PoisonTap: Even the strongest passwords don't seem to be enough as Samy Kamkar proves, and sometimes it just takes a few seconds.
Kamkar's new exploit is called PoisonTap, and uses ένα δωρεάν λογισμικό που τρέχει σε ένα μικροϋπολογιστή Raspberry Pi Zero. Μετά την τοποθέτηση του Raspberry Pi σε έναν προσαρμογέα USB στον υπολογιστή στόχο η συσκευή πιάνει δουλειά.
In 30 seconds, it bypasses the lock screen and starts it installation a backdoor that works even when the device is removed from the USB port.
If you think a powerful Password, will save you, you are wrong.
PoisonTap does not work this way. It does not try to guess your password, but bypasses it completely - and it seems to work.
After the PoisonTap device connects, a device that provides Internet from USB is beginning to emulate. Once detected by the target computer, it assumes that it is connected via ethernet, and begins to send all unencrypted web traffic to the microcontroller.
Your existing network security can not save you as the device fools the target computer to give priority to all other connections and not to the one you are already connected to.
Acting as a man-in-the-middle attack, the device then begins to steal all the HTTP authentication cookies you've used to sign in to your accounts, as well as Session data from a million top sites on the internet according to Alexa.
Because of the way it's designed, authentication checks two factors may not help, since logins are made from the cookies stored by PoisonTap and not from the actual login credentials.
The only downside to its effectiveness is that it requires the user to have a tab του προγράμματος περιήγησης ανοικτή στην κλειδωμένη συσκευή. Όμως η συντριπτική πλειοψηφία δεν κλείνει τους browsers before they lowered the lid on our laptop.
Kamkar gave some tips to protect yourself, although he recognizes that most are not practical:
Set your computer to hibernate rather than sleep. In hibernation, the computer suspends all its processes.
Close your browser every time you close your machine.
Regularly clean your browser's cache.
Use full disk encryption
Disconnect the USB ports
Watch the video