crackle – Crack Bluetooth Smart Encryption (BLE)

Keep on Guard!

crackle is a tool to crack Bluetooth Smart Encryption (BLE), it exploits a flaw in the pairing mechanism that leaves all communications vulnerable to decryption by passive eavesdroppers.

crackle - Crack Bluetooth Smart Encryption (BLE)

crackle can guess or very quickly brute force the TK (temporary key) used in the pairing modes supported by most devices (Just Works and 6-digit PIN). With this TK, crackle can derive all further keys used during the encrypted session that immediately follows pairing.

The LTK (long-term key) is typically exchanged in this encrypted session, and it is the key used to encrypt all future communications between the master and slave. The net result: a passive eavesdropper can decrypt everything. Bluetooth Smart encryption is worthless.

Modes of Operation

Crack TK

This is the default mode used when providing crackle with an input file using -i.

In Crack TK mode, crackle brute forces the TK used during a BLE pairing event. crackle exploits the fact that the TK in Just Works(tm) and 6-digit PIN is a value in the range [0,999999] padded to 128 bits.

Decrypt with LTK

In Decrypt with LTK mode, crackle uses a user-supplied LTK to decrypt communications between a master and slave. This mode is identical to the decryption portion of Crack TK mode.


You can download crackle here:

Or read more here.

Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking

, , , , , , , , ,

Recent in Exploits/Vulnerabilities:
- PowerMemory – Exploit Windows Credentials In Memory
- HashPump – Exploit Hash Length Extension Attack
- Kadimus – LFI Scanner & Exploitation Tool

Related Posts:

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 237,810 views
- AJAX: Is your application secure enough? - 120,592 views
- eEye Launches 0-Day Exploit Tracker - 86,160 views

Comments are closed.