Showing posts from January, 2020

Some IoT Pentesting hints -- keep on update

A. Collect the information about the device sheets      ii.product features      iii.installation guide and user manual download from the vendor      website or use google dorks to get the data B. as per device name and model number or hardware information check for publicly  available exploits -exploit db , or exploit search engines u seful search engines for the exploits      There are special search engines for IoT which helps us to find the more insecure devices which is publicly available        i. shodan        ii. censys        iii.zoomeye        iv. onphye C. Making a detailed list     i. Write all features list of the device     ii. Make list publicly available exploits     iii.Start making your own method to pentest it -      before that understand device more clearly D. Common approach for the IoT Pentesting Methodo

Bluetooth Pentesting guide 101

Just interesting in daily life that we cant see properly called signals that we can't see with our own eyes but devices can do there many wireless communication are there like Wireless Communication protocols in IoT:  wifi (wireless fidelity)  bluetooth   zigbee  zwave   LoRA  GSM But let's get into the topic Mostly relevant  Vulnerabilities in Bluetooth:  Authentication and authorization issues  MiTM  DoS  MAC Spoofing  PIN Cracking  Brute force In android Bluetooth mostly we will get this type vulnerability:  RCE        Remote code Execution  EoP        Elevation of Privilege  ID         Information Disclosure  DoS        Denial of Service  PAIR       Pairing without Auth In major level:   Hardware  Memory Leakage    Well same procedure what we scan the surrounding devices and start attacks from the write-ups available in google Let’s see little difference right now we need to know how Bluetooth works Lets start with Required insta