Conversation
Notices
-
@broniebrown & #techponies I am reading up on BadUSB after reading up on what Stuxnet was exactly. I can't seem to recall precicely whether you specifically can program BadUSB to "infect" other USB devices. ( for Stuxnet could. Also just asking you guys is probably a lot faster than re-reading 25 pages and a 60 minute long blackhat presentation on youtube )
Friday, 10-Oct-14 22:01:20 UTC from web-
@critialcloudkicker I have no idea what's behind BadUSB.
-
@broniebrown You know that a USB-stick has an embedded system before you are allowed to speak to the storage ? ( well duhh, it is the whole reason why you have to install drivers ). Immagine if someone could re-write the firmware on your USB device so that it would also function as something else, the most devious example of "something else" would be a USB keyboard that would write omnious commands to the command-line-interface, and be gone before you know it. Such as quickly browserhijack, or download a CLI tool to rewrite USB firmwares... ... That means... I just basically answerred my own question...
-
@critialcloudkicker Aha. Sounds pretty bad. It's almost as bad as the inherent vulnerability of FireWire. It's possible to read and do everything that goes over the system bus with FireWire.
-
@broniebrown Well, I think you're looking at this from the wrong perspective. If I could repurpose a USB device by rewriting part of the firmware to ( next to the normal stuff it should do ) also include a keyboard, and intermittingly have the keyboard do malious stuff ( grab screenshot, send it to IP adress ) ... Why would I care about what is on the physical stick ? ... Also Firewire always has been about 2-way comminucation by wire, as such you "could" try to hijack said information, but seen as you are there to personally attach both cables, security was never a great concern anyway ...
-
@broniebrown Hmm, lets see, if I were a hacker and wanted to infect as much systems as possible in the least amount of time, knowing that I would only need to speak to and rewrite a large chunk of the embedded system ( and this is more than likely a hand-crafted process so I do not think that malious people are willing to write several hundreds to target specifically USB sticks ) ... I guess they would target the biggest and baddest selling devices with an USB connection first. Depending on how fast you would like it to spread more is better ofcourse but... ehmm... I'd look at the RealTek USB stick firmware ( it is in almost every USB stick, I do not think it changed much, maybe only for sizes ). Iphone 5 and Iphone 6 ( they do have different USB firmware, not sure if incompattible ) and Samsung S4 and S5. Then refine my detection mechanisms by CLI and update the firmware reprogram definitions as I go ( let the "badUSB" horse phone home ) ... ... I know evil... does that mean I am ?
-
@critialcloudkicker Imagine you can cheaply produce USB sticks to store data for merchandising purposes (company-branded sticks). Imagine those sticks used by various companies and people. Imagine you were a bad person and want to gain some more money to gain sensitive information and sell them.
-
@broniebrown Although you are correct when you say you can manufacture and order them in bulk quickly. I realy doubt that you can get them with custom firmware. You'd probably have to do that part yourself. Meaning it'd be WAY quicker to just infect a few photo kiosks ( those things with USB and "select what photo you want printed" options ) and laugh your hiney off as people attach their Iphone to the machine
-
