Wifi Pineapple project uses updated hardware for man-in-the-middle attacks

updated-wifi-pineapple

We’ve seen this small, cheap, and powerful WiFi router before. But this time it’s up to no good. [Andy] used a TP-Link WR703N to build an upgraded WiFi Pineapple hacking tool.

A WiFi Pineapple is a device spawned years ago by the Hak5 team (here’s a clip showing off the device). It uses a WiFi router that will answer to any SSID request. Basically if your computer or smart phone has an AP SSID saved and broadcasts a request to connect the pineapple will pretend to be that device and start the handshake. This provides the chance to sniff all the data passing through in a classic man-in-the-middle attack.

[Andy] is recreating the device but at a rock bottom price. He picked up this router for about $20 and added an $8 USB drive to it. The only other thing you would need is a power source and a way to hide the hardware. The code used in the Hak5 version is available for download and that’s what he worked on after flashing OpenWrt to the device.

[Thanks Midnite]

Rooting a Motorola Actv (Android wristwatch)

[Chris'] family made the mistake of giving him a hackable Christmas gift. We’d bet they didn’t see much of him for the rest of the day as he set about rooting this Android wristwatch.

This thing has some pretty powerful hardware under the hood. It’s sporting an OMAP3 processor running at 600 MHz along with 256 MB of RAM. [Chris] needed to get his hands on a firmware image in order to look for security holes. He found a way to spoof the update application in order to intercept an upgrade image from the Internet.

He dumped the firmware locations and got to work searching for a way to exploit the device. Details are a bit scarce about want exactly he did, but you can download his modified image, letting you root your own Motorola Actv using the Android Debug Bridge.

We’ve embedded a demo video after the break. The OS is pretty snappy on the tiny device. We’re not sure what will come of this functionality, but we assume [Chris] was really only interested in the challenge of rooting process itself.

[Read more...]

Hidden device distorts news on wireless networks, brews beer, is time machine

We covered the Newstweek, a wall-wart sized box that injects fake news stories over public WiFi connections last February, but now there’s a great walk through and it seems our doubts about this project were disproved.

The Newstweek uses ARP spoofing to change the text displayed on several news sites. After doing some field research, placing and configuring the device, there’s a simple web frontend that configures the man-in-the-middle hack. Right now, the Newstweek only allows a few news sites to be targeted, but the team is working on allowing anyone to add their own targets.

Aside from the relatively simple build, we’re wondering about the social engineering aspects of the Newstweek. In our previous coverage of the Newstweek, we couldn’t decide if this was a social commentary art project, or a real device. It looks like it’s both now. Would hackaday readers succumb to injecting, “President Bacon addressed the nation last night…” or would you do the responsible thing and put the “(D)s” and “(R)s” in their proper places?

The Newstweek team posted a video of a short demonstration, but check out the video after the break for the “incredibly geeky and thorough demo.”

[Read more...]

USB man-in-the-middle adapter

The module works as a pass through, providing access to data and power lines for a USB device. [BadWolf] built it in order to sniff out communications between peripherals and the Universal Serial Bus. For now it just provides access to the different signals, but we think there’s quite a bit of usefulness in that. First off, the power rail is mapped out to a jumper, making it dead simple to monitor the voltage stability or patch in a multimeter to get feedback on current consumption. But you can also see in the foreground that a pin socket makes it easy to tap into the board using jumper wires. We think it would be a great breadboard adapter for USB work that would continue being useful after you’ve populated your first PCB for the prototype.

[BadWolf] has other plans in store for it though. He wants to intercept and decipher the communications happening on the data lines. In the video after the break he mentions the possibility of using a Bus Pirate for this (we have our doubts about that) but plans to start his testing with an STM32 discovery kit. We can’t wait to see what he comes up with.

Plug-in module lies about news at coffee shops. Real or Fake?

[Mike] sent in a tip about Newstweek, and we’re turning to our readers to tell us if this is real or if we’re being trolled. The link he sent us points to a well-written news-ish article about a device that plugs into the wall near an open WiFi hotspot and performs something of a man-in-the-middle attack on devices connected to the access point. The article describes the device above as it observes, then spoofs the ARP table of the wireless network in order to inject fake news stories in pages you are reading. Apparently once it boots, the small box phones home for commands from its maker over a TOR connection.

The box reminds us of the Sheevaplug so it’s not the hardware that makes us question the possibility of the device. But look at the Linux terminal screen readout. It shows a prompt with the word ‘newstweek’ in it. That’s the address of the site the article is hosted on, giving us a strong sense of being trolled.

What do you think, real or fake? Let us know (and why you think that) in the comments.

Chip and pin broken and other security threats

Another exploit has been found in the Chip and PIN system.  The exploit is a man-in-the middle attack that wouldn’t take too much know-how to pull off. You can watch the BBC report on the issue or check out the paper (PDF) published by the team that found the vulnerability. A stolen card resides in a reader that connects to a dummy card via a small cable. When the dummy card is inserted into a card reader, any PIN can be used to complete the transaction. The chip on the original card gets confirmation that the sale was completed via signature and the vendor’s card reader gets confirmation that the pin was correct. The UK based Chip and PIN system seems like a great idea, but it has had its share of security loopholes. This makes us wonder how hard it is to roll out security patches to the hardware readers in the system.  Obviously this needs to be patch but does it take a technician visiting each terminal to flash an upgrade?

Switching to the topic of wide-scale attacks, we caught the NPR interview with [James Lewis] on Wednesday when they discussed the growing threat of Cyberterroism. He feels an attack on the US electrical grid is currently the biggest threat and will happen in the next ten years. Obviously taking the grid down would endanger lives and bring things to a standstill; traffic lights, refrigeration, heat, etc. We’re just glad that when asked if he thinks there is already malicious code residing in the control system, he doesn’t think that’s the case.

[Thanks to Whatsisface and Mcinnes]

Follow

Get every new post delivered to your Inbox.

Join 94,478 other followers