SlideShare una empresa de Scribd logo

Juice Jacking 101

Descargar como ODP, PDF
Robert Rowley
Robert Rowley

Juice Jacking 101 covers the hisotry behind why and what we learned from building malicious cell phone charging kiosks (and then setting them up at various hacker conferences)

Tecnología
1 de 36
Juice Jacking 101 Chicago 2012
What is juice jacking?
One great drunkpiphany
The Build Hardware ● EeePC ● Box ● Lots of USB cables Software ● Linux (liveCD) ● USButils package ● Custom shell code
First you hack
Put it in a box
Put it in a box
Yea, it worked
The Deployment @ Defcon Largest Hacker Conference. Attendees treat it a lot like the wild west. – This means the kiosk will now become a target.
The Media
The Media ● Krebs on Security
The Media ● Krebs on Security ● TG Daily
The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404”
The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404” ● MSNBC -- Technolog
The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404” ● MSNBC -- Technolog ● PC world
Don't get jacked. Ideas? ???
Don't get jacked. ● USB cable neutering (removing data pin)
Don't get jacked. ● USB cable neutering (removing data pin)
Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device
Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access
Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery!
Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery! ● Bring your own charger; only plug into wall sockets (110v AC).
Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery! ● Bring your own charger; only plug into wall sockets (110v AC).
My 0.02 ● For business it's a matter of policy. ● For users it's a matter of not forgetting. ● Remember your charger or backup power source/battery. ● The iPhone is a serious concern.
Devices Android Majority of roms ship with the “ask before mounting” option. – This differs from rom to rom (check your device.) OS designed with strict security permissions on applications and filesystem. Battery accessible, you can bring another battery or replace the stock battery. Unique risks: – Android debugger – Rooted phones
Devices iPhone ● Design for usability first ● Auto-sync ● No confirmation to mount ● No battery replacements ● Proprietary connector ● Strict after-market control
Juice Jacking 201 Advanced Topics mmHrmm scruffy says there is more here.
Roll your own kiosk ● Push malware to phones ● Pull data from phones ● Foot traffic monitoring (device ID) ● People tracking (device ID)
Attack Existing Kiosks ● Complicated PIN/Video systems likely means a CPU is in the box ● USB interface ● Discrete attack (just plugging in your phone!) ● Requires a detailed knowledge of the Kiosk
Beyond the Kiosk ● Forget everything about the Kiosk. ● Transfer the attacks to a Laptop/PC. ● Use infected phones to spread Malware. ● Everyone brings their phones to work, plenty of those people will 'charge' at their desk.
Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port.
Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port. ● The complexity goes beyond the Kiosk. – Malware infecting PCs/Laptops used to infect phones. – Phones used to infect PCs/Laptops and Kiosks.
Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port. ● The complexity goes beyond the Kiosk. – Malware infecting PCs/Laptops used to infect phones. – Phones used to infect PCs/Laptops and Kiosks. ● It isn't just phone malware. – Monitoring/Tracking people based on USB device ID – Stolen personal information, Blackmail, etc...
Thank You! ● Wall of Sheep ● Iggy, Riverside and Cedoxx ● Toorcon ● Irvine Underground Contact Information: Robert Rowley, Robert@RobRowley.com

Recomendados

Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
ritik shukla
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
IT Security DOs and DONTs
IT Security DOs and DONTsIT Security DOs and DONTs
IT Security DOs and DONTs
IT Tech
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security
9784
 
Cse mobile phone cloning ppt
Cse mobile phone cloning pptCse mobile phone cloning ppt
Cse mobile phone cloning ppt
Hema Sharma
 
Mobile phone-cloning
Mobile phone-cloningMobile phone-cloning
Mobile phone-cloning
Shishupal Nagar
 
iot based home automation
iot based home automationiot based home automation
iot based home automation
parvathy s m
 
Mian
MianMian
Mian
Dom Mike
 

Recomendados

Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
ritik shukla
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
IT Security DOs and DONTs
IT Security DOs and DONTsIT Security DOs and DONTs
IT Security DOs and DONTs
IT Tech
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security
9784
 
