![]() Dr Cockroach on Passionate Hams Make Their Mark On The Hack Chat.mrehorst on A 489 Megapixel Camera For Not A Lot.ono on A Ride-On Picnic Table For Those Idylic Summer Evenings.Yet another bruce on Do Not Attempt Disassembly: Analog Wizardry In A 1960s Counter.Joshua on Spy Tech: Unshredding Documents.Foldi-One on Siphoning Energy From Power Lines. ![]() The Commenter Formerly Known As Ren on Passionate Hams Make Their Mark On The Hack Chat.karl lambley on What Do You Want In A Programming Assistant?.Hackaday Podcast 222: VCF East Special Edition No comments Posted in hardware, Wearable Hacks Tagged android, bluetooth, embedded security, exploit, nike Post navigation If you want to try the exploit yourself, wrote an Android app which he posted up on GitHub. He discovered that he could send the device into bootloader mode, configure the RTC, and even read/write the first 65k of memory over the Bluetooth interface–not something you typically want to expose, especially with a broken authentication mechanism. The authenticator requires the connecting device to know both a pin code and a nonce, but in reality the authentication algorithm just checks for a hard-coded token of 0xff 0xff 0xff 0xff 0xff 0xff rendering the whole authentication process ineffective.Īfter he authenticated with the Fuelband, started trying various commands to see what he could control over the Bluetooth interface. After reading through the source, he discovered that the authentication method was completely ineffective. He converted the APK to a JAR and then used JD-Gui to read the Java source code of the app. started with the official Nike app for the Fuelband. found that the authentication system of the Fuelband can be easily bypassed and discovered that some low-level functions (such as arbitrarily reading and writing to memory) are completely exposed to the end user or anyone else who hacks past the authentication process. Was trying to reverse-engineer the Bluetooth protocol of his Nike+ Fuelband and made some surprising discoveries.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |