Brilliant stuff. Great talk. And yes, Jakob sounds like Dr. Strangelove....
@YogendraSingh-jh1lz7 жыл бұрын
Whole Reversing and patching USB speech is encrypted in German-English. :(
@nathansmith36089 жыл бұрын
The protection mechanism that makes the most sense to me right now would be adding a kernel module for detecting implausibly fast keystroke input. Upon detection of suspicious keyboard input - parameters could be adjustable by security policy settings - it would trigger something similar to Windows User Account Control prompt. Of course, it would have to require typing or clicking something less predictable than Alt+y, like they use to bypass current UAC in their attack
@ricardo.mazeto8 жыл бұрын
+Nathan Smith The malware could simulate human typing speeds.
@slash328 жыл бұрын
Would it be possible to use the badUSB vulnerability with a mouse or keyboard instead of a USB stick? Would it be possible to have a mouse/keyboard execute a program/code when it is plugged in?
@SoreSurvival6 жыл бұрын
mouses and keyboards install drivers when plugged in, im sure you could sneak something in there, it would take physically modifying the device i suppose, i dont believe the flash memory would be much more then what is nesscary for the drivers. no extra space for the extra goods
@ZexMaxwell10 жыл бұрын
Great work. a website that reported about this said it best. "we are screwed."
@JohnDoe-sb2kj10 жыл бұрын
No were not. Only ignorant people and article writers think that. There are actual fixes and preventative steps that will keep user computers safe.
@studentism10 жыл бұрын
John Doe You obviously did not watch the video.
@7Shol4 жыл бұрын
"plug & pray" has never been so true
@james_gemma8 жыл бұрын
I only have one question: What?
@megasmart133710 жыл бұрын
I can't understand what the german dude is talking about..
@sjoervanderploeg4340 Жыл бұрын
And all those years later, we have evolved BadUSB to "Rick Rolling".
@nathansmith36089 жыл бұрын
The answer to this vulnerability should be input device validation & lockdown. On first bootup, the computer should 'mate' itself to a known good input device via a mechanism in the EFI (requires development of per-keyboard, -trackpad, -etc., per-firmware version, code-signing). The user could be prompted to set a master password needed to then add more input devices. Then whenever an input device (keyboard, mouse, anything else that could easily take control of the system) is added, there would be a prompt & it would need to enter the password to give further input to the machine. EFI or OS Kernel controls could allow more fine-grained automatic policies, like allowing classes of devices to be white- or black-listed, or disallowing for instance on a laptop, a single usb hub that hosts both a display & pointer peripheral, if attacks using emulated mouse movement & screen capturing techniques were spotted in the wild.
@andreask14308 жыл бұрын
Does not help at all: You can take as easily control by emulating a network device. As the presenters mentioned if you remove all the dangerous classes, you can as well leave out the USB ports. Secondly, USB devices do not have serial numbers (and these can be easily spoofed too if you can manipulate the firmware), and worse your benign device, might be reprogrammed at a later time to do bad things. So as mentioned, it's a mess, and the best defense would be to disable firmware updates => which is "easy" for flash sticks, with a known functionality where not that much happens, but for more expensive devices with more complicated features, firmware updates are a feature :(
@Stopinvadingmyhardware2 жыл бұрын
This is a firmware/hardware level exploit. It's only fixable by the hardware manufacturer.
@husaynvohra6 жыл бұрын
0.75x speed works, able to understand most things thank god
@jimmywhite31109 жыл бұрын
Wow. That is an eye-opener for sure.
@LeetCodes9 жыл бұрын
no offense intended but really needs subtitles for the second guy, impossible to understand half of what he says and i was really interested in this presentation, i couldnt even finish watching it..
@ChristianHaschek7 жыл бұрын
Yeah that's bad english even by german standards
@snorman19117 жыл бұрын
Same, I'm bailing out.
@momashi696 жыл бұрын
Yes, they should have taken English lessons instead of spending all those months tirelessly and selflessly documenting this massive security threat for your ungrateful whiny asses... how's that for English?
@JohnDoe-nq4du5 жыл бұрын
@@momashi69 No. Read what you're replying to, asshole. No one said they should have gotten better at English, only that they should have recognized how bad their English was, and compensated with subtitles.
@JohnDoe-nq4du5 жыл бұрын
@Li Feng Would love to, but to do so, would need to know what he's saying.
@75west10 жыл бұрын
karsten Nohl has a German accent but is quite understandable, Jakob Lell on the other hand was not. Intonation and rhythm is so strongly German that the result is not understandable. Otherwise a very informative and useful presentation.
