Your SlideShare is downloading. ×
0
Juice Jacking 101
Chicago 2012
What is juice jacking?
One great drunkpiphany
The Build
Hardware
● EeePC
● Box
● Lots of USB cables
Software
● Linux (liveCD)
● USButils package
● Custom shell code
First you hack
Put it in a box
Put it in a box
Yea, it worked
The Deployment @ Defcon
Largest Hacker Conference.
Attendees treat it a lot like the wild west.
– This means the kiosk wil...
The Media
The Media
● Krebs on Security
The Media
● Krebs on Security
● TG Daily
The Media
● Krebs on Security
● TG Daily
● CNET -- “the 404”
The Media
● Krebs on Security
● TG Daily
● CNET -- “the 404”
● MSNBC -- Technolog
The Media
● Krebs on Security
● TG Daily
● CNET -- “the 404”
● MSNBC -- Technolog
● PC world
Don't get jacked.
Ideas?
???
Don't get jacked.
● USB cable neutering (removing data pin)
Don't get jacked.
● USB cable neutering (removing data pin)
Don't get jacked.
● USB cable neutering (removing data pin)
● Powering off the device
Don't get jacked.
● USB cable neutering (removing data pin)
● Powering off the device
● Confirmation required for mounting...
Don't get jacked.
● USB cable neutering (removing data pin)
● Powering off the device
● Confirmation required for mounting...
Don't get jacked.
● USB cable neutering (removing data pin)
● Powering off the device
● Confirmation required for mounting...
Don't get jacked.
● USB cable neutering (removing data pin)
● Powering off the device
● Confirmation required for mounting...
My 0.02
● For business it's a matter of policy.
● For users it's a matter of not forgetting.
● Remember your charger or ba...
Devices
Android
Majority of roms ship with the “ask before mounting” option.
– This differs from rom to rom (check your de...
Devices
iPhone
● Design for usability first
● Auto-sync
● No confirmation to mount
● No battery replacements
● Proprietary...
Juice Jacking 201
Advanced Topics
mmHrmm scruffy says there is more here.
Roll your own kiosk
● Push malware to phones
● Pull data from phones
● Foot traffic monitoring (device ID)
● People tracki...
Attack Existing Kiosks
● Complicated PIN/Video systems likely means a
CPU is in the box
● USB interface
● Discrete attack ...
Beyond the Kiosk
● Forget everything about the Kiosk.
● Transfer the attacks to a Laptop/PC.
● Use infected phones to spre...
Summary
● The core threat isn't the kiosk, it is:
– A design that chose usability over security.
– Data transfer and charg...
Summary
● The core threat isn't the kiosk, it is:
– A design that chose usability over security.
– Data transfer and charg...
Summary
● The core threat isn't the kiosk, it is:
– A design that chose usability over security.
– Data transfer and charg...
Thank You!
● Wall of Sheep
● Iggy, Riverside and Cedoxx
● Toorcon
● Irvine Underground
Contact Information: Robert Rowley,...
Juice Jacking 101
Juice Jacking 101
Upcoming SlideShare
Loading in...5
×

Juice Jacking 101

1,102

Published on

Juice Jacking 101 covers the hisotry behind why and what we learned from building malicious cell phone charging kiosks (and then setting them up at various hacker conferences)

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,102
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Id4con Drunken idea … really. Design and team came together @ ID4Con. Let's build a fake cell charging kiosk
  • ID4CON 2011 Put together in the following weeks (July 4 th → Defcon August 7 th )
  • Both have security concerns
  • You are right to think “who the hell would plug into this PoS?” we were too...
  • So ugly, who would plug in to it?
  • The “other” charge station, and guiding people along “Burn” phones Reality, noone attacked the kiosk, people still trusted it. And preferred it to the pay kiosk that was at the hotel Reactions: From distrusting, to not caring, to changing corporate policy.
  • Was fun. … maybe a demo of the kiosk.
  • Was fun. … maybe a demo of the kiosk.
  • Was fun. … maybe a demo of the kiosk.
  • Was fun. … maybe a demo of the kiosk.
  • Was fun. … maybe a demo of the kiosk.
  • Was fun. … maybe a demo of the kiosk.
  • Transcript of "Juice Jacking 101"

