Recreating nRF24 greater than 32-byte payload issue with nRF52840
A D.O.S. attack against nRF24L01P that do not validate Dynamic Payload Sizes
I made a video demonstrating how to send 33 byte payloads to the nRF24L01P and either cause the device to flush its RX buffer, or create a denial of service attack for any devices that do not validate Dynamic Payload sizes.
I find it interesting that the nRF24L01P devices accept these payloads at all, as well as sending an ACK to the transmitting device.
No comments:
Post a Comment