New $50 device called Hak5 LAN Turtle can unlock any password protected computer (Windows XP/7/10, Mac OS X El Capitan/Mavericks)
A $50 device and an app are all it takes for someone to get easy access to your computer. Together they can trick your computer into thinking it is a trusted connection and steal your login credentials. Your super strong password will not stop the hackers, no matter how powerful it is.
The potent power of the $50 device called Hak5 LAN Turtle and available on Hakshop here, was demonstrated by a security researcher, Mubix “Rob” Fuller. You can watch the video below to understand what Fuller did :
Fuller used the Hak5 LAN Turtle using the wiki and videos here. Basically the capturing is done with Laurent Gaffié’s Responder so you need to find a way to get Responder onto the device. The Hak5 Turtle already has a module for it.
Fuller also explains why this hack works in his own words :
- Because USB is Plug-and-Play. This means that even if a system is locked out, the device still gets installed. Now, I believe there are restrictions on what types of devices are allowed to install at a locked out state on newer operating systems (Win10/El Capitan), but Ethernet/LAN is definitely on the white list.
- Computers are constantly creating traffic, even if you don’t have any browsers or applications open, and most computers trust their local network for some reason (I know the technical bits on ‘why’, just complaining…)
- Network preference when there are more than gateway or network connection is based on “metrics” on Windows and a combination of metrics and “preference” on OSX, but by default “wired” and “newer/faster” always win out.
Fuller claims he can hack and steal login credentials from a fully locked down workstation in 13 seconds. “The average time for freshly inserted into a locked workstation and by the time I have creds is about 13 seconds, all depends on the system,” Fuller says. Some addition setup I used
Some addition setup I used inotify to watch for a file change in the Responder.db database and shutdown the Armory. This helps finalize file writes as well and giving me an indicator via the LED that creds were obtained,” he adds.
Fuller says that the hack works on the following systems :
- Windows 98 SE
- Windows 2000 SP4
- Windows XP SP3
- Windows 7 SP1
- Windows 10 (Enterprise and Home)
- OSX El Capitan / Mavericks
Fuller says that he has still not tried testing on Linux.
The Fuller’s experiment shows that there is nothing called a safe and secure locked computer and he proves that security is just an illusion. What makes the hack doubly dangerous that the Hak5 LAN Turtle is cheap and publically available for anyone to grab it. Also, Hak5 LAN Turtle being smaller in size is MUCH easier to pass off. You can just carry it in your palm without anybody noticing it and carry out your hack attack. Only one thing though for this hack to work, a hacker needs physical access to the target computer or laptop.
