Hacking QR Codes with QRGen to Attack Scanning Devices [Tutorial]
Summary
TLDRThis episode of Cyber Weapons Lab explores QR Gen, a tool that encodes exploits into QR codes to test device vulnerabilities. The video demonstrates how QR codes, widely used due to their ease of creation and reading, can pose security risks if the devices scanning them are not regularly updated. The tutorial guides viewers through setting up QR Gen on a Linux system, installing necessary libraries, and generating QR codes with various payloads. It also showcases creating custom wordlists and testing the QR codes on an Android phone to illustrate potential security breaches. The video concludes with a cautionary note on the responsible use of such tools.
Takeaways
- 📱 QR codes are prevalent due to their ease of creation and compatibility with many devices.
- 🛠️ Devices that scan QR codes might have vulnerabilities due to infrequent updates.
- 💻 The tool 'QR Gen' is introduced to encode exploits into QR codes for testing purposes.
- 🐍 Python is required to use QR Gen, and the setup process is outlined in the script.
- 🔧 QR Gen is easy to install on Linux systems, with a minor correction needed for the execution script.
- 📚 It includes a 'requirements.txt' file for necessary libraries, simplifying the setup process.
- 🔑 QR Gen offers two options for generating QR codes: using a word list or selecting from pre-installed exploit lists.
- 🔍 The tool can generate QR codes with various payloads, such as command injection, to test device vulnerabilities.
- 📱 The script demonstrates testing QR codes on an Android phone to see how it interprets the malicious payloads.
- ⚠️ It's emphasized that testing QR Gen should only be done on non-critical devices with permission to avoid causing harm or disruption.
Q & A
What is the main focus of the 'Cyber Weapons Lab' episode described in the transcript?
-The main focus of the episode is exploring a tool that can encode exploits into QR codes, which when scanned by vulnerable devices, could potentially execute malicious code.
Why are QR codes prevalent in various industries such as concerts and grocery stores?
-QR codes are prevalent because they are easy to create, easy to use, and most people have devices capable of reading them.
What vulnerabilities are associated with devices that read QR codes?
-Devices that read QR codes often have vulnerabilities because they are usually not updated very often, which can lead to exploitation.
What tool is used in the episode to generate malicious QR codes?
-The tool used is called 'QR Gen', which is used to encode various exploit payloads into QR codes.
What programming language is required to use QR Gen, and what is the recommended operating system?
-Python is required to use QR Gen, and the recommended operating system is Linux, specifically Kali Linux.
How does the QR Gen tool work, and what kind of payloads can it encode?
-QR Gen works by encoding a variety of exploit payloads into QR codes, such as cross-site scripting, SQL injections, and command injections.
What is the purpose of the 'requirements.txt' file in the QR Gen tool?
-The 'requirements.txt' file lists all the necessary libraries needed to run the QR Gen tool, and it can be used with pip3 to install these libraries easily.
How can users create custom wordlists for QR Gen?
-Users can create custom wordlists by using a text editor like 'nano' to create a 'wordlist.txt' file and then adding their own payloads to it.
What is the significance of the 'tak l' option in QR Gen?
-The 'tak l' option allows users to select from preinstalled lists of common exploits that could be used against unpatched services or vulnerable systems.
What is the potential risk of testing QR Gen on a critical device without permission?
-Testing QR Gen on a critical device without permission could potentially cause it to malfunction, display erratic behavior, or even be disabled, leading to serious consequences.
What precautions are advised when using QR Gen to test for vulnerabilities?
-It is advised to only test QR Gen on devices where you have permission and to avoid testing on critical devices that are about to be used, to prevent unintended consequences.
Outlines
📱 Exploring QR Code Vulnerabilities
The script introduces a tool called QR Gen, designed to exploit vulnerabilities in devices that scan QR codes. QR codes are prevalent due to their ease of creation and use, often leading to outdated scanning devices with exploitable weaknesses. The tool encodes popular exploits into QR codes, aiming to execute code when scanned. The setup requires Python and can be easily installed on a Linux system, with a specific mention of Kali Linux. The script highlights a minor issue with the execution script's naming but emphasizes the ease of setup. It also mentions the tool's ability to generate QR codes with various payloads, such as cross-site scripting or SQL injections, and introduces the word list feature for custom payload creation.
