PoisonTap - exploiting locked machines w/Raspberry Pi Zero





The interactive transcript could not be loaded.


Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 16, 2016

PoisonTap - siphons cookies, exposes internal router & installs web backdoor (reverse tunnel) on locked/password protected computers with a $5 Raspberry Pi Zero and Node.js. https://samy.pl/poisontap/

By Samy Kamkar

Full details and source code at https://samy.pl/poisontap/

Buy a Raspberry Pi Zero here: https://amzn.to/2eMr2WY
Buy cement for your USB ports here: https://amzn.to/2fX0I1e

When PoisonTap (Raspberry Pi Zero & Node.js) is plugged into a locked/password protected computer (Windows, OS X or Linux), it:
- emulates an Ethernet device over USB (or Thunderbolt)
- takes over all Internet traffic from the machine (despite being a low priority network interface)
- siphons and stores HTTP cookies from the web browser for the Alexa top 1,000,000 websites
- exposes the internal router to the attacker, making it accessible remotely
- installs a persistent web-based backdoor in HTTP cache for hundreds of thousands of domains and common Javascript CDN URLs, all with access to the user’s cookies
- allows attacker to remotely force the user to make HTTP requests and proxy back responses (GET & POSTs) with the user’s cookies on any backdoored domain
- does not require the machine to be unlocked
- backdoors and remote access persist even after device removal

Music by Epoch Rises: https://soundcloud.com/epochrises
Intro graphics by Darin Leach: https://goo.gl/HDKRFG



When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...