samy kamkar

Sure, if someone wants to implement this

Why?

Sounds cool. They're separated out into functions, although the cookie siphoning + cache poisoning are joined for efficiency (cookie siphoned upon HTTP request, cache poisoned via the response)

Well, all of the attacks require the injection of target_injected_xhtmljs.html + the running Node server (pi_poisontap.js) to deliver payloads and log cookies.

I've also tested on a Windows 10 machine without requiring installing anything. Perhaps some versions come with the driver installed. @mwwhited sounds like you're more familiar with this area, do...

Thanks for sharing @brew-ninja, appreciate the help!

Oh awesome! I don't have Windows available anymore but I will attempt to test on macOS 10.12.1. Someone able to test on Linux would be helpful too.

@AddaxSoft did you try the EV3 USB VID/PID in pi_startup.sh? ```sh echo 0x04b3 > idVendor echo 0x4010 > idProduct ```

You may want to try this version which has automatic OS detection and adjusts setup based on it: https://github.com/wismna/HackPi

Awesome! Will you be able to submit a pull request?