phdays.com, phdays.ru
Moscow, 2012
Day2, Track4, 10:00
Nikhil Mittal,
Breaking havoc using a Human Interface Device

Nikhil Mittal
    Abusing HID devices

Pen-testing overview
    enum+intel -> vuln scan -> exploit -> post-exploitation -> report

Best case scenario exploitation
    memory corruption bugs
        server side
        client side
    mis-configs
    open file shares
    sticky slip passwords
    man in the middle
    unsecured dumpsters
    human

Worst case scenario
    no public exploits available
    not allowed on the system
    countermeasure blocking
    exploit completed but no session was generated
    hardened systems
    patches in place
    countermeasures blocking scans and exploits
    security incident monitoring and blocking
    no network access
    need alternatives

Need new methos to break into systems
    bad guys get smarter
    not as easy is it used to be

HID anyone?
    what could go wrong?
    HID are considered dumb devices
    but seems we can give it brains
    meet teensy

Teensy
    usb microcontroller
    storage ~ 130 kb
    there is also teensy++
    pjrc.com
    pjrc.com/teensy/projects.html
    similar to Arduino dev board
    programmed using Arduino dev env (ADE)
    need just a simple plugin for Arduino (teensyduino)

Installation
    Windows
        install serial.exe (virtual serial driver)
        install teensyduino
    For Linux
        avr and avr-gcc packages required

Usage (Arduino + Teensyduino)
    Select "USB Type" -> Keyboard+Mouse+Joystick
    C++ like syntax
    two functions required (setup() and loop() )
        setup() first time you connect you connect a device
        loop() keeps running after setup()

======================

void setup()
{
    Keyboard.print("Hello World")
}

void loop()
{
}