PoisonTap Steals Cookies, Drops Backdoors on Password-Protected Computers by Chris Brook.
From the post:
Even locked, password-protected computers are no rival for Samy Kamkar and his seemingly endless parade of gadgets.
His latest, PoisonTap, is a $5 Raspberry Pi Zero device running Node.js that’s retrofitted to emulate an Ethernet device over USB. Assuming a victim has left their web browser open, once plugged in to a machine, the device can quietly fetch HTTP cookies and sessions from millions of websites, even if the computer is locked.
If that alone doesn’t sound like Mr. Robot season three fodder, the device can also expose the machine’s internal router and install persistent backdoors, guaranteeing an attacker access long after they’ve removed the device from a USB slot.
“[The device] produces a cascading effect by exploiting the existing trust in various mechanisms of a machine and network, including USB, DHCP, DNS, and HTTP, to produce a snowball effect of information exfiltration, network access and installation of semi-permanent backdoors,” Kamkar said Wednesday in a writeup of PoisonTap.
…
Opportunity may only knock once.
Be prepared by carrying one or more PoisonTaps along with a bootable USB stick.