Played with PoisonTap network hijacking tool

Poison Tap in Action

@SamyKamkar made an impressive and terrifying tool.  This simple USB device steals your cookies, poisons your cache, and even persists a web backdoor.  On a locked machine no less!  It depends much on the trust that our computers take for granted.  Trusting a USB device is not up to no good.  Trusting the local network not trying to confuse. We must reexamine this trust going forward.  It didn’t take long to get it up and running, however once you do, you can spend hours tinkering.  (i was working to combine it with @mubix‘s work here)

I am also delighted to have my first Raspberry Pi as a USB device rather then host.  it is certainly exciting to created some new doodads using this dangerous toolkit.

UPDATE

I have since made a version without the cache attack.  I completely failed to steal the poisontap visuals, but TheCodePlayer offers a delightful matrix animation.  next step is to man in the middle ssl too.  I’m turning it into a device that logs everything while connected, but doesn’t persist.

Mac Pro takes a dive. There went my Sunday.

I return to my computer after letting it idle to this maelstrom. Pinwheel of death to 11!  Luckily I was left with at least one tool in my belt. Initial signs point to Disk I/O but with SSD??  Sometimes I feel like the cobbler with no shoes.  no such thing as a day off.

Mac Pro - Force Quit Window

UPDATE! – It was drive related, but not my boot drive. Apparently all this was caused by file system corruption on an external drive. it’s not that it wasn’t in use, but that drive was certainly not in use by all of these applications.  It was a drive that contains large files that don’t require especially high performance (like my bitcoin blockchain).  I must now give a shout out to DiskWarrior for saving my Sunday.