Hacker Samy Kamkar demonstrates how to break into a password-locked computer using a $5 Raspberry Pi

Shawn Knight

Shawn Knight

Posts: 15,289   +192
Staff member

Renowned developer and hacker Samy Kamkar has demonstrated a technique that allows virtually anyone to hijack a password-protected computer – even if it’s locked – using a $5 Raspberry Pi Zero and some custom software.

PoisonTrap, as the tricky device is called, emulates an Ethernet-over-USB device once plugged into a computer, thus tricking the machine into thinking a wired Internet connection is suddenly available. The computer then sends a DHCP request asking for an IP address, which PoisonTrap gladly provides.

As Kamkar explains, this would normally behave as a secondary network interface but PoisonTrap crafts the DHCP response to make it appear as if almost all IP addresses on the Internet are part of PoisonTrap’s LAN. As such, the computer starts sending Internet traffic out to the hardware device instead of the actual Internet and as Kamkar highlights in the clip above, it’s all downhill from there.

The attack requires physical access to a machine, somewhat limiting the risk until you realize just how often you wander off away from your computer while at home, in the office or even at school. Fortunately, there are some safeguards you can take to minimize the threat such as using sites that are protected by HTTPS encryption whenever possible.

Or, you could simply do as Kamkar recommends and add cement to all of your USB ports.

Permalink to story.

https://www.techspot.com/news/67090-hacker-samy-kamkar-demonstrates-how-break-password-locked.html

 
Perhaps I'm being daft, but the title of the article suggests someone is using a Pi to break into a PC, and the the rest of the articles describes how they use it to intercept internet traffic? How does the title match the content?
 
  • Like
Reactions: Darius Moon
Complete waste of time. I have a little program that is a live bootable program it accesses any system even with password in 1 second. it leaves no trace as if it were a ghost. also requires physically being on the system but its the best. I have tapped into countless systems. copied data to a flash drive and no one knew the better. thats called super hacking on the fly
 
Jack007 said:
Complete waste of time. I have a little program that is a live bootable program it accesses any system even with password in 1 second. it leaves no trace as if it were a ghost. also requires physically being on the system but its the best. I have tapped into countless systems. copied data to a flash drive and no one knew the better. thats called super hacking on the fly
Click to expand...
Really? Who are you? Ethan Hunt?
 
  • Like
Reactions: Darius Moon
Mouldy CPU said:
Jack007 said:
Complete waste of time. I have a little program that is a live bootable program it accesses any system even with password in 1 second. it leaves no trace as if it were a ghost. also requires physically being on the system but its the best. I have tapped into countless systems. copied data to a flash drive and no one knew the better. thats called super hacking on the fly
Click to expand...
Really? Who are you? Ethan Hunt?
Click to expand...

It's not hard to do. Just learn how to bypass Bios passwords and you are all set.
 
In at least pro versions of windows, this could likely be stopped by setting a policy that prevents installing Ethernet adapters.
 
You must log in or register to reply here.

Similar threads

A
LattePanda Mu is a Raspberry Pi-like microboard that can work as an x86 mini-computer
Replies
2
Views
91
techstrike
techstrike
E
The Raspberry Pi Pico-powered Throttle Blaster brings classic games to life on modern...
Replies
2
Views
184
Slappy McPhee
Slappy McPhee
D
Microsoft BitLocker encryption cracked in just 43 seconds with a $4 Raspberry Pi Pico
Replies
18
Views
467
bviktor
B

Latest posts

Back