From a76b51c046e9ef2663cdac34beb34b4d4764f5fc Mon Sep 17 00:00:00 2001 From: Flareonz44 Date: Tue, 5 Dec 2023 00:01:38 -0300 Subject: [PATCH] site update --- _posts/blog/2023-12-2-hacking-posnets.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/blog/2023-12-2-hacking-posnets.md b/_posts/blog/2023-12-2-hacking-posnets.md index 687e0b9..7b8cf74 100644 --- a/_posts/blog/2023-12-2-hacking-posnets.md +++ b/_posts/blog/2023-12-2-hacking-posnets.md @@ -30,7 +30,7 @@ There are tons of WiFi attacks out there, but I particularly like one – the De The next step is to set up an Access Point (AP) with an identical SSID as the PosNet's and launch the deauth attack on the original network (not yours – pay attention to the MAC addresses). Probably, someone will complain about it, and someone from the staff will come to solve the problem (in most cases). They will check the WiFi, and here we must be lucky for the staff member to connect to your network rather than the legit one. In general, people tend to choose the first option that matches the known network name, so to force our network to appear first, we must be closer to the device, as it will sort the list based on the strength of the signal. Or you can try to do it yourself at your own risk. Once it is successfully connected, our attack is almost ready. Almost. There's another crucial step that I haven't mentioned yet. -Before all that, you must first set up a fake Bank server. This is the most difficult part since you must simulate all the communication with the PosNet. To do that, you must spend some time analyzing in-depth all the network traffic between the PosNet and the real server (I highly recommend getting yourself a POSNet to analyze securely at home, using Wireshark). There, find a vulnerability in the communication queries, perhaps a generic static successful payout response is enough. +Before all that, you must first set up a fake Bank server. This is the most difficult part since you must simulate all the communication with the PosNet. To do that, you must spend some time analyzing in-depth all the network traffic between the PosNet and the real server (I highly recommend getting yourself a PosNet to analyze securely at home, using Wireshark). There, find a vulnerability in the communication queries, perhaps a generic static successful payout response is enough. Using tools such as `dnsmasq` and `iptables`, you could redirect the network traffic from **auth.real-bank.com** that the PosNet requests to a specific port on your computer's localhost. Then, with some Python 3 code, set up a fake server that accepts any payout request and always returns a successful response. Back at the fast-food restaurant, you only have to deploy the attack. But, where does the watch from the story fit in? Well, we don't want to be caught easily, so grab your Linux laptop with a big battery, make sure it's fully charged, and well packed in your backpack. Then, just use a smartwatch as a remote control to launch the servers, scripts, etc. (A Bluetooth connection and some Python might be enough to achieve this).