Skip to main content

Poison tap can hack locked device in seconds

 What can you do with your $5 bill? You can get a trickster Raspberry Pi Zero which can fool a locked and password protected computer. It can hijack cookies, create backdoors, compromise the internal router, and above all, make the computer believe it’s connected to the internet.

 We have seen many instances of people taking advantage of the USB to gain access to a device. A Raspberry Pi board can be a good companion while doing such activities.

Usually, these USB hacking activities take advantage of one or more vulnerabilities in the operating system. But, what about a $5 Raspberry Pi Zero that’s an imposter.

Poison tap  a trickster Pi Zero board, has been created by Samy Karkar. When connected to an exposed USB or Thunderbolt port, the device says to a computer that it’s an ethernet (via USB) device, not a regular USB device, and it’s a door to the entire internet.

Your innocent machine quickly believes what is said by the PoisonTap, completely unknown of its real intentions. The worst part, PoisonTap can gain access to a machine even if it’s locked – and password protected – by taking advantage of the trust factor a computer has on the ethernet devices.

Upon detecting an ethernet interface, your data hungry machine will make a switch from the regular battery-consuming WiFi to the wired internet. PoisonTap is equipped with the capabilities to assign an IP address to the fooled computer as a normal DHCP server would do. It will also tell the machine that it contains the whole IPv4 address space which is literally the entire internet if the newer ipv6 addresses  are not included.

An active web browser on your computer can make efforts to connect to the false internet – powered by PoisonTap’s web server based on Node.js – to receive new data for the advertisement, analytics, and services. The USB hacking device is an unknown network interface to the machine with low priority, yet, it can hijack all the internet traffic.

PoisonTap can tunnel and store the HTTP cookies and session data of the web browser. It can also create web-based backdoors for an uncountable number of domains. These backdoors are stored in the HTTP cache. The device does it by making the browser load lots of iframes containing HTML and Javascript.

PoisonTap takes about a minute to all this stuff after it is connected to a computer.

The attacker also has the privilege to exploit these backdoors remotely because they continue to exist even if the device is removed and the attacker walks away. He can also use DNS rebinding and an outbound WebSocket interface to access the internal router of the computer already exposed by the hacking device.

For servers, the protection is easy by enabling Secure flag for cookies and implementing HSTS policy.

The most useful solution suggested by Karkar is cementing the open USB and Thunderbolt ports. And he literally put a link to a cement product. Some less practical, but effective to an extent, options would be closing the web browser every time you abandon your computer. Disabling the ports would remove slightest chance of your machine being hoodwinked. An effective way is to use encrypted deep sleep mode which will disable the web browser to make any requests when PoisonTap is connected.

You can read more about PoisonTap . The source code is available on GitHub.

If you have something to add, tell us in the comments below.

Comments

Popular posts from this blog

So what exactly is cryptography

Nowadays Internet is an important part of Life.  We are using the Internet for sending confidential data also like password,for storing army secrets. But the Internet is insecure medium.we all use internet at a daily basis.  Do you know why? Insecure Medium: Imagine you are sending a data.  In internet world, data are separated as packets and send to the destination.  Do you think the data directly reaching the destination?   If  you think so,you are wrong.  The packets are going through different routers.  Finally, the data is sent to the user.  In this gap, Intruders(i mean attackers) takes advantages. so who are they .the are  I.they  can see what you are sending.  Because your data are simple and easy to readable by anyone. How to secure the data? We can not stop the intruders and their activities.  But we can make our data as Unreadable for Intruders.  For this purpose, the Cryptography is introduce...

Lunix malware havoc

The Krebs DDoS attacks have proven that the IoT landscape is a fertile ground that can breed huge botnets capable of launching massive DDoS assaults. As such, it should be no surprise that malware authors are now focusing their efforts on this sector and putting out new threats in the hopes of building the next Mirai botnet. One of the latest additions to the IoT malware market is a trojan codenamed Linux/NyaDrop, recently reverse engineered by MalwareMustDie, the same researcher who discovered the Mirai malware. MalwareMustDie points out in his research that this binary appeared in May, but was somewhat simplistic and not that common. Things changed after the Krebs DDoS attacks, and a new sample has appeared on the market, with the malware’s author most likely drawn back to the IoT landscape by Mirai’s success. Just like most IoT malware nowadays, NyaDrop’s author relies on brute-forcing Internet-exposed IoT devices using their default credentials. In a conversati...

Remove virus from android

Desktops aren’t the only gadgets that can be affected by a virus. Android devices have a malware problem and it’s growing every day. If you do get a virus, you could perform a factory reset to get rid of it, but that means you’d lose all your data — those photos you shot, the saved games, the text messages, and everything else. Obviously, you want a factory reset to be your last option. So what can you do to remove a virus from Android without a factory reset? Is It Really a Virus? If your phone isn’t functioning the way it should be, there’s a chance you have some malware on it. One wrong tap somewhere and a malicious file might have been downloaded on your phone, which is leeching battery life, Internet resources, or your personal data. But it could be something else. Suppose your Android refuses to boot or crashes every time it starts up. Or maybe you can’t seem to download apps from the Play Store. These are not necessarily caused...