HITB LAB

A Practical Introduction to Bluetooth Low Energy Security

November 18th @ 18:00 - 20:00 (GMT +4) // Track 3 @ HITB Labs

All

Skill Level

100

MAX CAPACITY

2:00h

Duration

Zoom

DELIVERY

OVERVIEW

Bluetooth Low Energy is one of the most widespread and rapidly growing IoT technologies. An average person may even encounter hundreds various BLE devices during the day. Unfortunately, vast majority of these is affected by various security issues. Alarming vulnerabilities – not only in BLE toothbrushes or dildos, but also smart locks, medical devices and banking tokens – are revealed on a daily basis. And yet, the knowledge on how to comprehensively assess them seems uncommon.

In this lab you will get familiar with the very basics of BLE and its (in)security. You will however leave surprised – how many devices it is possible to “hack” using such simple techniques. Following a short introduction, we will dive straight into hands-on practical exercises. How is that possible – wireless hardware security lab delivered as virtual session? The secret recipe lies in specially designed software – which on the radio layer works exactly as real BLE device. Hence no special hardware required: you will only need a typical Windows 10 laptop and (preferably Android) phone. Based on the simulated device, you will grasp BLE basics, then possible to apply easily to real ones.

TOPICS COVERED

Introduction to BLE tech

  • Packet formats and understanding raw byte
    beacons
  • iPhone BLE broadcast packets leaking phone number
  • COVID-19 “exposure notification” (contact tracing)
  • Spoofing devices
  • GATT services and characteristics
  • Wait, is there a pairing or not?
  • How to “hack” the simplest devices using just a phone (BLE dildo demo)
  • Is it really so easy to hack smart locks?

Want to learn more? Further reading, exercises, references and more

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

SPEAKERS

Founder, smartlockpicking.com

Slawomir Jasek

Speaker, trainer and IT security consultant with over 15 years of experience. Participated in countless assessments of systems’ and applications’ security for leading financial companies, public institutions and cutting edge tech startups. Currently leads research on various topics in Polish software security company SecuRing and provides trainings regarding security of contemporary locks and access control systems (www.smartlockpicking.com). Beside research and training, he focuses on consulting and designing of secure solutions for various software and hardware projects, during all phases – starting from a scratch.

Previously gave talks, workshops or trainings at HackInTheBox Amsterdam, HITB Cyberweek, BlackHat USA, HackInParis, multiple Appsec EU, Deepsec, BruCON, Confidence, Devoxx and many other events.

Ready To HACK?