Security experts long have advocated strong password for the computer, however, hacker Samy Kamkar device developed by a new $ 5 in just a minute to hack into any system is claimed. The device, dubbed the new $ 5 PoisonTap any computer system, even if it is password protected as long as the browser is running in the background is called in to break.

PoisonTap any additional micro-USB cable and a micro SD card, $5 without the addition of other components of Raspberry Pi is designed to zero, but that other device, such as USB and LAN turtle as Arsenal can emulate USB devices you can work on, Kamkar described in his blog post.

poison tap

Explain how the device works, exploit, Kamkar wrote when PoisonTap a closed (password protected) is plugged into the computer – whether Windows, OS X or Linux – it’s USB (or Thunderbolt) and emulates an Ethernet device after that all internet traffic moves on the machine. The device next syphons and Alexa top 1,000,000 websites exposing the attacker internal router, to make it accessible remotely from a web browser stores HTTP cookies. $5 devices with the use of cookies for all users of the domain and the general coordination JavaScript URLs for hundreds of thousands of HTTP cache establishes a consistent web-based back door. The attacker away from the user’s cookie with any back-doored domain HTTP requests and responses to the proxy (GET and POST) allows the user to create the force. Kamkar says $ 5 device does not require the machine to be open. It creates a backdoor and uses the remote computer even after the device is removed from the last.

Kamkar motherboard “It is completely automatic. You plug it in, leave it there for a minute, then you pull it out and you walk away. You also know that anything does not need to. “
He PoisonTap password protected lock screen, route tables and network interface priority order, HTTP only cookies, multi-factor authentication, and DNS security mechanisms, including among others can avoid planted says.

He also gives away some of those ways, such as closing the browser each time the user walks away from the computer, USB/Thunderbolt ports can protect their computers by disabling PoisonTap exploitation as effective, or encrypted sleep mode means users can do is the attack.


Please enter your comment!
Please enter your name here