Those malicious USB cable prototypes from 2017? Here, have them. I’m calling it DemonSeed. It’s a good educational build. https://t.co/KpbAXEdGjp
— MG (@_MG_) July 19, 2019
Keep an eye on my feed during @BlackHatEvents & @defcon this year. I’ll have some free or near-cost build kits to hand out. pic.twitter.com/qoLrwMjsLx
Tag: USB
WooKey project: building trusted USB devices and IoTs
The WooKey project aims at prototyping a secure and trusted USB mass storage device featuring user data encryption and strong user authentication, with fully open source and open hardware foundations. The Wookey is a custom STM32 based USB thumb drive with mass storage capabilities designed for user data encryption and protection, with a full-fledged set of in-depth security defenses[…].
Thunderbolt3 -> USB4
[…]Today, Intel announced that it contributed the Intel Thunderbolt protocol specification to the USB Promoter Group, enabling other chip makers to build Thunderbolt compatible silicon, royalty-free. In addition, the USB Promoter Group announced the pending release of the USB4 specification, based on the Thunderbolt protocol. […]
https://newsroom.intel.com/news/intel-takes-steps-enable-thunderbolt-3-everywhere-releases-protocol/
Intel shares Thunderbolt with USB Promoter Group, and USB4 is on the way
Get-USBHistory: get history of a USB flash driving using PowerShell
OMG Cable: Offensive MG kit, open source malicious USB cable
https://twitter.com/_MG_/status/1094389042685259776
This page will continue to be updated with info about the cable as things progress. My intent is to make these available for many of you, and open source as much as possible.[…]
USBCaptchaIn: Preventing (Un)Conventional Attacks from Promiscuously Used USB Devices in Industrial Control Systems
USBCaptchaIn: Preventing (Un)Conventional Attacks from Promiscuously Used USB Devices in Industrial Control Systems
Federico Griscioli, Maurizio Pizzonia
(Submitted on 11 Oct 2018)
Industrial Control Systems (ICS) are sensible targets for high profile attackers and advanced persistent threats, which are known to exploit USB thumb drives as an effective spreading vector. In ICSes, thumb drives are widely used to transfer files among disconnected systems and represent a serious security risks, since, they may be promiscuously used in both critical and regular systems. The threats come both from malware hidden in files stored in the thumb drives and from BadUSB attacks [16]. BadUSB leverages the modification of firmware of USB devices in order to mimic the behaviour of a keyboard and send malicious commands to the host. We present a solution that allows a promiscuous use of USB thumbs drives while protecting critical machines from malware, that spread by regular file infection or by firmware infection. The main component of the architecture we propose is an hardware, called USBCaptchaIn, intended to be in the middle between a critical machine and all USB devices. We do not require users to change the way they use thumb drives. To avoid human-errors, we do not require users to take any decision. The proposed approach is highly compatible with already deployed products of a ICS environment and proactively blocks malware before they reach their targets. We describe our solution, provide a thorough analysis of the security of our approach in the ICS context, and report the informal feedback of some experts regarding our first prototypes.
USB Type-C to Become More Secure With Authentication Standard
The security of USB-based connections and devices is taking a step forward, with the official launch of the USB Type-C Authentication Program on Jan. 2[…]
http://www.eweek.com/security/usb-type-c-to-become-more-secure-with-authentication-standard
Chrome OS to block USB access while the screen is locked
tools to create UEFI USB boot drives
Regarding tools/scripts to generate a UEFI USB thumbdrive boot disk, there’s:
1) Rufus (a native GUI app for Windows), which has been around for years.
2) USB_UEFI_Shell, a Unix script, came out two weeks ago.
https://github.com/skyskyshinysky/usb_uefi_shell
3) WinInst-UEFI-USB is a macOS script that generates a Windows-centric drive, and this was initially released yesterday.
https://github.com/core-process/wininst-uefi-usb
[[I think there are a few other scripts that I’ve blogged about, but forget the project names at the moment, will create a future post when I can extend the list. There’s also the Tianocore/EDK2 script that DUET uses (or rather used, DUET was just deprecated from EDK2); I think Cloverboot has variations of that script. I guess I should also create a list of documentation that describes how to do this in the future as well. The CHIPSEC user documentation’s UEFI install instructions are one example app that includes this. There’re about a dozen other documents…]]
Uberducky – a wireless USB Rubber Ducky triggered via BLE
usb_uefi_shell: automatic creation of bootable USB-drive
GPU-pass-through-compatibility-check: Automatically set up a Linux system for PCI pass-through and check if it is compatible
This project consists of 3 parts.
1) A script (gpu-pt-check.sh) that automatically checks to what extend a computer is compatible with GPU pass-through in its given configuration.
2) A script (setup.sh) that automatically installs and configures your system for GPU pass-through (Only tested on fresh installs of Fedora 28 x64 with Gnome, booted in UEFI mode!)
3) Instructions on how to create a bootable Linux USB stick that automatically runs the gpu-pt-check.sh script when you boot from it without any user interaction required.
https://github.com/T-vK/GPU-pass-through-compatibility-check
USBCaptchaIn: Preventing (Un)Conventional Attacks from Promiscuously Used USB Devices in Industrial Control Systems
(Submitted on 11 Oct 2018)
Industrial Control Systems (ICS) are sensible targets for high profile attackers and advanced persistent threats, which are known to exploit USB thumb drives as an effective spreading vector. In ICSes, thumb drives are widely used to transfer files among disconnected systems and represent a serious security risks, since, they may be promiscuously used in both critical and regular systems. The threats come both from malware hidden in files stored in the thumb drives and from BadUSB attacks [16]. BadUSB leverages the modification of firmware of USB devices in order to mimic the behaviour of a keyboard and send malicious commands to the host. We present a solution that allows a promiscuous use of USB thumbs drives while protecting critical machines from malware, that spread by regular file infection or by firmware infection. The main component of the architecture we propose is an hardware, called USBCaptchaIn, intended to be in the middle between a critical machine and all USB devices. We do not require users to change the way they use thumb drives. To avoid human-errors, we do not require users to take any decision. The proposed approach is highly compatible with already deployed products of a ICS environment and proactively blocks malware before they reach their targets. We describe our solution, provide a thorough analysis of the security of our approach in the ICS context, and report the informal feedback of some experts regarding our first prototypes.
Umap2: USB host security assessment tool
This is not a new release, but I’m catching up with USB security tools for this blog.
Umap2 is the second revision of NCC Group’s python based USB host security assessment tool. Umap2 is developed by NCC Group and Cisco SAS team.
Features:
* USB device emulation
* USB host scanning for device support
* USB host OS detection (no implemented yet)
* USB host fuzzing
* USB host fuzzing uses kitty as fuzzing engine
Nothing to see here. The not-so-charger
https://twitter.com/elkentaro/status/1032229182565048322
[…I’m sure many of us already have one of these multi-port usb chargers to charge all our gadgets. So my idea was to create a casing for an RPi that looked like one of those chargers.[…]
USBHarpoon Is a BadUSB Attack with A Twist
USB Charging Actually Poses Security Risks – Hacking a Laptop via a USB-C Adapter
Smartphones have been charged over USB for many years, but with the advance of USB type-C now even laptops may be charged over USB, instead of the typical DC power barrel jack.[…]
https://www.cnx-software.com/2018/08/14/usb-charging-security-risks/
Reversing the Luxeed LED keyboard, a Windows USB driver
Lots of general debugging skills for Windows USB drivers covered in this blog post.
https://twitter.com/geeknik/status/1024439570019110912
http://jespersaur.com/drupal/book/export/html/21
Eclypsium creates new CHIPSEC module to test USB security
Eclypsium has created a new CHIPSEC module to see if USB Debug attacks are possible!
https://blog.eclypsium.com/2018/07/23/evil-mai%ef%bb%bfd-firmware-attacks-using-usb-debug/
https://github.com/chipsec/chipsec/blob/master/chipsec/modules/debugenabled.py
Apple: iOS 12 Beta 4 Requires Device to Be Unlocked Before Connecting Any USB Accessories
[…]In the fourth developer beta of iOS 12, a passcode is required any time a computer or USB accessory is connected.[…]
https://daringfireball.net/linked/2018/07/18/ios-12-usb-accessories
Firmware Security 
You must be logged in to post a comment.