Social engineering with very obvious assets blinds you to techno-toolkit.
MILDLY NSFW A Chinese hardware hacker has hidden a penetration-testing toolkit into her high-heeled shoes.
The Wi-Fi-popping platforms were forged in a 3D printer, and contain compartments to smuggle hacking hardware past strict security checks in data centres and the like, and later retrieved.
The hacker and pen-tester, who goes by the handle “SexyCyborg”, showcases the heels she dubs Wu Ying shoes, named after the famed “shadowless kick” that Chinese folk hero Wong Fei Hung used to distract opponents.
The hacker published snaps of the shoes in an Imgur gallery (somewhat NFSW) showing how a router, backup battery, and lock-picking set can be concealed from security guards while on red team penetration tests.
“With my shadowless shoes I distract the target with my upper body and they don’t see the real danger on my feet,” she writes.
“Each shoe has a drawer that can be slid out without my having to take the shoes off [which] can be customised for various payloads.
SexyCyborg says “… my right shoe contains a pen testing drop box which is a wireless router running OpenWRT with a built in rechargeable battery that could either be left running inside the shoe (for war-walking, wifi sniffing and logging) or could be removed and plugged into a convenient open network jack [gaining] gain remote access anytime via SSH tunnel.”
Social engineering penetration testers have various tricks they use to gain access to restricted areas. Staff access badges are frequent targets for cloning as they dangle from waist belts, while polished silver-tongue swindling is a staple for conning helpful employees into opening doors.
She says bringing hacking tools into a security facility by way of a handbag is too conspicuous while policy typically demands mobile phones are left outside.
Her skimpy outfit (NSFW 3D printing gallery) is also a tactical decision: “My typical clothing does not leave room to hide anything, but that’s all the more reason they would not be suspicious of me,” she says.
The Chinese hacker installed the OpenWRT firmware on a TL-MR10U router concealed in a cavity within the heel that runs Wispi and Jasager. Those tools can help the heeled hacker set up rogue access points that trick employees into punching in their enterprise credentials into fake phishing login pages.
“Wispi and pen-test drop boxes should of course should only be experimented with at home for educational purposes; while it’s good to know about this stuff, always obey your local laws,” she says.
Hackers can “go all out” and run Kali and or PwnPi on a Raspberry Pi but the pen tester warns the shoes may start to get heavy.
The hacker has released the 3D-printer blueprints for enterprising hackers to follow and says the heels are strong and safe to wear.