Cse mobile phone cloning ppt
Cse mobile phone cloning pptCse mobile phone cloning ppt
Cse mobile phone cloning ppt
Hema Sharma
 
Mobile phone-cloning
Mobile phone-cloningMobile phone-cloning
Mobile phone-cloning
Shishupal Nagar
 
iot based home automation
iot based home automationiot based home automation
iot based home automation
parvathy s m
 
Mian
MianMian
Mian
Dom Mike
 
wireless usb ppt
wireless usb pptwireless usb ppt
wireless usb ppt
Chaithanya Adudodla
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
sweetpeace1
 
Electronics project presentation
Electronics project presentationElectronics project presentation
Electronics project presentation
Zahidul Islam Razu
 
Presentation on cyber crime
Presentation on cyber crimePresentation on cyber crime
Presentation on cyber crime
SMSumon8
 
Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2
DallasHaselhorst
 
Network security
Network securityNetwork security
Network security
Nandini Raj
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
Wireless USB
Wireless USBWireless USB
Wireless USB
Ankit Joshi
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
Rubal Sagwal
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AbhishekDas794104
 
Home automation
Home automationHome automation
Home automation
Rupshanker Mishra
 
Mobile jammer
Mobile jammerMobile jammer
Mobile jammer
Avay Minni
 
Internet of things for Smart Home
Internet of things for Smart Home Internet of things for Smart Home
Internet of things for Smart Home
Khwaja Aamer
 
bluejacking.ppt
bluejacking.pptbluejacking.ppt
bluejacking.ppt
Aeman Khan
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
VedangiBrahmbhatt
 
Cloning. (4)
Cloning. (4)Cloning. (4)
Cloning. (4)
Jagjit Khalsa
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for students
Kandarp Shah
 
Wi-Vi Technology
Wi-Vi TechnologyWi-Vi Technology
Wi-Vi Technology
Aman Raj
 
Cybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile WorldCybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile World
Ahmed Abu Eldahab
 
Smart Home Automation And security System
Smart Home Automation And security SystemSmart Home Automation And security System
Smart Home Automation And security System
Amit Kundu
 
“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
Edge AI and Vision Alliance
 
Neo900: Crafting The Private Phone
Neo900: Crafting The Private PhoneNeo900: Crafting The Private Phone
Neo900: Crafting The Private Phone
Sebastian Krzyszkowiak
 

Más contenido relacionado

La actualidad más candente

Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2
DallasHaselhorst
 
bluejacking.ppt
bluejacking.pptbluejacking.ppt
bluejacking.ppt
Aeman Khan
 

La actualidad más candente (20)

wireless usb ppt
wireless usb pptwireless usb ppt
wireless usb ppt
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
Electronics project presentation
Electronics project presentationElectronics project presentation
Electronics project presentation
 
Presentation on cyber crime
Presentation on cyber crimePresentation on cyber crime
Presentation on cyber crime
 
Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2
 
Network security
Network securityNetwork security
Network security
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
 
Wireless USB
Wireless USBWireless USB
Wireless USB
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Home automation
Home automationHome automation
Home automation
 
Mobile jammer
Mobile jammerMobile jammer
Mobile jammer
 
Internet of things for Smart Home
Internet of things for Smart Home Internet of things for Smart Home
Internet of things for Smart Home
 
bluejacking.ppt
bluejacking.pptbluejacking.ppt
bluejacking.ppt
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
 
Cloning. (4)
Cloning. (4)Cloning. (4)
Cloning. (4)
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for students
 
Wi-Vi Technology
Wi-Vi TechnologyWi-Vi Technology
Wi-Vi Technology
 
Cybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile WorldCybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile World
 
Smart Home Automation And security System
Smart Home Automation And security SystemSmart Home Automation And security System
Smart Home Automation And security System
 

Similar a Juice Jacking 101

“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
Edge AI and Vision Alliance
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hack
Slawomir Jasek
 
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
Hackito Ergo Sum
 
Hugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric ImpHugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric Imp
Business of Software Conference
 
CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...
CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...
CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...
CODE BLUE
 

Similar a Juice Jacking 101 (20)

“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
“Secure Hardware Architecture for Embedded Vision,” a Presentation from Neuro...
 
