I Tried Hacking a Bluetooth Speaker... (and failed...)

3 роки тому

NOTE: This video was made for educational purposes only. All activities shown in this video are demonstrated for educational and informative learning.
I finally got around to infecting a bluetooth speaker with Dee Boo Dah. This time I work on building a program or method which allows me to hijack the current bluetooth session and send my own music through the stream. I failed my initial attempt, but was able to force my way into the speaker.
📝 Resources Mentioned:
(Video Idea Inspiration): Bluetooth Speakers flaw lets hackers hijack speakers: www.comparitech.com/blog/vpn-...
BlueZ and A2DP Play with PulseAudio Server: variwiki.com/index.php?title=...
Getting Started with Raspberry Pi 4: crosstalksolutions.com/gettin...
PACTL Man Page: linux.die.net/man/1/pactl
BTProxy Open Source Tool: github.com/conorpp/btproxy
Internal Blue: github.com/seemoo-lab/interna...
💻 Gear Used:
Raspberry Pi 3B+ Starter Kit: amzn.to/3p2STXG
JBL Flip 4: amzn.to/3muD1eT
❓ Interested in cybersecurity, but don't know where to start? Take a look at this newly released course which helps you get started in cybersecurity: www.cybercademy.org/course
💻 Wondering if Cybersecurity is Right for You? Take the Quiz and Find Out: cybercademy.org/quiz/
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cyberinternacademy.com
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
#deeboodah

КОМЕНТАРІ: 323

@Jibay442 3 роки тому

-Hacker : "How to hack a bluetooth speaker" -Normal people : just ask the Guy to change the music"

@Washingtub-senpai 3 роки тому

What if the guy is an a**hole?

@Washingtub-senpai 3 роки тому

What if the guy is an a**hole?

@nataliemartinez4033 2 роки тому

Nahh

@falseloop 2 роки тому

Social Engineering bro LMAO

@JohnSmith-ze6jm 2 роки тому

Yeah… Trust me, it doesn’t go down well… Normal person approach won’t get you kicked out of a friendship group lol

@thomasfields2082 3 роки тому

Stack overflow here we go. Classic and true.

@twisstedtoast 8 місяців тому

we have the same pfp :D

@533watts Рік тому

In high-school I learned how to crack WEB encrypted wifi networks. It was a fun learning experience but WPA had came out and that was much harder that I never succeeded. Kudos to your learning journey

@adihacks3755 3 роки тому

Bro nice work ... lots of effort u have to put in these kind of t congo

@pauraspatil9314 3 роки тому

Creativity at its peak!! Awesome work man:)

@israelaldaba46 Рік тому

hpw can someone hack a bluetooth🤔🤔🤔

@israelaldaba46 Рік тому

okay nvr mind got it took me cuple of minute

@electrowizard2658 Рік тому

@@israelaldaba46 he didnt hacked it just connected

@sunil5656 3 роки тому

Salute to your creativity and effort.

@bran_rx 9 місяців тому

So basically you need a speaker that can connect to 2 or more devices at the same time.

@justchecking2470 2 роки тому

your narrative in the beginning is very fun 😁

@suhaniagrahari1601 3 роки тому

Hlw grant... Nice work bro... Keep going...❤️

@cacadriv 2 роки тому

This might work for a time frame of 3 minutes unless the speaker is modified to be in discovery mode indefinitely.

@enzoduvernay4540 2 роки тому

Finally a way to be in peace when doing a picnic and replace these crappy musics with an og rickroll 😂

@zz-xz2lt 2 роки тому

My friend purchased a Dindinmodern speaker that has lights and loud sound. It seems equally good. I think I will purchase one

@vaguebrownfox 2 роки тому

It'd be impressive if you could write a script to handle bluetoothctl; It's fine I guess, thanks for all the sources in the description.

@rababaakar4365 3 роки тому

Nice work bro 👍🏻💪🏻💪🏻💪🏻💪🏻💪🏻

@smhaseeb 3 роки тому

Can you please tell (and if yes, how) if it is possible to do all of this from a rooted android phone running kali nethunter. (I am assuming, that it will work but can't test myself since i dont want to root my main phone)

@guilherme5094 3 роки тому

Nice!

