DEF CON 30 - Jose Pico, Fernando Perera - Wireless Keystroke Injection via Bluetooth Low Energy

Jose Pico, Fernando Perera DEF CON

37:07

0 views

Published October 20, 2022

About this talk

We present a Microsoft Windows vulnerability that allows a remote attacker to impersonate a Bluetooth Low Energy (BLE) keyboard and perform Wireless Key Injection (WKI) on its behalf. It can occur after a legitimate BLE keyboard automatically closes its connection because of inactivity. In that situation, an attacker can impersonate it and wirelessly send keys. In this talk we will demonstrate the attack live and we will explain the theoretical basis behind it and the process that led us to discover the vulnerability. We will also release the tool that allows to reproduce the attack and we will detail how to use it.

Topics covered

Bluetooth Low Energy (BLE)

Wireless Key Injection

Microsoft Windows

0-day vulnerability

Keystroke Injection

Stay Updated

Get notified about new features and conference additions.

Related Talks

Video thumbnail not available

The Art of Code - Dylan Beattie

Dylan Beattie

NDC Conferences

4,796,409 views

February 26 2020

Video thumbnail not available

What the heck is the event loop anyway? | Philip Roberts | JSConf EU

Philip Roberts

3,551,387 views

October 9 2014

Video thumbnail not available

Expert Talk: DevOps & Software Architecture • Simon Brown, Dave Farley & Hannes Lowette • GOTO 2021

Simon Brown, Dave Farley & Hannes Lowette

GOTO Conferences

3,109,641 views

February 15 2022

DEF CON 30 - Jose Pico, Fernando Perera - Wireless Keystroke Injection via Bluetooth Low Energy by Jose Pico, Fernando Perera | conf.directory | conf.directory