Posts

Showing posts from January, 2020

Some IoT Pentesting hints -- keep on update

A. Collect the information about the device      i.data sheets      ii.product features      iii.installation guide and user manual download from the vendor      website or use google dorks to get the data B. as per device name and model number or hardware information check for publicly  available exploits -exploit db , or exploit search engines u seful search engines for the exploits      https://sploitus.com/      https://vulmon.com/      http://www.exploitsearch.com/      https://www.nmmapper.com/searchindex/s/      There are special search engines for IoT which helps us to find the more insecure devices which is publicly available        i. shodan        ii. censys        iii.zoomeye        iv. onphye C. Making a detailed list     i. Write all...

Bluetooth Pentesting guide 101

Image
Just interesting in daily life that we cant see properly called signals that we can't see with our own eyes but devices can do there many wireless communication are there like Wireless Communication protocols in IoT:  wifi (wireless fidelity)  bluetooth   zigbee  zwave   LoRA  GSM But let's get into the topic Mostly relevant  Vulnerabilities in Bluetooth:  Authentication and authorization issues  MiTM  DoS  MAC Spoofing  PIN Cracking  Brute force In android Bluetooth mostly we will get this type vulnerability:  RCE        Remote code Execution  EoP        Elevation of Privilege  ID         Information Disclosure  DoS        Denial of Service  PAIR       Pairing without Auth In major level:   Hardware  Memory Leakage  ...