Dark Mode

Settings

Capec-666 Detail

BlueSmacking

Standard Communications Software Likelihood: Medium Typical Severity: Medium

Parents: 125

Description

An adversary uses Bluetooth flooding to transfer large packets to Bluetooth enabled devices over the L2CAP protocol with the goal of creating a DoS. This attack must be carried out within close proximity to a Bluetooth enabled device.

Not present

External ID Source Link Description
CAPEC-666 capec https://capec.mitre.org/data/definitions/666.html
CWE-404 cwe http://cwe.mitre.org/data/definitions/404.html
T1498.001 ATTACK https://attack.mitre.org/wiki/Technique/T1498/001 Network Denial of Service: Direct Network Flood
T1499.001 ATTACK https://attack.mitre.org/wiki/Technique/T1499/001 Endpoint Denial of Service: OS Exhaustion Flood
REF-655 reference_from_CAPEC https://www.thesecuritybuddy.com/bluetooth-security/what-is-bluesmack-attack/ Amrita Mitra, What is BlueSmack Attack?, 2017--03---08, The Security Buddy
Explore

  1. Scan for Bluetooth Enabled Devices: Using BlueZ along with an antenna, an adversary searches for devices with Bluetooth on.

    2. Techniques
    Note the MAC address of the device you want to attack.
Experiment

  1. Change L2CAP Packet Length: The adversary must change the L2CAP packet length to create packets that will overwhelm a Bluetooth enabled device.

    2. Techniques
    An adversary downloads and installs BlueZ, the standard Bluetooth utility package for Linux.
Exploit

  1. Flood: An adversary sends the packets to the target device, and floods it until performance is degraded.

  1. The system/application has Bluetooth enabled.

Not present

Low
An adversary only needs a Linux machine along with a Bluetooth adapter, which is extremely common.
Availability
Unreliable Execution
Resource Consumption

Not present

We use cookies to ensure you get the best experience on our website.