ZSUN Wifi Card Reader

Dirt  cheap wifi swiss army knife

 

The Hardware

 

  • AR9331 SoC 400Mhz

  • 64MB RAM

  • 802.11n

  • 16MB SPI Flash

  • GL827L USB SD Card Reader

  • Ethernet port

  • 4 GPIO pins

  • 100% Compatible with Linux

Similar boards on the market

  • Domino IO
  • Black Swift
  • Onion Omega
  • etc

Best things about ZSUN Wifi

  • Cheaper ( around 8EUR )
  • Nice looking enclosure
  • Memory Card reader
  • OpenWRT compatible

Great Hacking playgound

Hacking tools readily available

  • Aircrack
  • Kismet
  • Ettercap
  • Reaver
  • Dsniff
  • The list goes on...

The PoC

DNS server redirecting all domain resolutions to the router itself.

Multiple ESSIDs that mimmic Popular Open Networks ( Zon Free, Meo Wifi, Porto Digital, etc)

Nginx serving several Phishing pages 

  • User connects to an open network ( automatically if it's n known one)
  • Any page that it tries to open it's redirected to the phishing page crafted for that network.
  • It can then be redirected to other phishing pages ( e.g. facebook, gmail, etc)
  • Credentials are then stored for later review

Examples

Results

Potential usages

  • Phishing ( as seen before, or even just as a cookie hijacker )
  • Malware distribution ( e.g. "Please install this application to procede)
  • Wireless sniffer ( Kismet sniffing packets for later review)
  • Wireless cracker
  • etc ..

Preventive measures

  • Avoid using plaing text connections 
  • Avoid using public networks
  • Never install unknown software

Why is this possible?

  • Lack of knowledge from users ( too much trust/faith in unknown networks)
  • Misconfigured web applications that do not enforce security measures (e.g. HSTS)

THE END 

Have this Darth Vader Potato

Made with Slides.com