Neo900: Crafting The Private Phone
Neo900: Crafting The Private PhoneNeo900: Crafting The Private Phone
Neo900: Crafting The Private Phone
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hack
 
Security Issues in Android Custom ROM
Security Issues in Android Custom ROMSecurity Issues in Android Custom ROM
Security Issues in Android Custom ROM
 
Security Issues in Android Custom Rom
Security Issues in Android Custom RomSecurity Issues in Android Custom Rom
Security Issues in Android Custom Rom
 
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
 
What is being exposed from IoT Devices
What is being exposed from IoT DevicesWhat is being exposed from IoT Devices
What is being exposed from IoT Devices
 
SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013SmartDevCon - Katowice - 2013
SmartDevCon - Katowice - 2013
 
Introduction to computers
Introduction to computersIntroduction to computers
Introduction to computers
 
OWASP Cambridge Chapter Meeting 13/12/2016
OWASP Cambridge Chapter Meeting 13/12/2016OWASP Cambridge Chapter Meeting 13/12/2016
OWASP Cambridge Chapter Meeting 13/12/2016
 
Hugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric ImpHugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric Imp
 
Mickey pacsec2016_final
Mickey pacsec2016_finalMickey pacsec2016_final
Mickey pacsec2016_final
 
CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...
CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...
CODE BLUE 2014 : DeviceDisEnabler : A hypervisor which hides devices to prote...
 
IoT Session Thomas More
IoT Session Thomas MoreIoT Session Thomas More
IoT Session Thomas More
 
Cc internet of things @ Thomas More
Cc internet of things @ Thomas MoreCc internet of things @ Thomas More
Cc internet of things @ Thomas More
 
BadUSB, and what you should do about it
BadUSB, and what you should do about itBadUSB, and what you should do about it
BadUSB, and what you should do about it
 
Алексей Мисник - USB устройства для пентеста
Алексей Мисник - USB устройства для пентестаАлексей Мисник - USB устройства для пентеста
Алексей Мисник - USB устройства для пентеста
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
 
Ple18 web-security-david-busby
Ple18 web-security-david-busbyPle18 web-security-david-busby
Ple18 web-security-david-busby
 
Mbs f41 a
Mbs f41 aMbs f41 a
Mbs f41 a
 

Más de Robert Rowley

Más de Robert Rowley (7)

WordPress Security (know your enemy WordCamp Kyoto)
WordPress Security (know your enemy WordCamp Kyoto)WordPress Security (know your enemy WordCamp Kyoto)
WordPress Security (know your enemy WordCamp Kyoto)
 
Detecting and Defending Your Privacy Against State-Actor Surveillance
Detecting and Defending Your Privacy Against State-Actor SurveillanceDetecting and Defending Your Privacy Against State-Actor Surveillance
Detecting and Defending Your Privacy Against State-Actor Surveillance
 
Privacy; Past, Present and Future
Privacy; Past, Present and FuturePrivacy; Past, Present and Future
Privacy; Past, Present and Future
 
Wordpress Security 101
Wordpress Security 101Wordpress Security 101
Wordpress Security 101
 
State of Web App Security 2012
State of Web App Security 2012State of Web App Security 2012
State of Web App Security 2012
 
Nmap Scripting Engine and http-enumeration
Nmap Scripting Engine and http-enumerationNmap Scripting Engine and http-enumeration
Nmap Scripting Engine and http-enumeration
 
Teaching Your WAF New Tricks
Teaching Your WAF New TricksTeaching Your WAF New Tricks
Teaching Your WAF New Tricks
 

