Some attacks for devices which may be sent some prompt through bluetooth causing some phones to fail due to BLE Spam. In this instance of attack, a device with bluetooth on has no choice but to receive the prompt over and over.
The Flipper Zero, for example, has the following options:
- to control a device like a mouse
- slideshow control device
- send BadUSB keystrokes through bluetooth
But before these types of attacks, there must be a bluetooth connection first made. Is there an attack vector used to connect the bluetooth to perform these attacks?
What are some vectors of attack (if at all) for Flipper Zero or bluetooth in general?
You need to convince the person you want to attack to connect to your device, or to do so when they are not looking. Social engineering isn’t just about getting someone to do something consciously, it’s also about being able to manipulate the victim into thinking they’re doing something they want, in addition to doing what you want them to do. And the BAD USB stuff works as soon as you plug it in. Not all of them, but a lot of them.