Samy Kamkar released a tool which allows for a Raspberry Pi Zero to emulate a USB Ethernet device and steal cookies from a locked machine.
We decided to make one and see how it worked. Below is a quick tutorial on how to set this up for yourself!
- Raspberry Pi Zero (Only the Zero will work)
- Micro SD Card (8GB should be fine)
- USB OTG Adapter (Used for setting up the Pi)
- USB Ethernet Adapter
- Micro USB Cable
- SD Card Reader
- About 10 Minutes of time.
You will need the latest version of Raspbian, you can download this using the following link:
Next we need to install the Raspbian Image on the Pi, to do this we will use Win32DiskImager , if you are on a Mac or Linux you can use DD in order to install the image.
Now we have Raspbian installed on the SD card we need to add a file with no extension called ‘ssh’ into the boot directory of the SD card.
This allows the Pi to automatically start SSH without a screen attached.
Find the Pi. I used arp-scan on Linux in order to find my Pi on the network. My USB Ethernet adapter is branded Plugable so it was easy to identify.
The default credentials are:
At this point we are ready to start installing the Poison Tap software. We need to install Git on the Pi Zero. We can simply run:
sudo apt-get install git
Once we have Git installed we need to clone Samy’s repository:
git clone https://github.com/samyk/poisontap.git
With the Poison Tap Repo installed next we need to run a quick setup script in order to have everything set up:
wget https://demmsec.co.uk/install.sh; sudo bash install.sh
At this point your very own Poison Tap should be ready to try! Plug it into your computer via USB and see if a network adapter comes up!