Abstract
Seven years after MouseJack, Marc set out to hack some more peripherals. Gaming-keyboards looked fun, but were hilariously bad, so he looked to Apple's Magic Keyboard for a challenge. One question led to another, and he was soon reporting unauthenticated Bluetooth keystroke-injection vulnerabilities in macOS, iOS, Android, Linux, and Windows, along with link-key-extraction vulnerabilities in popular computers and peripherals.
We'll look at the progression of research and decisions that were made, the vulnerabilities themselves, and the realities of a complex, multi-vendor disclosure. We'll conclude with tools, demos, and some reflection on what we can learn from this dumpster-fire.
#MouseJack #KeyboardSecurity #BluetoothVulnerabilities #CyberSecurityResearch
Know more - nullcon.net/berlin-2024/speak...
-----------------
Follow Nullcon on Facebook: / nullcon
X: / nullcon
LinkedIn: / posts
Website: nullcon.net/
4 май 2024
