Skip to content
/ Using_Lego_as_a_Malware_Attack_Vector Public

🧱🧱🧱Simple demonstration on how to make LEGO a vector for propagating malware.🧱🧱🧱

7 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JonnyBanana/Using_Lego_as_a_Malware_Attack_Vector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

85 Commits
IMG
IMG
 
 
README.md
README.md
 
 

Repository files navigation

Using Lego as a Malware Attack Vector

Simple demonstration on how to make LEGO a vector for propagating malware.



One day I asked myself ...
Is it possible to use apparently harmless objects for the purpose of spreading malware?
The answer is: Of course yes ...

How does it work?

In the end it is very simple, even if a little laborious, to recreate a similar attack.
In practice, just create a QR-code that contains the connection to a server (or web page)
that contains the malicious code, and then reproduce it with Lego bricks.

In my example I have used a simple CSS attack, which is capable of crashing various browsers.
The attack has now been largely mitigated, but it still does its job,
especially on outdated devices, or out-of-date browsers.

More info: https://github.com/JonnyBanana/BANANA_CRASHER


Obviously this is just an example for testing purposes, but malware of any kind
can be processed, and then repurposed with this technique.



How it was done?

1: Creation of code that will be inserted in a web page(also Github is good).
Or you can use the attack I used in the example: https://github.com/JonnyBanana/safari-ie-reaper.github.io

2: Insert the infected web page into a QR Code.
just use a web service like this: https://qr-code-generator.com/

3: Print the QR Code.

4: Sectorization of the QR-code.
You can easily use some programs, but I wanted to have fun and I did it "old school style".
If you opt for the program, perform this step first before printing the QR Code.



5: Now it's time to figure out how many blocks of lego bricks you need,
once you have a clear idea it's time to spend on ebay...

I think I spent about € 50 on LEGO bricks, to recreate the QR Code.
Obviously, leaving some bricks for future projects. You need both LEGO PLATES
(for the bases and the creation of the QR-CODE blocks)
and LEGO BRICKS (to hold the base together).

6: Once you have all the pieces, you must then reproduce the QR Code exactly with the LEGO bricks.

7: It's time to test!
If all went well, the QR Code will be read easily by any QR Code Reader!
If it doesn't work, try to figure out where the wrong block (s) is,
otherwise unzip everything and start over.


See on YouTube Here:

BQOD


See also "Lego Pirate Caravan with Raspberri Pi & Pimoroni Pi HAT":

BQOD


This is just one of the umpteenth demonstrations of how to use an object
for a different (or contrary) purpose to that for which it was created.
This was just one of the easiest ways to do it...

I hope you enjoy it.

About

🧱🧱🧱Simple demonstration on how to make LEGO a vector for propagating malware.🧱🧱🧱

Resources

Readme
Activity

Stars

7 stars

Watchers

4 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published