search

samyk / poisontap

Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
https://samy.pl/poisontap/
6.21k stars 995 forks source link

Stops all internet on the target computer #71

Open LoomyGloomy opened 7 years ago

LoomyGloomy commented 7 years ago

When plugged in it can successfully automatically install itself, but it kills the internet on the machine its plugged into. No animation displays, no cookies collected, the browser just reads unable to connect. I followed the installation guide to the letter and have node js current release. Any thoughts?

wdibi commented 7 years ago

+1 I am having this same issue

samyk commented 7 years ago

PoisonTap is supposed to take over the Internet for the computer, however I'm not sure why you're not seeing the animation. Perhaps an iptables rule is needed to forward all HTTP traffic to the PoisonTap IP (1.0.0.1). You could try ssh'ing to pi@1.0.0.1 and running:

echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 1.0.0.1:80
iptables -t nat -A POSTROUTING -j MASQUERADE
nlacj commented 7 years ago

Same issue here. Using Pi Zero with clean lite install + PoisonTap instructions. I get the same result on Win10 or OSX.

DHCP assigns an IP. (e.g. 1.0.0.15) No internet traffic once connected. I can manually open animation via http://1.0.0.1.
But no internet once connected to the Pi. In other words it does not automatically trigger when a web page call occurs as the host just times out.

If I ssh onto the zero via 1.0.0.1, I can ping the IP on the host I am coming from 1.0.0.15 but nothing else. e.g. 192.168.0.15 (the IP of the host on the local lan) or 192.168.0.1 (the router/internet GW on the local LAN). The Pi zero also does not resolve any DNS requests.

root@poisontap:/etc# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 usb0 169.254.0.0 0.0.0.0 255.255.0.0 U 202 0 0 usb0

root@poisontap:~# iptables-save *nat :PREROUTING ACCEPT [1607:104133] :INPUT ACCEPT [376:22338] :OUTPUT ACCEPT [124:7980] :POSTROUTING ACCEPT [0:0] -A PREROUTING -i usb0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 1337 -A POSTROUTING -j MASQUERADE COMMIT

Checked all the required settings and suspect iptables/routing related issue. Bottom line is the host points to the Pi for the internet and the Pi has no route to the internet other than the host its connected to .... that's point back to the Pi.

wdibi commented 7 years ago

I was able to solve this issue by restarting and following these instructions (scroll to bottom).

KALRONG commented 7 years ago

Ok, Im editing my comment as per further research looks like the no-internet-while-pt-is-connected is intended and the backdoor should only kick in when the PT is disconnected. Looks like the problem in my case is the caching of the backdoor.

himuura commented 6 years ago

So, any solution to this issue? As soon as i connect the rasp, my internet connection goes out. Indeed it syphons cookies, but with an internet connection would be more realistic. I noticed that i only have the route on the script, the 0.0.0.0/0 gw 0.0.0.0. Tried to change the gateway, the OS broke. Anyone has an idea?