@sebastianhunter8795 2 роки тому

could you make a full length tutorial?

@navyyos9268 2 роки тому

How would this be possible to connect other Bluetooth while they are using ?

@SHWwolf 3 роки тому

Awesome intro

@idcrafter-cgi Рік тому

pulseaudio is one o many sound servers on Linux but great explanations

@rockababy 3 роки тому

if the bluetooth device isn't in discover mode, it won't be possible? looks very similar to wifi attacks

@robbiedoes8841 3 роки тому

Hey Grant! I'd love to make a video with you! Maybe we could discuss the difference between a compsci education and a cyber security education :)

@jadenprovostmaxwell-comfor4813 2 роки тому

Please tell me I’m not the only one who knows this is using the device as intended…

@erickelly8704 2 роки тому

Cool idea but I have a sound core flare 2 would love to be able to hack the speaker os to change the lighting options the options kinda boring that be the shit!

@gulumamu2472 3 роки тому

hi grant !how to save google chrome browsing histort for future reference before deleting it for creating space in my pc?

@antoniorodrigo310 2 роки тому

I think I didn't get it... but if the speaker has to be in discoverable mode, how am I supposed to connect to a speaker that is already being loud?

@ritikasharma3424 2 роки тому

Which language u r using in the video And which language will be best for hacking

@Urbanescape21 Рік тому

Good to see you actually tried but what funny is throughout the video you just connected to the speaker and played a song but using manual commands that you could have done by just simple connecting it and using a music player.

@collinsinfosec Рік тому

I know right. Overcomplicated this entire project.

@Chuck8541 3 роки тому

Cash in bro. Do a vid on how to jam Apple’s AirTags, and your channel will explode. Many non-sheep are wondering about their privacy now. Jammers (especially a small personal sized one, that can be tossed in a backpack, or keychain) is pretty much the only thing that can protect Android users, and unsuspecting iOS users, from being surveilled with Apple’s new toy. Just found your channel, while doing some research. Good vids. Subbed 👍

@JohnSmith-ze6jm 2 роки тому

Put it in a faraday cage

@akashupadhyayawow 3 роки тому

Good research bro ❣️❣️

@collinsinfosec 3 роки тому

Thanks Akash!

@akashupadhyayawow 3 роки тому

@@collinsinfosec ❤️

@CriticalLifestyle 3 роки тому

Did thou go to Rutgers Camden?

@adichandhoke8797 3 роки тому

please make a roadmap for how to go about diving into ethical hacking.......

@user-ec6qm3lq1q 6 місяців тому

I support you and your effort. Bro,should be possible to jam the all are network in locality area .All the frequency Like call, talk to someone else and also bluetooth. Should possible💭💭💭💭

@m4dummies583 3 роки тому

Unpopular opinion: You should make 'DEE BOO DAH'.Your slogan ¯\_(ツ)_/¯

@bekbull 3 роки тому

As i understood 😁 you just connected via terminal and changed music 😂 It doesn't differ from connecting via phone. I thought you would have interacted without touching.

@collinsinfosec 3 роки тому

It's for sure a weak attack. What I did was force connected my way into the speaker with two active connections to the speaker already present.

@bekbull 3 роки тому

@@collinsinfosec okay, thx for response

@jeromejarre4692 Рік тому

@@collinsinfosec doesn't work used the exact same tools on arch linux and can't connect to the speaker if someone else is already connected is just says "not available"

@jeromejarre4692 Рік тому

pretty sure you faked the video, there is no possible way of connecting two devices to one speaker. I used the exact same tools and commands and it just says "not available"

@this_is_anonymous_guy Рік тому

@@jeromejarre4692 Bro may be ur Bluetooth speaker dont allow multiple connections where that JBL flip 4 has.

