DirtyTooth

Short description: Bluetooth profile exploit

DirtyTooth logo

DirtyTooth is a generic term for a feature in the Bluetooth profiles of an iPhone that may be exploited if the device is using an iOS version below 11.2. Android devices are not affected.

History

The first hack was reported on March 5, 2017, and was officially presented to the public at the RootedCon conference in August 2017 in Madrid, Spain and later at the ToorCon in San Diego.^[1]^[2]^[3]^[4] A research paper was published in 2017 using DirtyTooth with a real bluetooth speaker.^[5] In BlackHat Europe 2017 another demonstration was carried out, this time with a Raspberry Pi.^[6]

Overview

DirtyTooth is based on the way how Bluetooth notifies the user when it changes the profile. Some operating systems ask the user to accept the profile change but others like iOS, do not warn the user, changing automatically from one profile to another. Depending on the Bluetooth profile, it can provide different access levels to the services and the information located in the device. The DirtyTooth hack works impersonating the A2DP profile so that a user's iOS device connects, changing to a PBAP profile after pairing without having to enter a PIN if the device has Bluetooth version 2.1 or higher.

Affected hardware

The hack affected every iPhone from the 3G to the X, given that the smartphones were running any operating system below iOS version 11.2.

Impact

The data obtained exploiting the DirtyTooth hack may include personal and technical information about the user and the device.

Mitigation

This hack is resolved by updating the iPhone to iOS version 11.2 or higher.

References

↑ "DirtyTooth Hack: It´s only Rock'n Roll but I like it (I de V)". https://www.elladodelmal.com/2017/03/dirtytooth-hack-its-only-rockn-roll-but.html.
↑ "CHEMA ALONSO - DirtyTooth: It´s only Rock'n Roll, but I like it [Rooted CON 2017 - ENG"]. https://www.youtube.com/watch?v=xv9OtSBgWII.
↑ "Conference | ToorCon: San Diego". https://sandiego.toorcon.net/conference/#8.
↑ "[2017 ToorCon 19: Chema Alonso & Kevin Mitnick "DirtyTooth""]. https://www.youtube.com/watch?v=mKcHs_s7zM4.
↑ "DirtyTooth". March 3, 2017. https://www.slideshare.net/elevenpaths/dirtytooth.
↑ "Black Hat Europe 2017". https://www.blackhat.com/eu-17/arsenal/schedule/index.html#dirtytooth-for-raspberry-pi-dirtypi-9142.

External links

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/DirtyTooth. Read more

[1] "DirtyTooth Hack: It´s only Rock'n Roll but I like it (I de V)". https://www.elladodelmal.com/2017/03/dirtytooth-hack-its-only-rockn-roll-but.html.

[2] "CHEMA ALONSO - DirtyTooth: It´s only Rock'n Roll, but I like it [Rooted CON 2017 - ENG"]. https://www.youtube.com/watch?v=xv9OtSBgWII.

[3] "Conference | ToorCon: San Diego". https://sandiego.toorcon.net/conference/#8.

[4] "[2017 ToorCon 19: Chema Alonso & Kevin Mitnick "DirtyTooth""]. https://www.youtube.com/watch?v=mKcHs_s7zM4.

[5] "DirtyTooth". March 3, 2017. https://www.slideshare.net/elevenpaths/dirtytooth.

[6] "Black Hat Europe 2017". https://www.blackhat.com/eu-17/arsenal/schedule/index.html#dirtytooth-for-raspberry-pi-dirtypi-9142.

[1]

[2]

[3]

[4]

[5]

[6]

Anonymous

Search

DirtyTooth

Namespaces

More

Page actions

Contents

History

Overview

Affected hardware

Impact

Mitigation

References

External links

Navigation

Navigation

Help

Translate

Wiki tools

Wiki tools

Anonymous

Search

DirtyTooth

History

Overview

Affected hardware

Impact

Mitigation

References

External links

Navigation

Wiki tools

Page tools

Other projects

Categories