    1. 1. Juice Jacking 101 Chicago 2012
    2. 2. What is juice jacking?
    3. 3. One great drunkpiphany
    4. 4. The Build Hardware ● EeePC ● Box ● Lots of USB cables Software ● Linux (liveCD) ● USButils package ● Custom shell code
    5. 5. First you hack
    6. 6. Put it in a box
    7. 7. Put it in a box
    8. 8. Yea, it worked
    9. 9. The Deployment @ Defcon Largest Hacker Conference. Attendees treat it a lot like the wild west. – This means the kiosk will now become a target.
    10. 10. The Media
    11. 11. The Media ● Krebs on Security
    12. 12. The Media ● Krebs on Security ● TG Daily
    13. 13. The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404”
    14. 14. The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404” ● MSNBC -- Technolog
    15. 15. The Media ● Krebs on Security ● TG Daily ● CNET -- “the 404” ● MSNBC -- Technolog ● PC world
    16. 16. Don't get jacked. Ideas? ???
    17. 17. Don't get jacked. ● USB cable neutering (removing data pin)
    18. 18. Don't get jacked. ● USB cable neutering (removing data pin)
    19. 19. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device
    20. 20. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access
    21. 21. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery!
    22. 22. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery! ● Bring your own charger; only plug into wall sockets (110v AC).
    23. 23. Don't get jacked. ● USB cable neutering (removing data pin) ● Powering off the device ● Confirmation required for mounting/debug access ● Bring a backup battery! ● Bring your own charger; only plug into wall sockets (110v AC).
    24. 24. My 0.02 ● For business it's a matter of policy. ● For users it's a matter of not forgetting. ● Remember your charger or backup power source/battery. ● The iPhone is a serious concern.
    25. 25. Devices Android Majority of roms ship with the “ask before mounting” option. – This differs from rom to rom (check your device.) OS designed with strict security permissions on applications and filesystem. Battery accessible, you can bring another battery or replace the stock battery. Unique risks: – Android debugger – Rooted phones
    26. 26. Devices iPhone ● Design for usability first ● Auto-sync ● No confirmation to mount ● No battery replacements ● Proprietary connector ● Strict after-market control
    27. 27. Juice Jacking 201 Advanced Topics mmHrmm scruffy says there is more here.
    28. 28. Roll your own kiosk ● Push malware to phones ● Pull data from phones ● Foot traffic monitoring (device ID) ● People tracking (device ID)
    29. 29. Attack Existing Kiosks ● Complicated PIN/Video systems likely means a CPU is in the box ● USB interface ● Discrete attack (just plugging in your phone!) ● Requires a detailed knowledge of the Kiosk
    30. 30. Beyond the Kiosk ● Forget everything about the Kiosk. ● Transfer the attacks to a Laptop/PC. ● Use infected phones to spread Malware. ● Everyone brings their phones to work, plenty of those people will 'charge' at their desk.
    31. 31. Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port.
    32. 32. Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port. ● The complexity goes beyond the Kiosk. – Malware infecting PCs/Laptops used to infect phones. – Phones used to infect PCs/Laptops and Kiosks.
    33. 33. Summary ● The core threat isn't the kiosk, it is: – A design that chose usability over security. – Data transfer and charging happen on the same port. ● The complexity goes beyond the Kiosk. – Malware infecting PCs/Laptops used to infect phones. – Phones used to infect PCs/Laptops and Kiosks. ● It isn't just phone malware. – Monitoring/Tracking people based on USB device ID – Stolen personal information, Blackmail, etc...
    34. 34. Thank You! ● Wall of Sheep ● Iggy, Riverside and Cedoxx ● Toorcon ● Irvine Underground Contact Information: Robert Rowley, Robert@RobRowley.com
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×