@mihaiemilian5330 8 місяців тому

I'm thinking your jbl is just able to accept multiple bluetooth clients at the same time. This is not a common feature on all speakers/headphones. What you did was to connect a second device (i.e use the above states functionality). I'm feeling like a gatekeeper but don't use words like "inject" or "hack". There's no hacking in there. It works as intended by the manufacturer

@SkyMine911 3 роки тому

The only problem is that they must be in discoverable mode to find the address. Other than that, well done. If anyone knows how to find the address while the speaker is running (not in discoverable mode), let us know.

@niiiiiix 3 роки тому

Or brute Force on all addresses

@bewildstudio Рік тому

@@niiiiiix even if you know the address...when the speaker exits from discovery mode you cant do anything

@warstoriesofthe88th Рік тому

so if you already have the mac address it should be this simple?

@nelmatrix3942 11 місяців тому

I mean, if it's possible to break the connection, automatically leading the device back to discovery mode, then it should work....

@nowaconcordia557 4 місяці тому

Sniffer

@saeedalkaabi6926 3 роки тому

Goodjobb👏🏻

@aireplayng--- 3 роки тому

Dee Boo Dah Gang ! I'm in ! Ha Ha Ha!

@gufranshaikh7339 3 роки тому

Bro only one device connects to the speaker at a time any solutions?

@giulianofrancopalazzi1104 3 роки тому

Hi, nice video but isn't this just connecting to the speaker normally just from the command line instead of with a GUI. I don't understand how this is hacking? Could you please explain

@collinsinfosec 3 роки тому

Great question. Many limitations to the hack. So JBL allows you to have two audio connections connected to the same speaker. What I did was connected my phone to the JBL, then I also connected my laptop via bluetooth (should have shown that in the video). In this scenario, not sure if it's the version of the speaker, I went ahead turned on the pi and scanned for the speaker, got the Bluetooth address. And then it forced played the audio over the two connections (it disconnected the laptop connection). Like I said many limitations... It's sort of hacking. More so script kiddies styles 😜

@indraseptiansuprayogi2627 3 роки тому

@@collinsinfosec so you can only do that if the speaker allows you to have 2 or more connected device at the same time?

@robertionescu_ 3 роки тому

@@indraseptiansuprayogi2627 yes

@allexj8203 3 роки тому

it's not hacking. he literally connect to bluetooth via command line. I don't think the creator of the video know what is he doing

@collinsinfosec 3 роки тому

@@allexj8203 Okay then lol.

@ajaygondukupe5351 Рік тому

Is it possible to use pi zero w for this method if it is please make a video......

@mbongenijunior3603 2 роки тому

May I please ask? What are you computer specs ???

@raghavansrinivas1379 3 роки тому

COVID: at this point i dnt have frnds and no one is inviting me into their homes

@animalblundetto6510 3 роки тому

When I'm on the train and people play their bullshit. Time to troll lmfao

@nikoshalk 2 роки тому

That's not hacking! The pi is already paired with the speaker (when you put it into discovery mode and connected) and also the speaker is capable of multiple Bluetooth connections! paplay is a simple audio streaming tool! Get your facts straight!

@Scere 2 роки тому

@D it isn’t even that deep it’s just a video lool

@PyDotAll 6 місяців тому

Will all speakers work using the same methods?

@azizullotemirov 3 роки тому

Awesome! The next target is Facebook. Dee buu daah!

@collinsinfosec 3 роки тому

Dee Boo DaH gang!

@v-rdays7525 2 роки тому

Are you using Kali linux?

@myfr33nu 2 роки тому

Can u give me a download link to this program?

@michiboi14gaming28 7 місяців тому

Thats cool im not that good at hacking but i got the idea the problem is do we still need a device since we are using smart phones now? Like in short anyone made a program for this kind of hacking method cause we got a noisy old neighbor guy that always blast his music..

@MuhammadAhmad-yz4ys 3 роки тому

I liked your method dude... I also wanna try this will you help me 🥰

@ri0tsun 3 роки тому

its Tyler Joseph giving us hacking tutorial

@godis1andtheirsprophets483 2 роки тому

I wish there was an easier way to do this 😕 I'm in a bus and the music is blasted

@hackerspace7191 3 роки тому

Hii,I'm getting Stream error: Invalid argument Please share any kinda of solution for this..

@tomaszandr9071 3 роки тому

Bro, u didn't hack anything there u just did force pairing vie bluetoothctl service

@tomaszandr9071 3 роки тому

Very basic functionality on any Unix system

@v-rdays7525 2 роки тому

He did hack,he allows something thats computer cant normaly. Sry for english

@NeriaSofer Рік тому

You kinda can hack like that Just do scan in the terminal Go try abit social engineering on ur Target make them prees the Bluetooth button then bam u got their id of the speaker forever and can do now everyting

@NeriaSofer Рік тому

@@v-rdays7525 why pc cant if i use normal kali and Bluetooth scanner?

@ivaldirbatalha5436 Рік тому

You should read the titleof the video better brother

@Aryan-ji2nk 3 роки тому

hey mate you stated earlier that you can actually change the song but seeing the whole video , I think it is a little bit lame concept because of availabilty of a laptop or pc nearby..... otherwise the video was fantastic /..... keep up the good work....

@collinsinfosec 3 роки тому

Hey! Bluetooth has to be a nearby attack, since bluetooth relies on the range of a device, you won't be able to attack from 5 miles away for example. Thanks for the comments though!

@Aryan-ji2nk 3 роки тому

@@collinsinfosec pretty much understandable ... Thanks for taking time and replying my comment❤️❤️

@zooud2649 Рік тому

POV: you go to hack something then just Use it In the way it was intended,but through CLI, Still great video tho

@justa2601 Рік тому

I have a crazy neighbor who often turns on the speaker very loudly at night, and now I can't stand my neighbor anymore

@kungfoochicken08 10 місяців тому

Buy a jammer and a high gain antenna.

@vickietema3397 2 роки тому

What would be the ways to secure you from this or recover the device?

@Ag89q43G0HyA Рік тому

non. but, this already happens. no need to hack, just connect to it and boom, you are playing music on your neighbor HiFi system

@daniel89123 3 роки тому

did he just put it in discoverable mode to find the mac address or was that needed to connect as well?

@collinsinfosec 3 роки тому

I did have to put it in discoverable mode to find the Bluetooth address. Then I was able to force connect by using the bluetooth address.

@batfox-jewelry 2 роки тому

I am using a dindinmodern bluetooth speaker, which I think is very good at the price I bought.

@alicewyan 2 роки тому

Drink every time he says "go ahead"

@thecircusb0y1 2 роки тому

I’m dead

@henryfenton2243 3 роки тому

Can this program run inside a app?

@poachingstalkers4311 3 роки тому

bettercap?

@cyclops.stonks 3 роки тому

Grant, where do you work or are you only still a student

@collinsinfosec 3 роки тому

I am a senior. Right now I sort of work for myself as I finish up university.

@cyclops.stonks 3 роки тому

Oh nice nice Where exactly do you work grant

@coondogtheman 2 роки тому

Can this be used to sniff bluetooth audio and decode whatever music is being played?

@tlovehater 2 роки тому

You're a Patriots fan you should know about cheating lol

@hashimzaheer3941 2 роки тому

JBL be like: why us... why why! 🤣😂🤣 Hope you dont get a breach notice from JBL

@heres2ya 3 роки тому

can i have that discarded computer you have against the wall with the monitor on it?...

@MagicPlants 2 роки тому

.wav is pronounced "wave" because it's soundwaves.

@surendrapalsingh2431 2 роки тому

Can I do it without raspberry

@anuragkashyap8026 3 роки тому

Your colleague look so much like you. #lonelyaf

@ericouhl5423 2 роки тому

De Boo Da

@kamranhussain8545 3 роки тому

I live in a terrace house and my neighbour is blasting the music ridiculously high through his laptop on his speaker, and hes not allowing other connections, help me out how do I hack him

@tentrot4420 3 роки тому

Can you plz tell us what is your exact role in cybersecurity or you are a mix of everything

@collinsinfosec 3 роки тому

Right now I have been a mixture of everything. Although this year my goal is cloud security.