Último

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 

Juice Jacking 101

  • 2. What is juice jacking?
  • 4. The Build Hardware ● EeePC ● Box ● Lots of USB cables Software ● Linux (liveCD) ● USButils package ● Custom shell code
  • 6. Put it in a box
  • 7. Put it in a box
  • 8.
  • 9.
  • 11. The Deployment @ Defcon Largest Hacker Conference. Attendees treat it a lot like the wild west. – This means the kiosk will now become a target.
  • 13. The Media ● Krebs on Security
  • 14. The Media ● Krebs on Security ● TG Daily
  • 15. The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404”
  • 16. The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404” ● MSNBC -- Technolog
  • 17. The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404” ● MSNBC -- Technolog ● PC world
  • 19. Don't get jacked. ● USB cable neutering (removing data pin)
  • 20. Don't get jacked. ● USB cable neutering (removing data pin)
  • 21. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device
  • 22. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access
  • 23. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery!
  • 24. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery! ● Bring your own charger; only plug into wall sockets (110v AC).
  • 25. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery! ● Bring your own charger; only plug into wall sockets (110v AC).
  • 26. My 0.02 ● For business it's a matter of policy. ● For users it's a matter of not forgetting. ● Remember your charger or backup power source/battery. ● The iPhone is a serious concern.
  • 27. Devices Android Majority of roms ship with the “ask before mounting” option. – This differs from rom to rom (check your device.) OS designed with strict security permissions on applications and filesystem. Battery accessible, you can bring another battery or replace the stock battery. Unique risks: – Android debugger – Rooted phones
  • 28. Devices iPhone ● Design for usability first ● Auto-sync ● No confirmation to mount ● No battery replacements ● Proprietary connector ● Strict after-market control
  • 29. Juice Jacking 201 Advanced Topics mmHrmm scruffy says there is more here.
  • 30. Roll your own kiosk ● Push malware to phones ● Pull data from phones ● Foot traffic monitoring (device ID) ● People tracking (device ID)
  • 31. Attack Existing Kiosks ● Complicated PIN/Video systems likely means a CPU is in the box ● USB interface ● Discrete attack (just plugging in your phone!) ● Requires a detailed knowledge of the Kiosk
  • 32. Beyond the Kiosk ● Forget everything about the Kiosk. ● Transfer the attacks to a Laptop/PC. ● Use infected phones to spread Malware. ● Everyone brings their phones to work, plenty of those people will 'charge' at their desk.
  • 33. Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port.
  • 34. Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port. ● The complexity goes beyond the Kiosk. – Malware infecting PCs/Laptops used to infect phones. – Phones used to infect PCs/Laptops and Kiosks.
  • 35. Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port. ● The complexity goes beyond the Kiosk. – Malware infecting PCs/Laptops used to infect phones. – Phones used to infect PCs/Laptops and Kiosks. ● It isn't just phone malware. – Monitoring/Tracking people based on USB device ID – Stolen personal information, Blackmail, etc...
  • 36. Thank You! ● Wall of Sheep ● Iggy, Riverside and Cedoxx ● Toorcon ● Irvine Underground Contact Information: Robert Rowley, Robert@RobRowley.com

Notas del editor

  1. Id4con Drunken idea … really. Design and team came together @ ID4Con. Let's build a fake cell charging kiosk
  2. ID4CON 2011 Put together in the following weeks (July 4 th → Defcon August 7 th )
  3. Both have security concerns
  4. You are right to think “who the hell would plug into this PoS?” we were too...
  5. So ugly, who would plug in to it?
  6. The “other” charge station, and guiding people along “Burn” phones Reality, noone attacked the kiosk, people still trusted it. And preferred it to the pay kiosk that was at the hotel Reactions: From distrusting, to not caring, to changing corporate policy.
  7. Was fun. … maybe a demo of the kiosk.
  8. Was fun. … maybe a demo of the kiosk.
  9. Was fun. … maybe a demo of the kiosk.
  10. Was fun. … maybe a demo of the kiosk.
  11. Was fun. … maybe a demo of the kiosk.
  12. Was fun. … maybe a demo of the kiosk.