Hack Bluetooth Connected Shining Mask LED Halloween Masks?
Just Don’t Ruin Some Kids Fun, OK?
Shining Mask is an app that controls just about all LED Halloween masks on the market and unfortunately, or perhaps amusingly, they couldn’t be bothered to properly implement a secure connection between the app and a mask. While they did use AES-128 encryption for the connection, they used a fixed key which is publicly available on GitHub. With that key, you can use your version of the Shining Mask app to control any and all LED masks within Bluetooth range.
The person who discovered this has posted the Python script he created to Bishop Fox’s GitHub repository, which will let you control any masks within communications range. In order to properly unify your neighbourhood’s trick or treaters you will need an Adafruit BLE Feather board to act as a controller to run the modified app. Once you are set up you can play some interesting tricks tonight.
Again, don’t use this to upset children but this could be hilarious in the right situations.
Because they all use the same BLE protocol, Elendt surmised that if he found a way to reverse-engineer that, he could build his own controller — and then hack every similar Shining Mask within Bluetooth range.
More Tech News From Around The Web
- Closing Windows 11’s Task Manager accidentally opens up more copies of Task Manager @ Ars Technica
- Australia warns of BadCandy infections on unpatched Cisco devices @ Bleeping Computer
- CISA: High-severity Linux flaw now exploited by ransomware gangs @ Bleeping Computer
- Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking @ Ars Technica
- DNS downing clouds is boring: IBM Cloud is experiencing a quantum computer outage @ The Register
- Microsoft 365 business customers are running out of places to hide from Copilot @ The Register
- Google Working on Bare-Bones Maps That Removes Almost All Interface Elements and Labels @ Slashdot
- Hacking Together An Expensive-Sounding Microphone At Home @ Hackaday
- GL.iNet Comet GL-RM1 Remote KVM Device @ ServeTheHome
- TP-Link Deco BE11000 Whole Home Mesh Wi-Fi 7 System @ TweakTown
