BadUSB - On Accessories that Turn Evil by Karsten Nohl + Jakob Lell

  Рет қаралды 143,941

Black Hat

Black Hat

Күн бұрын

Пікірлер: 108
@johnycannuk
@johnycannuk 10 жыл бұрын
Brilliant stuff. Great talk. And yes, Jakob sounds like Dr. Strangelove....
@YogendraSingh-jh1lz
@YogendraSingh-jh1lz 7 жыл бұрын
Whole Reversing and patching USB speech is encrypted in German-English. :(
@nathansmith3608
@nathansmith3608 9 жыл бұрын
The protection mechanism that makes the most sense to me right now would be adding a kernel module for detecting implausibly fast keystroke input. Upon detection of suspicious keyboard input - parameters could be adjustable by security policy settings - it would trigger something similar to Windows User Account Control prompt. Of course, it would have to require typing or clicking something less predictable than Alt+y, like they use to bypass current UAC in their attack
@ricardo.mazeto
@ricardo.mazeto 8 жыл бұрын
+Nathan Smith The malware could simulate human typing speeds.
@slash32
@slash32 8 жыл бұрын
Would it be possible to use the badUSB vulnerability with a mouse or keyboard instead of a USB stick? Would it be possible to have a mouse/keyboard execute a program/code when it is plugged in?
@SoreSurvival
@SoreSurvival 6 жыл бұрын
mouses and keyboards install drivers when plugged in, im sure you could sneak something in there, it would take physically modifying the device i suppose, i dont believe the flash memory would be much more then what is nesscary for the drivers. no extra space for the extra goods
@ZexMaxwell
@ZexMaxwell 10 жыл бұрын
Great work. a website that reported about this said it best. "we are screwed."
@JohnDoe-sb2kj
@JohnDoe-sb2kj 10 жыл бұрын
No were not. Only ignorant people and article writers think that. There are actual fixes and preventative steps that will keep user computers safe.
@studentism
@studentism 10 жыл бұрын
John Doe You obviously did not watch the video.
@7Shol
@7Shol 4 жыл бұрын
"plug & pray" has never been so true
@james_gemma
@james_gemma 8 жыл бұрын
I only have one question: What?
@megasmart1337
@megasmart1337 10 жыл бұрын
I can't understand what the german dude is talking about..
@sjoervanderploeg4340
@sjoervanderploeg4340 Жыл бұрын
And all those years later, we have evolved BadUSB to "Rick Rolling".
@nathansmith3608
@nathansmith3608 9 жыл бұрын
The answer to this vulnerability should be input device validation & lockdown. On first bootup, the computer should 'mate' itself to a known good input device via a mechanism in the EFI (requires development of per-keyboard, -trackpad, -etc., per-firmware version, code-signing). The user could be prompted to set a master password needed to then add more input devices. Then whenever an input device (keyboard, mouse, anything else that could easily take control of the system) is added, there would be a prompt & it would need to enter the password to give further input to the machine. EFI or OS Kernel controls could allow more fine-grained automatic policies, like allowing classes of devices to be white- or black-listed, or disallowing for instance on a laptop, a single usb hub that hosts both a display & pointer peripheral, if attacks using emulated mouse movement & screen capturing techniques were spotted in the wild.
@andreask1430
@andreask1430 8 жыл бұрын
Does not help at all: You can take as easily control by emulating a network device. As the presenters mentioned if you remove all the dangerous classes, you can as well leave out the USB ports. Secondly, USB devices do not have serial numbers (and these can be easily spoofed too if you can manipulate the firmware), and worse your benign device, might be reprogrammed at a later time to do bad things. So as mentioned, it's a mess, and the best defense would be to disable firmware updates => which is "easy" for flash sticks, with a known functionality where not that much happens, but for more expensive devices with more complicated features, firmware updates are a feature :(
@Stopinvadingmyhardware
@Stopinvadingmyhardware 2 жыл бұрын
This is a firmware/hardware level exploit. It's only fixable by the hardware manufacturer.
@husaynvohra
@husaynvohra 6 жыл бұрын
0.75x speed works, able to understand most things thank god
@jimmywhite3110
@jimmywhite3110 9 жыл бұрын
Wow. That is an eye-opener for sure.
@LeetCodes
@LeetCodes 9 жыл бұрын
no offense intended but really needs subtitles for the second guy, impossible to understand half of what he says and i was really interested in this presentation, i couldnt even finish watching it..
@ChristianHaschek
@ChristianHaschek 7 жыл бұрын
Yeah that's bad english even by german standards
@snorman1911
@snorman1911 7 жыл бұрын
Same, I'm bailing out.
