- Trending Categories
- Data Structure
- Operating System
- C Programming
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Malicious QR Code with QRGen
The QR codes are machine-readable data formats used for anything that needs to be scanned automatically. It is possible to exploit the common vulnerabilities using exploits packed into custom QR codes as it is everywhere, from product packaging to airline boarding passes, etc. Hacker used a tool QRGen that create malicious QR codes to target vulnerable devices. QR code attacks are potent because humans can't read or understand the information contained in a QR code without scanning it, potentially exposing any device used to attempt to decipher the code to the exploit contained within. A human can't spot a malicious QR code before actually scanning it, the relatively large payload of a QR code can work to a hacker's advantage, especially when combined with vulnerable devices. The tool QRGen will take a payload and encode it into a QR code using Python.
QRGen comes with a built-in library that contains lots of popular exploits, which is extremely useful if you have time to sit down with the same device you're looking to exploit and find out which one works. For a penetration tester looking to audit anything that uses a QR code scanner, merely buying the same scanner and running through the exploits can lead you to get the scanner to behave in unexpected ways. The categories of payloads available on QRGen can be accessed by using the -l flag and a number while running the script. The number and payload type are listed below.
To start with QRGen, we'll need to download the repository from GitHub do perform the command below in a terminal window.
git clone https://github.com/h0nus/QRGen cd QRGen pip3 install -r requirements.txt
Generate Malicious QR Codes from a Payload Type
After installing the packing, you can run the script by typing python3 qrgen.py as following −
To start, let's create a payload containing format string payloads. To do so, run QRGen with the following argument.
Finally, a series of QR codes will be generated, and the last one that was created will open automatically.
- QR code generating website in Django
- Differentiate between Fastag, Bar Code, QR Code and NFC.
- How to create QR code in R?
- Python Generate QR Code using pyqrcode module?
- What are the differences between Fastag and QR Code?
- What are the differences between Barcode and QR Code?
- What are the differences between QR code and NFC?
- What are Malicious Websites?
- Creating a QR Code of a link in React JS
- What are the differences between QR code, Barcode and NFC?
- What are the differences between Fastag, QR Code and NFC?
- Query MySQL with unicode char code?
- PyTorch – How to compute QR decomposition of a matrix?
- Validate the ZIP code with Java Regular expressions