@erebostd10 жыл бұрын
This is not necessarily German, its more "schwäbisch". Not all Germans sound the same, like in the us you clearly are able to distinguish someone from the south and the North :-)
@johnnyjohn996110 жыл бұрын
yeah i couldn't understand what he was saying
@SrElectric1019 жыл бұрын
Is there an open API for this? we want to implement this in our project
@WilliamTubbs-wm3ds Жыл бұрын
I've had 40 USB stolen in the raw bed so I'm just going to alert to Anderson county sheriff's
@stevenyates7158 жыл бұрын
Is the second guy human or robot?
@Brickkzz8 жыл бұрын
reptilian lol
@sankai918 жыл бұрын
I speak fluently German and I'm pretty sure I'm not that bad in English. Yet it's really hard to understand the second guy as my knowledge about this stuff isn't that good.. No offense, but subtitles would be awesome EDIT: it was only difficult at the beginning, but later it got better
@gunslingerfourtysix8 жыл бұрын
+OGSankai hes so nervous,, And,,,,,And,,,,,And,,,,And
@y__h8 жыл бұрын
He's kinda having a shock. And yes it's got better later. The point is the content presented is awesome.
@oferrosenberg123710 жыл бұрын
Is it relevant to PCs which run on a non-admin privilege as well?
@quelorepario8 жыл бұрын
it could escalate privileges, and even without that, it could spoof your network card to redirect all the traffic to the hacker's server.
@crlscjn10 жыл бұрын
How about SD cards, Do they present similar vulnerabilities?
@ktxed10 жыл бұрын
i'd say no, because sd cards are not technically usb devices
@nelsonduarte930610 жыл бұрын
SD cards do not; what you will be using to read them however may be, like those USB card readers which is where the micro-controller resides.
@AtlasMTBRider10 жыл бұрын
it's possible with different approaches look for this " 30C3: Exploration and Exploitation of an SD Memory Card "
@takitakair10 жыл бұрын
Nelson Duarte many card readers use usb interface, if you go do device manager it says in fact that it is a usb card reader, the difference is that it is soldered on the motherboard...And by curiosity i thought this vulnerability was already known, back in 2005 some dude did it and created a virus that based on this vulnerability would activate webcams, would control the keyboard and many other things, one catch is that some other dude said that you could counter this "virus", to do it when you see a white square on the superior left corner of your pc begin smashing the space key on your keyboard and you could stop the malicious action from being complete...
@scriptwarlock10 жыл бұрын
wow first we have sd memory card vulnerability now this, very interesting.
@carlosrivero452010 жыл бұрын
The best is a cd or dvd disc.... I Think!
@CeziHD10 жыл бұрын
Muss er das Klische bestätigen ? Natürlich, Ja :D
@TheTomTerrific10 жыл бұрын
Please turn on CC it can't even understand the second person either! Some of it is too funny!
@random_content_generator8 жыл бұрын
Oh man, every time the second guy comes in, it gets really hard to understand.
@madkvideo4 жыл бұрын
LMFAO what the fuck is Felicia day doing at blackhat
@viktorengelmann40774 жыл бұрын
Föhmwäh = Firmware
@momashi696 жыл бұрын
You've forever and irreversibly killed the guilty pleasure of buying cheap Chinese devices on eBay...
@AmbrosiusZwackelmann10 жыл бұрын
Its a pain to listen to him....@9:00
@lDarkfoxxl10 жыл бұрын
it is pretty difficult, I would like subs tbh.
@eternalblue211910 жыл бұрын
Turn the subs on - It was a very weird speech
@terrypercy10 жыл бұрын
I just closed it, wasn't worth listening to someone who doesn't even want to properly pronounce syllables. V's are way overused, causing incapability of understanding, unless I feel like focusing on what he's trying to say, instead of learning from what he says lol
@spammydronex552210 жыл бұрын
He is atleast trying to speak english. Hes like reaaalllyy nervous... atleast hes a guy that got that USBs more fun
@AmbrosiusZwackelmann10 жыл бұрын
Yes, thats true. I have no personal problem. He seems very nice. It was only very painfull to listen to him. But summa summarum it was a good speech.
@bellajbadr223710 жыл бұрын
waw good job i'll try it
@87shadoww10 жыл бұрын
I am sure the talk is awesome, but the second speaker lost me with his english..
@elfriendly1396 жыл бұрын
im not a native english speaker and i can completely understand the german guy, stop it guys.
@edwardkostreski673310 жыл бұрын
I am getting paranoid I let people charge phones on laptop all the time :'O
@rootshell1013 жыл бұрын
The german guy was so terribly hard to understand, this was soooo painful to watch.
@c2ashman10 жыл бұрын
I am german and....holy crap...his english is terrible. Someone should have told him during rehearsal that his english is not good enough to do a presentation. Content great...english *facepalm*
@trilobyte38515 жыл бұрын
The first sounds like Arnold Schwarzenegger...For the other dude, Don't feel bad the more talks he does the more he is forced to improve...