@momashi69
@momashi69 6 жыл бұрын
Yes, they should have taken English lessons instead of spending all those months tirelessly and selflessly documenting this massive security threat for your ungrateful whiny asses... how's that for English?
@JohnDoe-nq4du
@JohnDoe-nq4du 5 жыл бұрын
@@momashi69 No. Read what you're replying to, asshole. No one said they should have gotten better at English, only that they should have recognized how bad their English was, and compensated with subtitles.
@JohnDoe-nq4du
@JohnDoe-nq4du 5 жыл бұрын
@Li Feng Would love to, but to do so, would need to know what he's saying.
@75west
@75west 10 жыл бұрын
karsten Nohl has a German accent but is quite understandable, Jakob Lell on the other hand was not. Intonation and rhythm is so strongly German that the result is not understandable. Otherwise a very informative and useful presentation.
@erebostd
@erebostd 10 жыл бұрын
This is not necessarily German, its more "schwäbisch". Not all Germans sound the same, like in the us you clearly are able to distinguish someone from the south and the North :-)
@johnnyjohn9961
@johnnyjohn9961 10 жыл бұрын
yeah i couldn't understand what he was saying
@SrElectric101
@SrElectric101 9 жыл бұрын
Is there an open API for this? we want to implement this in our project
@WilliamTubbs-wm3ds
@WilliamTubbs-wm3ds Жыл бұрын
I've had 40 USB stolen in the raw bed so I'm just going to alert to Anderson county sheriff's
@stevenyates715
@stevenyates715 8 жыл бұрын
Is the second guy human or robot?
@Brickkzz
@Brickkzz 8 жыл бұрын
reptilian lol
@sankai91
@sankai91 8 жыл бұрын
I speak fluently German and I'm pretty sure I'm not that bad in English. Yet it's really hard to understand the second guy as my knowledge about this stuff isn't that good.. No offense, but subtitles would be awesome EDIT: it was only difficult at the beginning, but later it got better
@gunslingerfourtysix
@gunslingerfourtysix 8 жыл бұрын
+OGSankai hes so nervous,, And,,,,,And,,,,,And,,,,And
@y__h
@y__h 8 жыл бұрын
He's kinda having a shock. And yes it's got better later. The point is the content presented is awesome.
@oferrosenberg1237
@oferrosenberg1237 10 жыл бұрын
Is it relevant to PCs which run on a non-admin privilege as well?
@quelorepario
@quelorepario 8 жыл бұрын
it could escalate privileges, and even without that, it could spoof your network card to redirect all the traffic to the hacker's server.
@crlscjn
@crlscjn 10 жыл бұрын
How about SD cards, Do they present similar vulnerabilities?
@ktxed
@ktxed 10 жыл бұрын
i'd say no, because sd cards are not technically usb devices
@nelsonduarte9306
@nelsonduarte9306 10 жыл бұрын
SD cards do not; what you will be using to read them however may be, like those USB card readers which is where the micro-controller resides.
@AtlasMTBRider
@AtlasMTBRider 10 жыл бұрын
it's possible with different approaches look for this " 30C3: Exploration and Exploitation of an SD Memory Card "
@takitakair
@takitakair 10 жыл бұрын
Nelson Duarte many card readers use usb interface, if you go do device manager it says in fact that it is a usb card reader, the difference is that it is soldered on the motherboard...And by curiosity i thought this vulnerability was already known, back in 2005 some dude did it and created a virus that based on this vulnerability would activate webcams, would control the keyboard and many other things, one catch is that some other dude said that you could counter this "virus", to do it when you see a white square on the superior left corner of your pc begin smashing the space key on your keyboard and you could stop the malicious action from being complete...
@scriptwarlock
@scriptwarlock 10 жыл бұрын
wow first we have sd memory card vulnerability now this, very interesting.
@carlosrivero4520
@carlosrivero4520 10 жыл бұрын
The best is a cd or dvd disc.... I Think!
@CeziHD
@CeziHD 10 жыл бұрын
Muss er das Klische bestätigen ? Natürlich, Ja :D
@TheTomTerrific
@TheTomTerrific 10 жыл бұрын
Please turn on CC it can't even understand the second person either! Some of it is too funny!
@random_content_generator
@random_content_generator 8 жыл бұрын
Oh man, every time the second guy comes in, it gets really hard to understand.
@madkvideo
@madkvideo 4 жыл бұрын
LMFAO what the fuck is Felicia day doing at blackhat
@viktorengelmann4077
@viktorengelmann4077 4 жыл бұрын
Föhmwäh = Firmware
@momashi69
@momashi69 6 жыл бұрын
You've forever and irreversibly killed the guilty pleasure of buying cheap Chinese devices on eBay...