🔍 Testing QR Code Exploits
This paragraph delves into the practical application of the QR Gen tool by generating QR codes with custom and pre-installed exploit payloads. It discusses the process of selecting and generating malicious QR codes, which are then tested on an Android phone to observe the device's reaction. The script illustrates how these QR codes can induce unexpected behavior in devices, such as ticket scanners or supermarket scanners, if they are vulnerable. The demonstration includes reading out the payloads, which can contain malicious commands like accessing unauthorized directories or executing system commands. The script concludes with a cautionary note on the responsible use of such tools, emphasizing the importance of having permission before testing and suggesting the tool's value for penetration testers to discover new vulnerabilities in QR code systems.
Mindmap
Keywords
💡QR codes
💡Vulnerabilities
💡Custom tools
💡Python
💡Exploits
💡QR Gen
💡Wordlist
💡Payloads
💡Penetration testing
💡Malicious QR codes
💡Ethical considerations
Highlights
Exploring a tool to hack devices that scan QR codes.
QR codes are ubiquitous due to their ease of creation and use.
Devices reading QR codes often have vulnerabilities due to infrequent updates.
Introducing a tool that encodes exploits into QR codes for device scanning.
The tool requires Python and can be set up with a Linux system.
QR Gen is a tool that generates QR codes with embedded exploits.
The tool is easy to install on Kali Linux and has a straightforward setup process.
QR Gen has a built-in list of various payloads for different types of attacks.
Users can create custom wordlists for generating QR codes with specific payloads.
The tool can generate QR codes for command injection and other exploits.
Demonstration of generating malicious QR codes using custom and preinstalled lists.
Testing the generated QR codes on an Android phone to see the payloads.
The QR codes can potentially induce strange behavior in devices like ticket scanners or supermarket scanners.
The tool is useful for pen testers to find vulnerabilities in QR code implementations.
QR Gen is highly customizable, allowing for the creation of various payloads.
A cautionary note on testing the tool on non-critical devices with permission.
The tool can be used to discover problems in device configurations that could be exploited.
The episode concludes with a call to action for feedback and suggestions for future episodes.
Transcripts
QR codes are everywhere and today we'll
explore a tool that can help us hack
devices that can scan them on this
episode of cyber weapons lab
[Music]
[Applause]
[Music]
if you've been to a concert lately you
might have noticed one thing that most
of the tickets have in common and that
is QR codes now the reason that QR codes
are everywhere is because they're easy
to create they're easy to use and most
people have devices that are capable of
reading them because of this there's
also a variety of different custom tools
that things like grocery stores or
ticket scanners will use in order to
read QR codes and often these devices
will have vulnerabilities because
they're usually not updated very often
now today we're going to look at a tool
that will basically encode some popular
exploits into QR codes hoping that when
a device scans it it'll read it and then
actually execute the code now in order
to do this we'll need to have Python and
if you have any trouble setting this up
you can also check out the null byte
article linked in the description as
soon as you have a Linux system ready to
go with Python installed then we're
ready to begin today we're going to use
a tool called QR gen and this is really
interesting because there's a lot of
devices that are customized for various
applications that might be running
services that are vulnerable to various
types of attacks now this is also super
easy to install and in order to do so
you'll just need a Linux system although
I actually have not tried this on Mac OS
and it may work as well but because it's
Python I figured I would try it on Kali
Linux and lo and behold it worked the
first time without any complications
except one little quirk in the way that
this is written and that's actually the
execution script is not right that's it
says QR code pi it's QR Gen dot pi but
aside from that these instruction
instructions are actually kind of a
breeze to set up so first we are going
to copy this and in a fresh terminal
window we're going to paste the git
clone command and here it's gonna fail
because I already have this path but if
you didn't have this installed then it
would download everything in the github
directory to your folder that you're
currently in so once we CD change
directory into hue our gen we can type
LS and see all the various files that
are there
and there is a requirements text file
which is really useful because it has
all the various libraries that we'll
need to run this so if we want to do it
easily we can follow the instructions
here and use pip3 install tack
requirements text which is a easy way of
using pep 3 or if you just have pep you
can use Python 3 tack em pip install
tack our requirements text obviously the
first one is a little bit shorter so I
like it more so once we do this it
should go through and make sure we have
all the various libraries we need to use
this Python tool when it finishes
installing then we should be able to
just run it and see what happens so
again if we that's actually just still
there we can see it's QR Gen dot pi so
after running Python 3 Q our agenda PI
we can see that we can now select one of
two different options either a word list
or tock elf or a number now this is
where things get interesting because it
has a built-in list of various different
payloads that could be useful depending
on what you're going after now this
could be cross-site scripting SQL
injections or a variety of different
other things so we're going to use I
