I'm testing the poc with Kali on a Nexus 5 and a Samsung s7.
The execution hangs on the sock.recv() because the first SDP response from the device is larger than the set MTU and the bluetooth module drops the packet.
here you can find the wireshark's capture of the bluetooth traffic.
mtu.zip
Samsung s7 Android version 6.0.1, security patch november 2016, kernel version: 3.18.14-9519568
Nexus 5 Android 5.0.1, build LRX22C
I'm testing the poc with Kali on a Nexus 5 and a Samsung s7.
The execution hangs on the sock.recv() because the first SDP response from the device is larger than the set MTU and the bluetooth module drops the packet.
here you can find the wireshark's capture of the bluetooth traffic.
mtu.zip
Samsung s7 Android version 6.0.1, security patch november 2016, kernel version: 3.18.14-9519568
Nexus 5 Android 5.0.1, build LRX22C