@AmbrosiusZwackelmann
@AmbrosiusZwackelmann 10 жыл бұрын
Its a pain to listen to him....@9:00
@lDarkfoxxl
@lDarkfoxxl 10 жыл бұрын
it is pretty difficult, I would like subs tbh.
@eternalblue2119
@eternalblue2119 10 жыл бұрын
Turn the subs on - It was a very weird speech
@terrypercy
@terrypercy 10 жыл бұрын
I just closed it, wasn't worth listening to someone who doesn't even want to properly pronounce syllables. V's are way overused, causing incapability of understanding, unless I feel like focusing on what he's trying to say, instead of learning from what he says lol
@spammydronex5522
@spammydronex5522 10 жыл бұрын
He is atleast trying to speak english. Hes like reaaalllyy nervous... atleast hes a guy that got that USBs more fun
@AmbrosiusZwackelmann
@AmbrosiusZwackelmann 10 жыл бұрын
Yes, thats true. I have no personal problem. He seems very nice. It was only very painfull to listen to him. But summa summarum it was a good speech.
@bellajbadr2237
@bellajbadr2237 10 жыл бұрын
waw good job i'll try it
@87shadoww
@87shadoww 10 жыл бұрын
I am sure the talk is awesome, but the second speaker lost me with his english..
@elfriendly139
@elfriendly139 6 жыл бұрын
im not a native english speaker and i can completely understand the german guy, stop it guys.
@edwardkostreski6733
@edwardkostreski6733 10 жыл бұрын
I am getting paranoid I let people charge phones on laptop all the time :'O
@rootshell101
@rootshell101 3 жыл бұрын
The german guy was so terribly hard to understand, this was soooo painful to watch.
@c2ashman
@c2ashman 10 жыл бұрын
I am german and....holy crap...his english is terrible. Someone should have told him during rehearsal that his english is not good enough to do a presentation. Content great...english *facepalm*
@trilobyte3851
@trilobyte3851 5 жыл бұрын
The first sounds like Arnold Schwarzenegger...For the other dude, Don't feel bad the more talks he does the more he is forced to improve...
@bellajbadr2237
@bellajbadr2237 10 жыл бұрын
the second man was german i think :(. is he speaking english or what?
@JohnDoe-sb2kj
@JohnDoe-sb2kj 10 жыл бұрын
Yes, just a heavy accent.
@banama1758
@banama1758 10 жыл бұрын
GHBSYSHacks - Official might be turkish too
@JohnDoe-sb2kj
@JohnDoe-sb2kj 10 жыл бұрын
Let us do the squirrel test!
@banama1758
@banama1758 10 жыл бұрын
***** dont blame whole country just for that guy :D
@catstevens01
@catstevens01 10 жыл бұрын
***** no need :D. I am moroccan and our pronunciation is worst
@frgging
@frgging 10 жыл бұрын
Jacob, I could understand more if you speak German.
@cadeathtv
@cadeathtv 9 жыл бұрын
Nice, Just in case your HDD will be taken by force. Auto format :P
@SlightlyTechnical
@SlightlyTechnical 9 жыл бұрын
Rutherford Zerdick doesnt always work if the harddrive is infected at the firmware level
@cadeathtv
@cadeathtv 9 жыл бұрын
I mean, I will install a AUTOFORMAT that cannot be retrieve in the FIRMWARE LEVEL
@Amivit
@Amivit 9 жыл бұрын
+Rutherford Zerdick, CPEH Then you don't understand much about computers. It's trivial to recover data from a formatted drive.
@cadeathtv
@cadeathtv 9 жыл бұрын
EvizuGaming too bad Then tell me, what do I mean by "Nice, Just in case your HDD will be taken by force. Auto format :P"
@Amivit
@Amivit 9 жыл бұрын
What? I don't think you understand that formatting a drive doesn't actually delete data. It just flips a few bits telling the drive that it is ready for use. The old data is still sitting there and easily recoverable with many different tools (lookup TestDisk or Recuva for example). If you wish to securely delete data, you need to overwrite with a tool such a DBAN or Eraser
@gerhardhaid3055
@gerhardhaid3055 9 жыл бұрын
This is painful to watch. I am sure the second guy knows what he talks about but the problem is that he doesn't speak English.
