Exploiting a computer through the USB port



Computers of all major brands blindly trust the devices connected to the USB ports.

If a device announce itself as a keyboard or a USB mouse, the computer believes him and accepts all commands.

BADUSB

This simple trick is used used by the researcher Samy Kankar, that send the keystrokes and mouse clicks to install a backdoor.

The demo is realized on a Mac, but the method can be modified to run on Windows and Linux systems:

Specifically, when you normally plug in a mouse or keyboard into a machine, no authorization is required to begin using them. The devices can simply begin typing and clicking. We exploit this fact by sending arbitrary keystrokes meant to launch specific applications (via Spotlight/Alfred/Quicksilver), permanently evade a local firewall (Little Snitch), install a reverse shell in crontab, and even modify DNS settings without any additional permissions. While this example is on OS X, it is easily extendable to Windows and *nix.

How to protect yourself?

Gizmodo says:

As for the USBdriveby hack, you can actually pretty easily protect yourself just by locking your computer, but it’s not so much USBdriveby that’s scary as it is all the other things out there that are like it but better. Hacks designed by thieves and cybercriminals that don’t share their plans in YouTube or wear microcontrollers around their necks (cool hack but that’s nerdy as shit, bro). It’s a scary world out there, so just be careful where you leave that laptop and what you plug into it.

Never leave your computer alone! ;-)


Published: December 21 2014