War shipping, hacking corporate WLan with a Raspberry Pi board

Pierluigi Paganini October 05, 2014

Security expert Larry Pesce has designed a war shipping board-sized package that could be used to hack wireless networks through the post.

The corporate espionage is considered one of the most dangerous threats for private business, but also for government entities, we have discussed in the past about various kinds of offensives against targeted networks, but the story that I’m going to tell you is very intriguing.

Security expert Larry Pesce has designed a shipping board-sized package that could be used to hack wireless networks through the ordinary post.

The kit was built on a Raspberry Pi b_ with an AWUS051NH wireless card, a cheap battery charger, kismet and custom software.



The board can be used by a threat actor to target organizations, shipping companies, or any entity along the shipping route.

Security experts use to call “war shipping” the attacks based on hacking hardware which aims to compromise wireless networks from a mail room or absent staff member’s desk.

war shipping hacking board - Pesce

The devices designed by Pesce fits in a standard USPS postal box and is assembled using a low cost board which is configured to implement sniffing and attacking functionalities.
The box also includes a module that implements the geo-location of the device that is used  by attackers to track the package and discover when it will arrive to the final and correct location.

“We wanted to know when it arrived at an appropriate location or very close, when specific networks were in range so we could launch attacks, to make sure we were attacking the right folks and what could be done in transit,” Pesce told Derbycon security delegates. “Maybe [an employee] posts on Twitter ‘hey I just got fired’ and you can ship to them.”

The war shipping kit assembled by Pesce is based on a Raspberry Pi board, it could be programmed with necessary hacking packages and has power issues granting up to 300 hours of power. The device also includes a module to report location without GPS, the choice to not use GPS is to avoid batteries draining.

Pesce’s war shipping kit is able to track package location by calling Apple’s WiFi location mapping through an undocumented API used in the iSniff project.

iSniff GPS is a proof of concept Python application which uses Apple’s location services, combined with data iPhones and iPads disclose when they join wifi networks, to reveal where the package is located.

“It reads in Kismet XML output, reads all BSSIDs, and queries Apple’s undocumented APIs to populate a Google Map,” Pesce said.

Pesce has published the software used for is war shipping kit on GitHub, every users can create its hacking board using it and could also improve it.

War shipping attacks are very insidious and difficult to prevent and mitigate, using it an attacker could deploy “behind the enemy line” its hacking tool. Let’s imagine a similar package that stay in a mail room of a company for an entire weekend

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – War Shipping, hacking)

you might also like

leave a comment