$5 Electronics Used To Break Into and Hack Locked Computers

PoisonTap – Installs Web Backdoor On Locked Computers

If you still don’t think that security hackers are getting better, then just take a look at what this guys does with $5.

PoisonTap is built for the $5 Raspberry Pi Zero without any additional components other than a micro-USB cable & microSD card, but can work on other devices that can emulate USB gadgets such as USB Armory and LAN Turtle.

Samy Kamkar, a security researcher used some very simple, yet ingenious programming to bypass dozens of security features to hack into locked computers. This simple device which connects to any computer with a standard USB port can effectively render security useless.

Once this device is attached to a locked computer it begins the process of taking over. It does this through a series of direct attacks that affect the Internet traffic of the machine. Acting like ethernet device it installs a web backdoor while exposing your internal routers to remote access.

PoisonTap produces a cascading effect by exploiting the existing trust in various mechanisms of a machine and network, including USB/Thunderbolt, DHCP, DNS, and HTTP, to produce a snowball effect of information exfiltration, network access and installation of semi-permanent backdoors.

This device can easily bypass most standard methods of computer security, including:

  • password protected lock screens
  • 2 Factor Authentication
  • secure cookie authentication

 

The good news is that there is protection against this type of device:

Server-Side Security

  • Use HTTPS exclusively, at the very least for authentication and authenticated content
  • Ensure Secure flag is enabled on cookies, preventing HTTPS cookies from leaking over HTTP
  • When loading remote Javascript resources, use the Subresource Integrity script tag attribute
  • Use HSTS to prevent HTTPS downgrade attacks

Desktop Security

  • Di connect all USB ports Internally if not being used.
  • Closing your browser every time you walk away from your machine can work, but is entirely impractical
  • Disabling USB/Thunderbolt ports is also effective, though also impractical
  • Using an encrypted sleep mode where a key is required to decrypt memory (e.g., FileVault2 + deep sleep)

 

You can check out more about PoisonTap below:

This is PoisonTap, Kamkar tool can hack locked PCs

PoisonTap

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *