It is currently Thu Mar 28, 2024 5:56 pm View unanswered posts | View active topics |


Board index » Community » Computers & Technology


Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: BadUSB exploit code released on github
PostPosted: Fri Oct 03, 2014 11:05 pm 
Decent Challenge
Decent Challenge
User avatar

Joined: Mon Jun 07, 2004 10:02 pm
Posts: 416
If you want to muck around with creating your own.
https://github.com/adamcaudill/Psychson

Got announcement via wired - http://www.wired.com/2014/10/code-publi ... sb-attack/

:D


For those not in the loop from the rumblings and discussion from black hat keynote (earlier this year in Aug - caused quite a storm of discussion in the IT security field):

https://www.blackhat.com/us-14/briefing ... -turn-evil

Quote:
USB has become so commonplace that we rarely worry about its security implications. USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe - until now.

This talk introduces a new form of malware that operates from controller chips inside USB devices. USB sticks, as an example, can be reprogrammed to spoof various other device types in order to take control of a computer, exfiltrate data, or spy on the user.

We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses.

We then dive into the USB stack and assess where protection from USB malware can and should be anchored.



https://srlabs.de/badusb/

Quote:
Turning USB peripherals into BadUSB
USB devices are connected to – and in many cases even built into – virtually all computers. The interface standard conquered the world over the past two decades thanks to its versatility: Almost any computer peripheral, from storage and input gadgets to healthcare devices, can connect over the ubiquitous technology. And many more device classes connect over USB to charge their batteries.

This versatility is also USB’s Achilles heel: Since different device classes can plug into the same connectors, one type of device can turn into a more capable or malicious type without the user noticing.

Reprogramming USB peripherals. To turn one device type into another, USB controller chips in peripherals need to be reprogrammed. Very widely spread USB controller chips, including those in thumb drives, have no protection from such reprogramming.

BadUSB – Turning devices evil. Once reprogrammed, benign devices can turn malicious in many ways, including:

A device can emulate a keyboard and issue commands on behalf of the logged-in user, for example to exfiltrate files or install malware. Such malware, in turn, can infect the controller chips of other USB devices connected to the computer.
The device can also spoof a network card and change the computer’s DNS setting to redirect traffic.
A modified thumb drive or external hard disk can – when it detects that the computer is starting up – boot a small virus, which infects the computer’s operating system prior to boot.
Defenses?
No effective defenses from USB attacks are known. Malware scanners cannot access the firmware running on USB devices. USB firewalls that block certain device classes do not (yet) exist. And behavioral detection is difficult, since a BadUSB device’s behavior when it changes its persona looks as though a user has simply plugged in a new device.

To make matters worse, cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root. The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer. A BadUSB device may even have replaced the computer’s BIOS – again by emulating a keyboard and unlocking a hidden file on the USB thumb drive.

Once infected, computers and their USB peripherals can never be trusted again.

More details are available in the slides of our talk at BlackHat 2014. Youtube has a video of the talk.

Proof-of-Concept. We are not yet releasing the modified USB controller firmwares. Instead we are providing a proof-of-concept for Android devices that you can use to test your defenses: BadAndroid-v0.1

Questions? – usb [you know what to put here] srlabs.de




_________________
Image


Top
 Profile  
 
 Post subject: Re: BadUSB exploit code released on github
PostPosted: Sat Oct 04, 2014 2:26 am 
Easy Prey
Easy Prey
User avatar

Joined: Wed Sep 04, 2013 11:17 am
Posts: 234
That's fucking terrifying.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

Board index » Community » Computers & Technology


Who is online

Users browsing this forum: No registered users and 13 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group