poisontap icon indicating copy to clipboard operation
poisontap copied to clipboard

Published 20 hours ago verified publisher icon samyk

PoisonTap on Smartphone in futur ?

Open catest0 opened this issue 6 years ago • 5 comments

A very powerful tool, would like to see it working on for example a Nexus 5... Thanks

catest0 avatar Oct 27 '17 16:10 catest0

@catest0 I have got it working already using OnePlus5.

I think Nexus5 is not capable of emulating ECM Ethernet device as those old devices are using old usb gadget system. However, OnePlus5's usb gadget system is the same as pi zero, so if you also want to make it work on Mac OS, you have to choose a devices which using a new usb gadget system.

simonpunk avatar Dec 25 '17 08:12 simonpunk

@simonpunk Hi, can you explain how you made it work on your smartphone if you don't mind ?

cegi avatar Dec 28 '17 21:12 cegi

@cegi Hi, The most important thing is to flash a fully working nethunter kernel and rewrite some codes based on the original script.

The nethunter Dev team just released out a semifinished kernel for oneplus5, and I just personally managed to finish the rest. It is kinda easy to make it work, but seems no one got time for that.

In the past, nethunter can emulate rndis protocol only, but now with ECM which works on MAC as well. I don't know whether other new devices are using the same USB system as Oneplus5, if so, it may work on those devices too.

For the script running on oneplus5, you may refer to this link nethunter_oneplus5

or refer to this #942

simonpunk avatar Dec 29 '17 03:12 simonpunk

@simonpunk Thanks, i own a Nexus 5, with nethunter on it so i'll try, it might work as the Nexus 5 support ethernet USB so it should be able to emulate ECM. When you say rewrite some codes, are you talking about Nethunter or the Poisontap script ?

cegi avatar Dec 29 '17 14:12 cegi

@cegi You can give it a try to emulate ECM. And I am meaning the scripts such as mubix-lock and poisontap script. But the poistontap script is still not fully working, I don't know why, maybe due to the browser update or OS update, I can't exploit it on both locked Mac or Windows. With unlocked Windows, it can be automatically poisoned as long as you have a browser and a http website running. With unlocked Mac OS, I need to refresh the http website to get it poisoned. So I am still looking for the answer.. maybe you can help to identify where the problems are.

simonpunk avatar Dec 30 '17 06:12 simonpunk