TheHermit Posted November 16, 2016 Share Posted November 16, 2016 Samy Kamkar has released a tool called PoisonTap - https://samy.pl/poisontap/ tldr; siphons cookies, exposes internal router & installs web backdoor on locked computers Created by @SamyKamkar || https://samy.pl When PoisonTap (Raspberry Pi Zero & Node.js) is plugged into a locked/password protected computer, it: emulates an Ethernet device over USB hijacks all Internet traffic from the machine (despite being a low priority/unknown network interface) siphons and stores HTTP cookies and sessions from the web browser for the Alexa top 1,000,000 websites exposes the internal router to the attacker, making it accessible remotely via outbound WebSocket and DNS rebinding (thanks Matt Austin for rebinding idea!) installs a persistent web-based backdoor in HTTP cache for hundreds of thousands of domains and common Javascript CDN URLs, all with access to the user’s cookies via cache poisoning allows attacker to remotely force the user to make HTTP requests and proxy back responses (GET & POSTs) with the user’s cookies on any backdoored domain does not require the machine to be unlocked backdoors and remote access persist even after device is removed and attacker sashays away He says it should be possible to run on a Lan Turtle, Quote PoisonTap is built for the $5 Raspberry Pi Zero without any additional components other than a micro-USB cable & microSD card, but can work on other devices that can emulate USB gadgets such as USB Armory and LAN Turtle. Anyone familiar with creating modules happy to look at this? Else you have to wait till i learn how to write modules. 2 Quote Link to comment Share on other sites More sharing options...
m40295 Posted November 19, 2016 Share Posted November 19, 2016 What a beautiful setup. I would love to see this on a turtle or after review maby a nano. Let's have fun this weekend shall we Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted November 19, 2016 Share Posted November 19, 2016 The issue is that it requires NodeJS. NodeJS required FPU or FPU emulation in the kernel, and is a rather large binary. Sadly, this won't happen anytime soon. 1 Quote Link to comment Share on other sites More sharing options...
TheHermit Posted November 21, 2016 Author Share Posted November 21, 2016 Thanks for letting me know. Quote Link to comment Share on other sites More sharing options...
TeCHemically Posted December 2, 2016 Share Posted December 2, 2016 Has anyone gotten the poisontap to work successfully? It appears to function properly when looking at tcpdump on the target; but I never get anything reaching out to the nodejs control server. Also, how does one interact with the nodejs server? Navigating to the server's interface:port give a "sorry unknown url" error. Quote Link to comment Share on other sites More sharing options...
b0N3z Posted December 2, 2016 Share Posted December 2, 2016 On 11/19/2016 at 3:21 PM, Sebkinne said: The issue is that it requires NodeJS. NodeJS required FPU or FPU emulation in the kernel, and is a rather large binary. Sadly, this won't happen anytime soon. Quote Link to comment Share on other sites More sharing options...
TeCHemically Posted December 3, 2016 Share Posted December 3, 2016 23 hours ago, b0N3z said: Sorry, I wasn't clear in my post. I'm not referring to using this on any of my pineapples. I meant using poisontap in general according to the prescribed method. Quote Link to comment Share on other sites More sharing options...
elimisteve Posted March 7, 2017 Share Posted March 7, 2017 On 11/19/2016 at 1:21 PM, Sebkinne said: The issue is that it requires NodeJS. NodeJS required FPU or FPU emulation in the kernel, and is a rather large binary. Sadly, this won't happen anytime soon. @Sebkinne I understand that I could build a custom kernel that enables FPU support in order to get Node running, but what is the issue with the size of the node binary? Disk space or RAM? Is that a big enough problem that you think running Node code isn't viable on the Pineapple, even once FPU support is in the kernel? Thanks! Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted March 7, 2017 Share Posted March 7, 2017 16 hours ago, elimisteve said: @Sebkinne I understand that I could build a custom kernel that enables FPU support in order to get Node running, but what is the issue with the size of the node binary? Disk space or RAM? Is that a big enough problem that you think running Node code isn't viable on the Pineapple, even once FPU support is in the kernel? Thanks! You may JUST be able to get node installed and have some room to breathe, but I honestly don't know without giving it a shot. It would also not run very smoothly, but it might be enough for poisiontap to work. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.