@kartikthakur3376 3 роки тому

IRONY: We can connect to a bluetooth speaker the same way don't use any of these commands/ComputerBoard just turn on discoverable mode on and then connect using your PHONE PS : Salute to your efforts

@collinsinfosec 3 роки тому

I sort of failed this one :( Thanks though.

@jonathannocon 2 роки тому

I’m personally not a fan of teaching ppl how to unauthorised accessing anyone’s bt speaker tbh, it’s immature and poses a serious security/property ownership breech imho. But since most Bluetooth wireless speakers are fundamentally flawed and they allow anyone to just hijack them due to the lack of bluetooth’s security implementation. This is my one’s biggest gripe to all modern bt speakers especially JBL models in the market rn. Their constantly and randomly dropping out their connection and stupidly allows anyone access to it despite actual authority from its owner/actual user. A simple pairing code would help massively in this situation but since bt security doesn’t seem to be an importance to most wireless bt speaker manufacturers, this is it’s greatest Achilles heels unfortunately.

@oldcracker3383 2 роки тому

ehh although a youtube video will encourage immaturity, its still best for people to at least know about it so people can protect themselves against it, since if someone really wanted to perform something like this, they're gonna figure out anyways

@jonathannocon 2 роки тому

@@oldcracker3383 I see your pov and appreciate the clarity since I completely missed it in the description and such tbh. Funny enough, when my neighbours 14yo son hijacked my jbl boombox 2 while i was listening to some tunes on stereo pair mode on several occasions amidst one fine summer arvo. He’s exact excuse to his mother and I when I informed he’s mother about those incidents was that he learnt how to do it here on UKposts. idk which one since he didn’t specify exactly and there are a number of vids here now which achieves somewhat similar results give it take. The kid was apparently just simply curious on how loud it can really go since the times he did manage to do it, all he rly did was pump up the volume to it’s absolute maximum and giggled like most kid would after which. Thankfully other than some really annoyed people and other neighbours near by that witnessed it when those incidents happened to me, luckily for me the kid knew better and didn’t play over something more sinister whist he was in those short control over said devices. Fortunately in my case, it was merely a curious kid that was going stir crazy during our lockdown stay at home mandates on my neck of the woods but a quick research online really shines a light on how serious this matter could potentially be on more sinister hands. I honestly didn’t even notice your disclaimer in the description until just now, but with that clearly said and done. You’re aight 👌🏼 in my books. I just wouldn’t be surprised if there are more victims out there that has had more serious consequences than what I had experienced which wouldn’t appreciate someone freely teaching folks on how to achieve just that is all. I also do understand that there are those with insanely loud speaker setups which has little to no regards to those around them and insist on blasting crazy loud & obnoxious so called music which can benefit from a DIY solution like you show here so long as they use some common sense aka no other nefarious agenda(s) other than you have stated. I just hope mine is an isolated event but realistically, I wouldn’t be surprised if it happens again in the future since like I said earlier. This issue needs to be sorted ASAP by the manufacturers who sells these things in massive quantities worldwide but seems to have overlooked a crucial fundamental flaw. To be clear, I’m not hating here. I was merely a little confused on your angle here but now I completely see that your not adding fuel to the fire here as I initially had thought but the complete opposite so yeah 👍🏼 We’re gucci here

@collinsinfosec 2 роки тому

Yes, it was for educational and testing purposes only. As you saw, I wasn't super successful in getting my "hack" to work. Fun little experiment though.

@ericy277 Рік тому

No it isn't. Without revealing too much, my Thinkpad, by default will discover all local Bluetooth connections. OK. Now that your playing that obnoxiously loud music into my condo, it's time for a shut down. I already can see your device. Now all I need to do is monitor and capture your address and yes their is a program that will sniff for it. I didn't do anything besides shutting down your obnoxious music on calm Sunday afternoon. Don't effing disturb me again.

@dududjddjehdhdud-ui3yc 24 дні тому

@@jonathannocon knowledge tools and weapons are free and cannot truly be regulated. Morality is up to the operator.

