{"id":1432,"date":"2019-09-27T14:07:54","date_gmt":"2019-09-27T06:07:54","guid":{"rendered":"https:\/\/tongwing.woon.sg\/blog\/?p=1432"},"modified":"2019-09-27T14:07:54","modified_gmt":"2019-09-27T06:07:54","slug":"samy-kamkar-poisontap-exploiting-locked-computers-over-usb","status":"publish","type":"post","link":"https:\/\/tongwing.woon.sg\/blog\/samy-kamkar-poisontap-exploiting-locked-computers-over-usb\/","title":{"rendered":"Samy Kamkar: PoisonTap &#8211; exploiting locked computers over USB"},"content":{"rendered":"<p>This is brilliant and scary at the same time. I&#8217;m always impressed by what <a href=\"https:\/\/samy.pl\/\">Samy<\/a> can think of. This particular hack makes your computer think a plugged-in Raspberry Pi is an Ethernet device and takes over all your Internet traffic, at the same time poisoning your browser with hijacked copies of Javascripts. This works even on a machine with screen locked.<\/p>\n<p>It is reminiscent of the days of <a href=\"https:\/\/www.ghacks.net\/2011\/02\/09\/microsoft-windows-autorun-updates-restricts-functionality\/\">CD-ROM attacks<\/a>, when your computer will auto-run the contents of a CD-ROM, even when the account is locked.<\/p>\n<p><a href=\"https:\/\/samy.pl\/poisontap\/\"><img decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/tongwing.woon.sg\/blog\/wp-content\/uploads\/2019\/09\/cropped6.gif\" alt=\"\" \/><\/a><\/p>\n<p>Source: <em><a href=\"https:\/\/samy.pl\/poisontap\/\">Samy Kamkar: PoisonTap &#8211; exploiting locked computers over USB<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is brilliant and scary at the same time. I&#8217;m always impressed by what Samy can think of. This particular hack makes your computer think a plugged-in Raspberry Pi is an Ethernet device and takes over all your Internet traffic, at the same time poisoning your browser with hijacked copies of Javascripts. This works even [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"_links":{"self":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1432"}],"collection":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/comments?post=1432"}],"version-history":[{"count":1,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1432\/revisions"}],"predecessor-version":[{"id":1434,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/1432\/revisions\/1434"}],"wp:attachment":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/media?parent=1432"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/categories?post=1432"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/tags?post=1432"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}