In this talk, we will cover some novel USB-level attacks, which can provide remote command and control of, even air-gapped machines, with a minimal forensic footprint using an open-source toolset on freely available hardware.
USB-keyboard attacks are not new, but there is still room for improvement. Our toolkit provides three significant improvements over existing work. The first is the ability to communicate with the device remotely via WiFi, allowing for updates to the payloads, exfiltration of data, real-time interaction with the host and an ability to debug problems. The second is the ability to gain a stealthy bi-directional channel with the host via the device. No traffic is generated on the target's existing network interfaces (i.e it would work against air-gapped hosts). Finally, the stub running on the host will leave a minimal forensic trail, making detection of the attack, or analysis of it later, difficult.
This eye opener session will held by Rogan Dawes. Come and learn first handed how your most secure system, even if they are air-gapped and without Internet access, can be attacked and controlled and how you should secure them!
More information at: https://www.hackcon.org/aktiviteter/hackcon12.