[email protected]:~# bluetoothctl [NEW ] Controller EE:EE:EE:EE:EE:EE [default] [bluetooth]# power on [CHG ] Controller EE:EE:EE:EE:EE:EE Class: 0x300100 Changing power on succeeded [CHG ] Controller EE:EE:EE:EE:EE:EE Powered: yes [bluetooth]# pairable on Changing pairable on succeeded [bluetooth]# scan on Discovery started [CHG ] Controller EE:EE:EE:EE:EE:EE Discovering: yes [bluetooth]# random: nonblocking pool is initialized [NEW ] Device B8:6C:E8:60:C0:8F Galaxy S9 [NEW ] Device 74:68:75:2E:67:67 thug0 [bluetooth]# scan off [CHG ] Device 74:68:75:2E:67:67 RSSI is nil [CHG ] Device B8:6C:E8:60:C0:8F RSSI is nil [CHG ] Controller EE:EE:EE:EE:EE:EE Discovering: no Discovery stopped [bluetooth]# pair 74:68:75:2E:67:67 Attempting to pair with 74:68:75:2E:67:67 [CHG ] Device 74:68:75:2E:67:67 Connected: yes [CHG ] Device 74:68:75:2E:67:67 UUIDs: 00001105-0000-1000-8000-00805f9b34fb [CHG ] Device 74:68:75:2E:67:67 UUIDs: 0000110a-0000-1000-8000-00805f9b34fb [CHG ] Device 74:68:75:2E:67:67 UUIDs: 0000110c-0000-1000-8000-00805f9b34fb [CHG ] Device 74:68:75:2E:67:67 UUIDs: 0000111f-0000-1000-8000-00805f9b34fb [CHG ] Device 74:68:75:2E:67:67 Paired: yes Pairing successful [CHG ] Device 74:68:75:2E:67:67 Connected: no [bluetooth]# trust 74:68:75:2E:67:67 [CHG ] Device 74:68:75:2E:67:67 Trusted: yes Changing 74:68:75:2E:67:67 trust succeeded [bluetooth]# info 74:68:75:2E:67:67Device 74:68:75:2E:67:67Name: thug0Alias: TwitchViewbotClass: 0x5d253f98Icon: phonePaired: yesTrusted: yesBlocked: noConnected: noLegacyPairing: noUUID: OBEX Object Push (00001105-0000-1000-8000-00805f9b34fb)UUID: Audio Source (0000110a-0000-1000-8000-00805f9b34fb)UUID: A/V Remote Control Target (0000110c-0000-1000-8000-00805f9b34fb)UUID: Handsfree Audio Gateway (0000111f-0000-1000-8000-00805f9b34fb) [bluetooth]# quit [DEL ] Controller EE:EE:EE:EE:EE:EE [default] [email protected]:~# DBUS_SESSION_BUS_ADDRESS=unix:path=/var/run/dbus/system_bus_socket obexctl [NEW ] Client /org/bluez/obex [obex]# connect 74:68:75:2E:67:67 Attempting to connect to 74:68:75:2E:67:67 [NEW ] Session /org/bluez/obex/client/session0 [default] [NEW ] ObjectPush /org/bluez/obex/client/session0 Connection successful [74:68:75:2E:67:67]# send /dev/shm/.thugkit0/20190709.apk Attempting to send /dev/shm/.thugkit0/20190709.apk to /org/bluez/obex/client/session0 [NEW ] Transfer /org/bluez/obex/client/session0/transfer0 Transfer /org/bluez/obex/client/session0/transfer0 Status: queued Name: 20190709.apk Size: 42000 Filename: /dev/shm/.thugkit0/20190709.apk Session: /org/bluez/obex/client/session0 [CHG ] Transfer /org/bluez/obex/client/session0/transfer0 Status: complete [DEL ] Transfer /org/bluez/obex/client/session0/transfer0 ^C [email protected]:~# apktool d 20190709.apk [email protected]:~# cat 20190709/NOTES.NFO ┌─────────────────────┐ ┌────────────────────┐ │ │ │ │ │ ┌───────┐ │ │ ┌─────────┐ │ ┌─────┐ │ │ ┌─┐┌─┼─┐ ┌──┐ ┌────┐ │ │ ┌───┐ │ │ │┌──┐ │┌────┐ ┌─┐ │┌─┐┌─┼──┼─┘│┌┼─┼─┐┌─┼──┼─┐│┌───┼─┐┌┼┐ ┌─┐ ┌┼┐┌─┼──┐│ │ │ │└──┼─┼┼────┘ │ │┌─┐ ││ ││┌┼──┘ │││ │ ││┌┼──┼─┼┼┼───┼┐││││ │ │ ││││┌┼──┼┼┐│ │ │ │ │└──┐┌┐ │ ││ │ ││ ││││ │││ └─┘││││ │ │││ ││││││ │ │ ││││││ ││││ │ │ │ │ │││ │ ││ │ ││ ││││ │││ │└┼│─┼─┘││ ││││││ │ │ ││││││ ││││ │ │ │ │ │└┼──┼─┘│ │ ││ ││││ ┌─┐│││ │┌┼│─┼─┐││ ││││││ │ │ ││││││ ││││ │ │ │ │ │ │ │┌┐│ │ ││ ││││ │ ││││ ││││ │ │││ ││││││ │ │ ││││││ ││││ │ │ │ │ │ │ ││││ │┌┘│ ││└┼──┼┐││││ ┌─┐││││ │ ││└───┼┘│└┼┼─┼─┼──┼┼┘│└┼──┼┘││ │ │ └─┘ └─┘ └┼┘└─┼┼─┼─┘└─┼──┼┼┘│└┼─┼─┘└┼┘│ └─┘└────┼─┘ └┼─┼─┼──┼┘ └─┼──┼─┘│ │ │ └───┘└┐└────┼──┘│ └─┘ └───┘ │ └────┘ │ └──┘ │ └──┘ │ │ │ └───┘ │ └─────────┘ │ │ │ │ │ └─────────────────────┘ └──────────────────────────────────┘ ┌─────────────────────┐ 20190709 - hackgnar ┌──────────────────────────────────┐ │ │ │ Tonight, we're talking to @hackgnar about hardware, wireless and BLECTF! │ │ │ ├── N E W S ───────────────────────────────────────────────────────────────────┤ │ ─ Zoom 0day │ │ ─ Canonical GitHub account hacked, Ubuntu source code safe │ │ ─ Archived Page │ │ ─ Top VPNs secretly owned by Chinese firms │ │ ─ Criminals Slurp $500,000 Through 7-Eleven Mobile Payment App │ │ ─ Microsoft Issues Warning For 50M Windows 10 Users │ │ ─ TN men use Bluetooth-enabled tablet to steal cars │ │ ─ Server image mystery in Georgia election security case │ │ ─ 'Silence' hit banks in Bangladesh, India, Sri Lanka, and Kyrgyzstan │ │ ─ Logitech wireless USB dongles vulnerable to new hijacking flaws │ │ ─ Calls for 'urgent' improvements in NHS cyber security presented to │ │ Parliament │ │ ─ After a Data Breach, British Airways Faces a Record Fine │ │ ─ Monero security flaw could've seen XMR stolen from crypto exchanges │ │ ─ Philadelphia Federal Credit Union customer accounts pilfered by fraudsters │ ├── A C T I O N ───────────────────────────────────────────────────────────────┤ │ ─ Petition for Google/Youtube regarding hacking video ban │ │ ─ Fight For the Future - BAN FACIAL RECOGNITION │ ├── G O O D R E A D S ─────────────────────────────────────────────────────────┤ │ ─ FBI Investigates Leak Of 1,000 Pages Of Top Secret Air Force Intelligence │ │ ─ YouTube's Ban of Hacking Videos Moves Us Closer to an Entertainment-only │ │ Public Sphere │ │ ─ Discord Spyware │ │ ─ Logitech Vulns Disclosed │ │ ─ Open Sesame! Zipato's smart hub hacked to open front doors │ ├── U S E F U L / P R O J E C T S ────────────────────────────────────────────┤ │ ─ How to enable DNS-over-HTTPS in Firefox │ │ ─ 2600: concentrationcamps.us │ │ ─ BXAQ/Fengcai APK │ │ ─ "A Better Zip Bomb" │ ├── C H E A T S ──────────────────────────────────────────────────────────────┤ │ ─ eternalrelayx.py — Non-Admin NTLM Relaying & ETERNALBLUE Exploitation │ ├── S A F A R I ──────────────────────────────────────────────────────────────┤ │ ─ [hermit] phpbb dork │ │ ─ [hermit] A whole lot of NOAA weather data │ │ ─ [hermit] WAMP Dork 1 │ │ ─ [hermit] WAMP Dork 2 │ │ ─ [leet_sauce] Toshiba: WAMP WAMP WAMP │ │ ─ [plazmaz] Crypto mining via jenkins jobs │ │ ─ [yuu] Small Business Community Award? │ │ ─ [yuu] Someone's subtle session hijack tool [WARNING: MALICIOUS] │ │ ─ [x0] hex-rays file transfer │ │ ─ [x0] "this defacement" │ │ ─ [x0] POC REGMEM │ ├──────────────────────────────────────────────────────────────────────────────┤ │ │ │ W E E K L Y M I X by @0katz │ │ │ └──────────────────────────────────────────────────────────────────────────────┘