If
you think that your computer is safe when it is locked with a strong password,
then Samy Kamkar’s device PoisionTap will make you wrong. This cheap exploit
tool takes just 30 seconds to install a privacy-invading backdoor into your
computer.
PoisionTap,
a tiny $5 Raspberry Pi Zero microcomputer loaded with Node.js code and attached
to a USB adapter. Inventor has publicly released the source code to PoisionTap,
so that any would-be hacker can try it out for themselves.
If
you are a hacker and want to hack or get information of any of your coworker in
your office. All you need is to plug this device in the target computer and
wait. PoisonTap targets the victim’s browser cache and injects the malicious
code there.
Once
the hacking tool is recognized by the target machine, it is loaded as a low-priority
network device that starts impersonating a new Ethernet connection and runs a
DHCP request across it. The machine sends a DHCP request to the tool that in
response tells it that the entire IPv4 address space is part of PoisonTap’s
local network. In this way, the entire traffic it routed through the
PoisonTap device before reaching the legitimate gateway to the Internet. With
this trick, it intercepts all unencrypted Web traffic and steals any HTTP
authentication cookies used to log into private accounts as well as sessions
for the Alexa top 1 Million sites.
PoisonTap
will give you an invisible position on the local network to connect to the
intranet site and send data to a remote server. Now this computer will be in
your control even after this tool is unplugged from the targeted computer.
Since it uses siphons cookies, you can also hijack the target user's online
accounts even they are secured with two-factor authentication (2FA).
Inventor
says “it can also bypass many other security mechanisms, including same-origin
policy (SOP), HttpOnly cookies, X-Frame-Options HTTP response headers, DNS
pinning and cross-origin resource sharing (CORS). Whenever the websocket
is open, the attacker can remotely send commands to the victim and force their
browser to execute JavaScript code”
There
is no easy fix available for users as long as a web browser application is
running in the background.
No comments:
Post a Comment