netsec

1188 readers

1 users here now

Technical news and discussion of information security.

Rules:

Be excellent to each other
Keep it on topic
Absolutely no PII or doxing
No disclosure posts

founded 1 year ago

MODERATORS

[email protected]

Auto DNS poisoning: while charging Android smartphone via computer it is possible to perform automated and even remotely controlled DNS poisoning without any user interaction (www.mobile-hacker.com)

submitted 9 months ago by [email protected] to c/[email protected]

8 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago) (1 children)

No one pays attention to the prompts. If you've ever watched a standard computer user they click away a prompt as fast as it appears without even reading it.

[–] [email protected] 1 points 8 months ago

So I understand better, could you explain the scenario where you would use this and what it would get you as the attacker?

Is it like: "Hey bud, please plug my phone into your computer." Then, they click through everything, you get privileged execution, and you choose to modify the hosts file?

You believe that would have a high chance of success? What do you get afterwards?