This topic contains 1 reply, has 2 voices, and was last updated by IUsedToBeACave 3 months, 3 weeks ago.
- June 3, 2020 at 8:01 am #259166
– You’re connected to the same wifi network as target
– Target’s firewall blocks all incoming connections on wlan interface, blocks all outgoing on wlan except for VPN IP, allows outgoing on tun0
– Target has no ports open
– Target is running up to date Linux distro
How could you compromise it?
**Assuming direct physical access is out of question.**
- June 3, 2020 at 8:02 am #259168
The obvious first step would be to do the deep nitty gritty research on the exact VPN solution they are using, and look for exploits in that. It’s a long shot but you might as well do the due diligence because that information might help you later on down the road. This is the part where you craft an attack on the particular target. Can you trick them into turning off the VPN? Sure you can’t see the data going through the tunnel, but nothing stops you from MITM the connection and just slowing it down a lot. So that the user gets frustrated and turns it off. Are there other vectors you can exploit? Will they download a cleverly crafted file sent through e-mail, posted on there favorite site, or etc? How much physical access do you have to the device, since being on the same WiFi assumes there is some amount of physical proximity.
You must be logged in to reply to this topic.