Alessandro
(ENG)
Hi, first of all congrats for this useful research, it's really interesting!
I was trying to reproduce your code using a Z3 Compact that should share the same bluetooth chip of the Nexus 5 (i found this information on the Internalblue repo).
For now I can't get Internalblue to work properly (bluetooth crashes when I try to pair with another device).
What is not clear to me, after reading your paper and the documentation of the repo, is whether the bluetooth sniffer (Ubertooth) is necessary to manipulate the entropy negotiation procedure for the K'c key or not.
Furthermore, it is not clear to me whether or not it is possible, once the key has been forced, to recover the packets transferred directly from Wireshark using Internalblue on the modified device (Nexus 5 - Z3 Compact) and reading them the log file "btsnoop_hci.log".
I apologize for the trivial questions and for the horrible English with which I will translate this message for the rest of the community.
Thank you and have a good day!
Alessandro
I'm trying to use this PoC on a Nexus 6p on Android 8.1.0. I installed the custom BT stack from seemoo-lab here: https://github.com/seemoo-lab/internalblue/tree/master/android_bluetooth_stack/android8_1_0
I then installed internalblue from this repo. I am able to run internalblue and get a command prompt:
However, when I try to start monitoring LMP:
It fails with the following:
[CRITICAL] Uncaught exception ('module' object has no attribute 'LMP_MONITOR_BUFFER_BASE_ADDRESS'). Abort.
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/cli.py", line 71, in commandLoop
if(not cmd_instance.work()):
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/cmds.py", line 420, in work
monitorController.startMonitor()
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/cmds.py", line 339, in startLmpMonitor
self.internalblue.startLmpMonitor(self._callback)
File "/usr/local/lib/python2.7/dist-packages/internalblue-0.1-py2.7.egg/internalblue/core.py", line 619, in startLmpMonitor
log.info('LMP_MONITOR_BUFFER_BASE_ADDRESS: {0:#x}'.format(fw.LMP_MONITOR_BUFFER_BASE_ADDRESS))
AttributeError: 'module' object has no attribute 'LMP_MONITOR_BUFFER_BASE_ADDRESS'
Any suggestions?
Hello,
I am trying to understand what the output of the brute force script is. As far as I understand, in the terminal output it shows what pattern it was able to decrypt from the ciphertexts in the cts.py file with the brute forced key:
2021-02-01 16:31:57,580 root INFO attack i: 208655, off: 24, CLK_HEX: 032f0f, MATCH jpeg 'jpeg' at [301]).
If I check the .bf file after the script is finished, i can find the corresponding lines:
What does “CLK”, “off” and “out” of the .bf file displays? And is there a way to get the actual brute forced key and the decrypted messages?
Thank you in advance
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.