Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Saturday November 19 2016, @05:42AM   Printer-friendly
from the smart dept.

Submitted via IRC for TheMightyBuzzard

A new attack tool that can compromise locked computers will leave you wishing you could take your machine with you everywhere you go.

Dubbed PoisonTap, the tool consists of a Raspberry Pi Zero controller with a USB or Thunderbolt plug, loaded with open source software. All in all, this setup can be achieved by anyone who has $5 to spare.

What is PoisonTap capable of, you ask?

Plugged into a locked/password protected computer, it can hijack all Internet traffic from the machine, open the internal router to the attacker, collect HTTP cookies and sessions from web browsers, install a web-based backdoor in HTTP cache for hundreds of thousands of domains, install a backdoor into the machine that does not depend on the device being plugged in, and more. It is capable of compromising Macs and PCs running Windows.

There is also a YouTube video (5m22s).

Source: https://www.helpnetsecurity.com/2016/11/17/poisontap-compromise-locked-computers/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: -1, Spam) by Anonymous Coward on Saturday November 19 2016, @06:39AM

    by Anonymous Coward on Saturday November 19 2016, @06:39AM (#429317)

    Get banned, loser! Perma-banned!

    Starting Score:    0  points
    Moderation   -1  
       Spam=1, Total=1
    Extra 'Spam' Modifier   0  

    Total Score:   -1  
  • (Score: -1, Spam) by Anonymous Coward on Saturday November 19 2016, @06:43AM

    by Anonymous Coward on Saturday November 19 2016, @06:43AM (#429319)

    Damn me! I'm always one step ahead!

    Due to excessive bad posting from this IP or Subnet, anonymous comment posting has temporarily been disabled. You can still login to post. However, if bad posting continues from your IP or Subnet that privilege could be revoked as well. If it's you, consider this a chance to sit in the timeout corner or login and improve your posting. If it's someone else, this is a chance to hunt them down. If you think this is unfair, please email niggers@soylentnews.org

    • (Score: -1, Spam) by Anonymous Coward on Saturday November 19 2016, @07:35AM

      by Anonymous Coward on Saturday November 19 2016, @07:35AM (#429333)

      Fuck yeah! I am the greatest!

      Due to excessive bad posting from this IP or Subnet, comment posting has temporarily been disabled. If it's you, consider this a chance to sit in the timeout corner. If it's someone else, this is a chance to hunt them down. If you think this is unfair, please email niggers@soylentnews.org

  • (Score: 2) by janrinok on Saturday November 19 2016, @09:55AM

    by janrinok (52) Subscriber Badge on Saturday November 19 2016, @09:55AM (#429354) Journal

    Well, as you are replying to yourself, your title of 'loser' seems both accurate and deserved. You are so clever that you have managed to post a comment to a site that accepts comments, so you really are a l33t h4ck3r! Now, why don't you run along a play with the other children?....