crackle – Crack Bluetooth Smart Encryption (BLE)

Outsmart Malicious Hackers


crackle is a tool to crack Bluetooth Smart Encryption (BLE), it exploits a flaw in the pairing mechanism that leaves all communications vulnerable to decryption by passive eavesdroppers.

crackle - Crack Bluetooth Smart Encryption (BLE)

crackle can guess or very quickly brute force the TK (temporary key) used in the pairing modes supported by most devices (Just Works and 6-digit PIN). With this TK, crackle can derive all further keys used during the encrypted session that immediately follows pairing.

The LTK (long-term key) is typically exchanged in this encrypted session, and it is the key used to encrypt all future communications between the master and slave. The net result: a passive eavesdropper can decrypt everything. Bluetooth Smart encryption is worthless.

Modes of Operation

Crack TK

This is the default mode used when providing crackle with an input file using -i.

In Crack TK mode, crackle brute forces the TK used during a BLE pairing event. crackle exploits the fact that the TK in Just Works(tm) and 6-digit PIN is a value in the range [0,999999] padded to 128 bits.


Decrypt with LTK

In Decrypt with LTK mode, crackle uses a user-supplied LTK to decrypt communications between a master and slave. This mode is identical to the decryption portion of Crack TK mode.

Usage

You can download crackle here:

crackle-0.1.zip

Or read more here.


Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking

, , , , , , , , ,

Recent in Exploits/Vulnerabilities:
- Ubiquiti Wi-Fi Gear Hackable Via 1997 PHP Version
- Powerfuzzer – Automated Customizable Web Fuzzer
- Another MongoDB Hack Leaks Two Million Recordings Of Kids

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 237,492 views
- AJAX: Is your application secure enough? - 120,539 views
- eEye Launches 0-Day Exploit Tracker - 86,086 views


No comments yet.

Leave a Reply