Exam 312-50v12 topic 1 question 259 discussion

D is more accurate. D. btlejack -f 0x129f3244 -j This command is explicitly aimed at hijacking an ongoing BLE connection on the specified frequency, aligning perfectly with the scenario's description of hijacking to read and export sensitive information. To hijack a connection, as described in option D with the -j flag, involves actively intervening in the communication. This means inserting the attacker’s device into the communication flow in a way that allows them to intercept, modify, or block the data being exchanged without the original devices noticing. This is more aggressive and direct in terms of interaction compared to merely tracking. Thus, while option A is very relevant for understanding the dynamics of the communication and could be a precursor to an effective hijacking (by knowing where and how to hijack), it does not by itself perform the action of hijacking. Therefore, it's correct to say that option A could be part of the process leading up to a hijack, but it isn't the command that would be used to execute the hijacking. The specific action of hijacking in Btlejack is indicated by the -j flag, as shown in option D.

CEHv12 2538

Module 16 Page 2538

Hijacking a BLE connection Btlejack is also able to hijack an existing connection, use the -t option to do so. Once hijacked, Btlejack will give you a prompt allowing you to interact with the hijacked device. First, hijack an existing connection: $ btlejack -f 0x9c68fd30 -t -m 0x1fffffffff BtleJack version 1.1 [i] Using cached parameters (created on 2018-08-11 01:48:24) [i] Detected sniffers: > Sniffer #0: fw version 1.1 [i] Synchronizing with connection 0x9c68fd30 ... ✓ CRCInit: 0x81f733 ✓ Channel map is provided: 0x1fffffffff ✓ Hop interval = 39 ✓ Hop increment = 9 [i] Synchronized, hijacking in progress ... [i] Connection successfully hijacked, it is all yours \o/ btlejack>