@bellajbadr223710 жыл бұрын
the second man was german i think :(. is he speaking english or what?
@JohnDoe-sb2kj10 жыл бұрын
Yes, just a heavy accent.
@banama175810 жыл бұрын
GHBSYSHacks - Official might be turkish too
@JohnDoe-sb2kj10 жыл бұрын
Let us do the squirrel test!
@banama175810 жыл бұрын
***** dont blame whole country just for that guy :D
@catstevens0110 жыл бұрын
***** no need :D. I am moroccan and our pronunciation is worst
@frgging10 жыл бұрын
Jacob, I could understand more if you speak German.
@cadeathtv9 жыл бұрын
Nice, Just in case your HDD will be taken by force. Auto format :P
@SlightlyTechnical9 жыл бұрын
Rutherford Zerdick doesnt always work if the harddrive is infected at the firmware level
@cadeathtv9 жыл бұрын
I mean, I will install a AUTOFORMAT that cannot be retrieve in the FIRMWARE LEVEL
@Amivit9 жыл бұрын
+Rutherford Zerdick, CPEH Then you don't understand much about computers. It's trivial to recover data from a formatted drive.
@cadeathtv9 жыл бұрын
EvizuGaming too bad Then tell me, what do I mean by "Nice, Just in case your HDD will be taken by force. Auto format :P"
@Amivit9 жыл бұрын
What? I don't think you understand that formatting a drive doesn't actually delete data. It just flips a few bits telling the drive that it is ready for use. The old data is still sitting there and easily recoverable with many different tools (lookup TestDisk or Recuva for example). If you wish to securely delete data, you need to overwrite with a tool such a DBAN or Eraser
@gerhardhaid30559 жыл бұрын
This is painful to watch. I am sure the second guy knows what he talks about but the problem is that he doesn't speak English.
@lakesidepmp37 жыл бұрын
Not even subtitles would help this guy, it would just say , um usb um yeah um WiFi um endpoint um.um
@abosamra5559 жыл бұрын
يخربيتكم معقول
@abderrahimouakki673410 жыл бұрын
the second man has a sick english !!!! :/
@1wolfeh79 жыл бұрын
Yeah but these "BadUSB's" are not anything new at all. In my Gray Hat Hacking Ethical Handbook these HID's and others are covered and discussed in depth. Even if you turn off the auto-detection/auto-run it not really going to help, because there is a simple work around for that.
@Stopinvadingmyhardware2 жыл бұрын
This is the second conference on this exploit. The first was in 2011. It's still an issue today. This is what made Russia go back to one time pads and paper for everything. This is easy to solve, but that would require the IEEE to not be a seething pool of opinionated assholes that think they are better at running society than the individuals having to deal with the repercussions of their BS.
@Proeemium3 жыл бұрын
21:36
@dylanwilliams535910 жыл бұрын
This is nothing new... They just made their own homemade Rubber Ducky. Why spend months reverse engineering firmware when you could just buy this?
@blehhhhhhish10 жыл бұрын
This isn't about some hardware based hacking product like the Rubber ducky, this is about a usb firmware virus that can Jump between multiple usb devices and emulate any usb device it wants. They didn't spend months of research and reverse engineering to create their own rubber ducky, they did it to prove it was possible to create a usb virus, and to try and push companies to create more secure devices. That's what the majority of hacker conferences are for, this isn't just for bragging rights, they've successfully proven a point of attack that could have been used, and an attack that at the moment can't even be detected or fixed. It's a serious issue that they've brought up here. For a rubber ducky you need physical access to a computer to 'infect' it, and only while the single usb device is plugged in. With this you do not, a virus on the computer could infect the usb device, multiple usb devices at once at that.
@possiblydavid10 жыл бұрын
Dylan Williams Are you kidding me right now???!!! This has nothing to do with making a single usb device that you own act like a keyboard. Arguably, the existing Rubber Ducky scripts could make this easier to use, but that's beside the point. The massive, MASSIVE, difference here is that they can start with no usb device at all, stick their virus into a program you download sometime, and the YOUR USB DEVICE is the one that they turn into a keyboard that can infect OTHER COMPUTERS AND USB DEVICES that you connect to.
@banama175810 жыл бұрын
jakob ruined the whole shit
@DacianRider10 жыл бұрын
A
@ayyylmao474610 жыл бұрын
420 root it 19:15
@thekaiser433310 жыл бұрын
Windows-fanboys... What has this world only come to.
@thinkwithportal10 жыл бұрын
Isnt this just the Rubber Ducky?
@quelorepario8 жыл бұрын
It is about infecting turning ANY USB device into a "rubber ducky"
@slashghero6 жыл бұрын
OMG.. the second guy is probably really smart way smarter then me, but please do not talk, just write down what you reverse engineered, and hand paperwork to someone else, anyone but you!