@lakesidepmp3
@lakesidepmp3 7 жыл бұрын
Not even subtitles would help this guy, it would just say , um usb um yeah um WiFi um endpoint um.um
@abosamra555
@abosamra555 9 жыл бұрын
يخربيتكم معقول
@abderrahimouakki6734
@abderrahimouakki6734 10 жыл бұрын
the second man has a sick english !!!! :/
@1wolfeh7
@1wolfeh7 9 жыл бұрын
Yeah but these "BadUSB's" are not anything new at all. In my Gray Hat Hacking Ethical Handbook these HID's and others are covered and discussed in depth. Even if you turn off the auto-detection/auto-run it not really going to help, because there is a simple work around for that.
@Stopinvadingmyhardware
@Stopinvadingmyhardware 2 жыл бұрын
This is the second conference on this exploit. The first was in 2011. It's still an issue today. This is what made Russia go back to one time pads and paper for everything. This is easy to solve, but that would require the IEEE to not be a seething pool of opinionated assholes that think they are better at running society than the individuals having to deal with the repercussions of their BS.
@Proeemium
@Proeemium 3 жыл бұрын
21:36
@dylanwilliams5359
@dylanwilliams5359 10 жыл бұрын
This is nothing new... They just made their own homemade Rubber Ducky. Why spend months reverse engineering firmware when you could just buy this?
@blehhhhhhish
@blehhhhhhish 10 жыл бұрын
This isn't about some hardware based hacking product like the Rubber ducky, this is about a usb firmware virus that can Jump between multiple usb devices and emulate any usb device it wants. They didn't spend months of research and reverse engineering to create their own rubber ducky, they did it to prove it was possible to create a usb virus, and to try and push companies to create more secure devices. That's what the majority of hacker conferences are for, this isn't just for bragging rights, they've successfully proven a point of attack that could have been used, and an attack that at the moment can't even be detected or fixed. It's a serious issue that they've brought up here. For a rubber ducky you need physical access to a computer to 'infect' it, and only while the single usb device is plugged in. With this you do not, a virus on the computer could infect the usb device, multiple usb devices at once at that.
@possiblydavid
@possiblydavid 10 жыл бұрын
Dylan Williams Are you kidding me right now???!!! This has nothing to do with making a single usb device that you own act like a keyboard. Arguably, the existing Rubber Ducky scripts could make this easier to use, but that's beside the point. The massive, MASSIVE, difference here is that they can start with no usb device at all, stick their virus into a program you download sometime, and the YOUR USB DEVICE is the one that they turn into a keyboard that can infect OTHER COMPUTERS AND USB DEVICES that you connect to.
@banama1758
@banama1758 10 жыл бұрын
jakob ruined the whole shit
@DacianRider
@DacianRider 10 жыл бұрын
A
@ayyylmao4746
@ayyylmao4746 10 жыл бұрын
420 root it 19:15
@thekaiser4333
@thekaiser4333 10 жыл бұрын
Windows-fanboys... What has this world only come to.
@thinkwithportal
@thinkwithportal 10 жыл бұрын
Isnt this just the Rubber Ducky?
@quelorepario
@quelorepario 8 жыл бұрын
It is about infecting turning ANY USB device into a "rubber ducky"
@slashghero
@slashghero 6 жыл бұрын
OMG.. the second guy is probably really smart way smarter then me, but please do not talk, just write down what you reverse engineered, and hand paperwork to someone else, anyone but you!
48 Dirty Little Secrets Cryptographers Don’t Want You To Know
50:58
龟兔赛跑:好可爱的小乌龟#short #angel #clown
01:00
Super Beauty team
Рет қаралды 94 МЛН
Friends make memories together part 2  | Trà Đặng #short #bestfriend #bff #tiktok
00:18
Когда отец одевает ребёнка @JaySharon
00:16
История одного вокалиста
Рет қаралды 17 МЛН
Sigma baby, you've conquered soap! 😲😮‍💨 LeoNata family #shorts
00:37
BAD USB: Attack on a SHUT DOWN Computer | Real Experiment
11:17
t510 Making BadUSB Work For You Adam Caudill Brandon Wilson
24:01
Adrian Crenshaw
Рет қаралды 148 М.
Living off Microsoft Copilot
42:06
Black Hat
Рет қаралды 27 М.
Hacking the Wireless World with Software Defined Radio - 2.0
1:02:19
GOD MODE UNLOCKED - Hardware Backdoors in x86 CPUs
51:00
Black Hat
Рет қаралды 309 М.
How Smartcard Payment Systems Fail
58:56
Black Hat
Рет қаралды 156 М.
How the Best Hackers Learn Their Craft
42:46
RSA Conference
Рет қаралды 2,6 МЛН
Ichthyology: Phishing as a Science
24:28
Black Hat
Рет қаралды 36 М.
龟兔赛跑:好可爱的小乌龟#short #angel #clown
01:00
Super Beauty team
Рет қаралды 94 МЛН