Headphone Jacking: A Key to Your Phone скачать в хорошем качестве

Headphone Jacking: A Key to Your Phone

R0 0815 Bluetooth headphones are everywhere, and we were wondering what we can do with them if we hack them? Sure, we can probably do things like finding out what the person is listening to. But what else? During our research we discovered three vulnerabilities in popular Bluetooth audio SoCs by Airoha that are used by many popular device manufacturers. These vulnerabilities may cause a complete device compromise. We demonstrate the immediate impact using a pair of current-generation headphones. Finally, we show how a compromised Bluetooth peripheral can be abused to attack paired devices due to their trust relationship with the peripheral. Dennis Heinze Dennis Heinze is a Security Researcher and Penetration Tester at ERNW Enno Rey Netzwerke GmbH. He earned his Master’s degree in IT-Security at TU Darmstadt with a focus on network and system security. In the past, he published research on the Bluetooth technology in the Apple ecosystem with on the analysis and security of Bluetooth protocol implementations. Other work included the research into the security properties of Bluetooth Auracast. In his work at ERNW, the focus of his work is on pentesting mobile and embedded devices as well as their communication and back end systems. Julian Suleder Julian Suleder is a Senior Security Researcher and Penetration Tester at ERNW Enno Rey Netzwerke GmbH. His special research interest is the security of medical devices, communication standards and environments and leads ERNW’s vulnerability disclosure efforts, ensuring that identified security issues are handled transparently in close coordination with affected vendors and the wider security community in order to make the world a safer place. Frieder Steinmetz Frieder Steinmetz earned his Master’s degree on the security of embedded and cyber-physical devices from the Technical University of Hamburg. He has a background in cryptography, published work on the security of encrypted messaging protocols and malicious USB devices and Bluetooth security. He works as Senior Security Analyst at ERNW Enno Rey Netzwerke GmbH. His work focuses on pentesting mobile and embedded devices, as well as their back-end communication and infrastructure. He regularly gives Trainings on subjects such as IoT, RFID/NFC Hacking, web application pentesting and communications security.