@willownot 2 роки тому

hello, i want to get into the cyber security business, i'm brazilian and would like to and i have a lot of affinity with the area, are there really any salaries that go from 100k to 350k per year? is there space to undertake?

@MrBenEye 3 роки тому

What a showoff! Kudos to you!

@collinsinfosec 3 роки тому

Not sure a lot that haha! Thanks though!

@montagistreel 2 роки тому

I think you literally just connected two devices to a speaker that supports that by design. Oh but now that I'm re-reading the title it does say "(sort of)" lol

@collinsinfosec 2 роки тому

Yes, this experiment was, well... mostly a fail.

@haziqtareqsaleem4476 3 роки тому

Can this work without rasberry pie

@EchterAlsFake 6 місяців тому

Just an idea, but you can't connect to most speakers, when they are already connected to a phone for example. But what if you make a dos attack not to the speaker, but to the phone, so that the box get's confused, exposes its mac address. Now the 200 iq part would be to just spoof the mac adress of the phone and maybe even the bluetooth class and then you could connect with another bluetooth adapter, while the first one is still doing the dos attack.

@Viralvlogvideos 4 місяці тому

will this work? I am doing this to live my life peacefully and sleep at night, my noisy neighbours made my life hell

@EchterAlsFake 4 місяці тому

@@Viralvlogvideos You can try but it's extemely theoretical. You'd need multiple Bluetooth adapters of a very high quality, but I think you have a better chance of just telling the police about it xD

@jeromejarre4692 Рік тому

doesn't work. keeps saying device not available when trying to connect.

@professional.hacker. 5 місяців тому

The first moment you think you are Mr Robot: 0:40 then the next thing : 0:43

@ayushpanchal5960 3 роки тому

How do you know that bluetooth address of JBL speaker from those list of addresses ???

@BaoNguyen-ib3yv 2 роки тому

They will show up within device name

@ayushpanchal5960 2 роки тому

@@BaoNguyen-ib3yv Okay thanks bro

@cameronrich2536 7 місяців тому

When giving credit to an article author you should prob at least shout them out js

@collinsinfosec 7 місяців тому

Fair point. Will do in the future 👍

@cameronrich2536 7 місяців тому

@@collinsinfosec 👌👍

@Panda-sx9eb 2 роки тому

"If you cant hack the Bluetooth Speaker, you shall hack the device."-Me

@simplepyro7897 2 роки тому

Lol good point 😂

@nowaconcordia557 2 роки тому

so using Linux to scan and connect to a Bluetooth speaker is hacking 🤔

@gam3Pippo 4 місяці тому

mmh yeah but he seems to connect while another device is also connected. if he tryes to interrupt current music that could be a interesting situation

@Panda-sx9eb 2 роки тому

I tried : 2.4ghz Jammer -> Illegal Brute Force the bluetooth pin -> idk if it works

@professional.hacker. 5 місяців тому

I am a prof hacker and I would say that, that is not bad for a beginner

@philipnajjar7373 3 роки тому

What Rasberry Pi are you using? Can any Rasberry Pi device do this?

@TamifluOne 3 роки тому

You dont need a pi when you have an pc. Download kali linux or parrot os and a virtual mashine like oracle and use a bt dongle thats all. Its a pi4...

@Legend-og9dn 3 роки тому

Is this patch yet ?

@shinyagami9925 3 роки тому

gee seems hard

@rikihidayat1509 Рік тому

i also want to try because my neighbor speaker is to loud for people around

@rikihidayat1509 Рік тому

i want to get access into it then watching porn with max volume as loud af

@ericouhl5423 3 роки тому

deeboodah!

@hkhfdb7076 2 роки тому

How about you connect to the blue tooth speaker from your phone 🤦🏼‍♂️

@user-nl2ho9gk3y Рік тому

i think it stupid you can do same with any device Bluetooth GUI just connect two device simultaneously , don't play any audio until both device are connected thing is use one device at a time to use second device you have to stop first work on my ever single Bluetooth speaker