Get best of the week

[Master class] Practical attacks on the USB interface



While quarantine is raging, we decided to move our events online.

On Sunday April 19, Youtube will host an online broadcast of a workshop on practical attacks on the USB stack. All attacks will be shown on real equipment live, during the broadcast it will be possible to ask questions to the speaker. We will analyze practical methods for analyzing USB protocols, hardware and software for USB debugging, as well as specialized attack tools.

Speaker: Andreyxairy Konovalov


Software Engineer, works for Google. Develops tools for finding bugs in the Linux kernel (including syzkaller and KASAN). As a researcher, she is interested in identifying vulnerabilities and developing exploits. Found many vulnerabilities in the Linux kernel, including CVE-2017-7308 in the network stack and CVE-2016-2384 USB-MIDI driver. Speeches, development, research: xairy.imtqy.com

Assistant: Pavelzhovner

Broadcast Link


Beginning at 19:00 Moscow time on April 19 on Sunday. In order not to miss the broadcast, click on the bell on Youtube. Questions can be asked in the Youtube chat, in the comments under this article and in our Telegram chat.



What will happen at the master class


Detailed event plan github.com/xairy/hardware-village/tree/master/usb

  • Sniffing and decoding USB packets using a logic analyzer; usbmon and wireshark; USBProxy Nouveau; OpenVizsla.
  • Demonstration of BadUSB attacks using the original Rubber Ducky, Bash Bunny and Lan Turtle. BadUSB using cheap Chinese analogues Rubbery Ducky (ATtiny55, CJMCU, Cactus WHID) and Raspberry Pi Zero.

USB device emulation of standard classes:

  • Using the Facedancer framework on Facedancer21 and GreatFET One;
  • using legacy Gadget modules of the subsystem (g_hid.ko, etc.) and the Composite Gadget framework (FunctionFS / ConfigFS) on the Raspberry Pi Zero.

Emulation of custom USB devices:

  • Using the Facedancer framework on Facedancer21 and GreatFET One;
  • using legacy Gadget modules of the subsystem (GadgetFS and Raw Gadget) and Raspberry Pi Zero.

Fuzzing USB Stack:

  • in virtual machines using syzkaller and vUSBf;
  • physical devices using Facedancer21, GreatFET One, and Raspberry Pi Zero.

Broadcast Link


Beginning at 19:00 Moscow time on April 19 on Sunday. In order not to miss the broadcast, click on the bell on Youtube. Questions can be asked in the Youtube chat, in the comments under this article and in our Telegram chat.



https://youtu.be/0bMxAdq1adc


In order not to miss the broadcast, subscribe to our channel in Telegram: @neuronspace

More articles:


All Articles