guess let's see maybe a command
injection as an example of the various
types of QR codes you can generate that
might be malicious depending on whether
or not a particular device is vulnerable
now I also want to show off the word
list feature if we want to create a new
wordlist we can say nano word list dot
text and type in a couple random
payloads these aren't real
and then I'll add another one
all right now we have our malicious code
it looks really bad we'll save it and if
I type LS again we should now see we
have our word list text so if we want to
go back up and run Python 3 QR code QR
Gen hi tak W and then requirements dot
text it should generate some QR codes
let's see-oh need to be together it
should generate some QR codes based on
the payloads that we ourselves created
and we'll test that in a little bit when
we test some of the malicious ones that
we generate as well now the next thing
we can do is actually use the tak l
option to select one of the preinstalled
lists which include a variety of
different common exploits for maybe an
unpatched service that's using SQL or
something that might be vulnerable to
something like string fuzzing now I
guess let's see we'll select number two
for command injection and we'll tie tack
L and then just - and we'll see if we
can get this to generate some malicious
QR codes for us to test now if I go to
the folder I might even be able to see
these being created and as you can see
we have a whole bunch of QR codes if the
system is creating right now and if we
go we can see there we go we have a lot
of different malicious QR codes we can
now test so this is the perfect testbed
for anyone who wants to take a device
and test it so we're gonna go ahead and
take an Android phone and see if we can
read these and if so what it actually
sees I don't expect it will be able to
actually exploit it but if we were
running something like a ticket scanner
or something at a grocery store it's
likely we would be able to induce some
strange behavior
all right so now we're going to go ahead
and test the payloads that we created
and to do that we'll use this QR code
reader and see what we can actually pull
out of the payloads and it pulls them
out rather quickly so I'm gonna have to
limit the ones that I have on screen so
it doesn't just immediately grab them so
let's go ahead and pick one of the first
ones we did and we can see that this is
QR code it actually actually wasn't able
to display all the way oh we can see the
pipe character so this is actually it
looks like it's interpreting it I
remember typing the pipe character into
the payloads that we generated and as we
read these we can see that they are
unusual or like break characters you can
see this is a trying to get it to escape
and then try to ping something so if
something has network activity this one
is trying to et Cie into a password
directory and it could display the
password to the device on the screen
this is requesting the ID of the device
so as you can see these usually consist
of something like a pipe symbol
something that is trying to get us to be
able to either access more parts of the
device that we shouldn't have access to
or actually do something that we're just
really not supposed to do and here we go
that's some really malicious looking
code that will probably get us deeper
into maybe a database or some other
thing that uses structured calls that is
an expecting a call like this and would
escape it and then attempt to run
something like this such as this dollar
sign and then in closed string Who am I
so as you can see there are a bunch of
different malicious things that we could
now run on something that we have
permission to and potentially discover a
number of different problems in the way
that this device is configured that
could allow someone with a single
malicious timaya command to get a whole
bunch of free tickets a special price on
groceries or some other thing that you
didn't intend on when you design your
system so this is a great way of making
sure that there aren't any
vulnerabilities in a QR code
implementation or if you're a pen tester
maybe find an interesting
way of exploiting something that nobody
else has thought of through a network
connected device that maybe whoa this is
a big one a network connected device
that maybe uses something like QR codes
in order to process stuff so this is I
think a really exciting project and the
more exploits you can think of the more
you can cram into this because it's
highly customizable and allows you to
create payloads for whatever you want
QR gen can create a lot of different QR
codes that may or may not be effective
against a particular device that scans
QR codes now this could be a ticket
scanner it could be a supermarket
scanner or it could be someone's cell
phone but in general it's not a great
idea to test this against something
really critical or something you don't
have permission to because depending on
the payload it could potentially disable
it or cause it to display erratic
behavior if you're at work and choose to
test this on your ticket scanner right
before a big concert you could get in a
lot of trouble so please make sure that
your permission to do so and that you're
not testing this on a critical device
that's about to be used if you have any
problems testing this you can check out
the null byte article link in the
description and you can also hit me up
on Twitter if you have any ideas for
future episodes that's all we have for
this episode of cyber weapons lab make
sure to LIKE comment and subscribe and
we'll see you next time
関連動画をさらに表示
CARA MUDAH MEMBUAT ABSEN QR CODE
【意外と知らない】スマホ画面にQRコードが表示されたら?覚えるべきたった一つの方法
How To Accept Online Payments On Website | Free Payment Gateway (2024)
Como o QR Code funciona?
How to Ship on Ebay Without Printing a Label | Shipping without a Printer from Your Phone QR Code
QR Code Makeup on ComfyUI using ControlNet Brightness Method. (MacBook Pro Intel i7/i9 )
5.0 / 5 (0 votes)