|
|
Пишет lepestriny (![[info]](http://lj.rossia.org/img/userinfo.gif){kind=small} lepestriny)@ 2011-01-09 18:49:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
"Киберанархизм в действии"
Security researchers from Berlin-based firm, Critical Engineering, uncover the technology behind a small, seemingly harmless device that's causing havoc at hotspots throughout Europe.
With such cheap components Kotla and his team were eager to find out just how the device worked. Plugging in cables to the TX, RX and GND pins they were able to communicate with the device using a Sparkfun USB Serial TTL module and a client-side program called minicom.
When plugged in the device boots up automatically, looking for an open wireless network or any network for which it already has a password - something often given for the price of a coffee. It then reverse SSH tunnels (using SSH keys) to a foreign server, allowing a remote user on that server to SSH back into the machine from afar, issuing commands as they see fit.
The device then performs a sophisticated modification of the Address Resolution Protocol (ARP) Table on both the hotspot hardware and the clients associated with it. These include iPhones, Android devices and laptop computers.
The ARP table on a computer network is special list cached by all devices on a network. Vital for network function, it couples actual hardware addresses with the network address issued by the access point. The table is updated by responses to ARP requests, special packets sent by devices on every Local Area Network. By responding to these requests with false mapping, the client can be tricked to believe it is conversing with the router -and vice versa- when in fact all traffic is passing through the rogue device.
The device becomes the puppet master of the local network, able to intercept and modify all content..
http://newstweek.com/2011-01-07-dev
via![[info]](http://lj.rossia.org/img/userinfo-lj.gif)
digital_books@lj
Security researchers from Berlin-based firm, Critical Engineering, uncover the technology behind a small, seemingly harmless device that's causing havoc at hotspots throughout Europe.
With such cheap components Kotla and his team were eager to find out just how the device worked. Plugging in cables to the TX, RX and GND pins they were able to communicate with the device using a Sparkfun USB Serial TTL module and a client-side program called minicom.
When plugged in the device boots up automatically, looking for an open wireless network or any network for which it already has a password - something often given for the price of a coffee. It then reverse SSH tunnels (using SSH keys) to a foreign server, allowing a remote user on that server to SSH back into the machine from afar, issuing commands as they see fit.
The device then performs a sophisticated modification of the Address Resolution Protocol (ARP) Table on both the hotspot hardware and the clients associated with it. These include iPhones, Android devices and laptop computers.
The ARP table on a computer network is special list cached by all devices on a network. Vital for network function, it couples actual hardware addresses with the network address issued by the access point. The table is updated by responses to ARP requests, special packets sent by devices on every Local Area Network. By responding to these requests with false mapping, the client can be tricked to believe it is conversing with the router -and vice versa- when in fact all traffic is passing through the rogue device.
The device becomes the puppet master of the local network, able to intercept and modify all content..
http://newstweek.com/2011-01-07-dev
via
digital_books@lj
