[Мастер-класс] Practical attacks on the USB interface
While quarantine is raging, we decided to move our events online.
Sunday, April 19th YouTube will host an online broadcast of a workshop on practical attacks on the USB stack. All attacks will be shown on real equipment live, during the broadcast it will be possible to ask questions to the speaker. We will analyze practical methods for analyzing USB protocols, hardware and software for debugging USB, as well as specialized tools for attacks.
Speaker: Andrey xairy Konovalov
Software Engineer, works for Google. Develops tools for finding bugs in the Linux kernel (including syzkaller and KASAN). As a researcher, he is interested in identifying vulnerabilities and developing exploits. Found many vulnerabilities in the Linux kernel, including CVE-2017-7308 in the network stack and CVE-2016-2384 USB-MIDI driver. Speeches, development, research: xairy.github.io
Assistant: Paul zhovner
Broadcast Link
Under the cutscene master plan.
What will happen at the master class
Detailed event plan github.com/xairy/hardware-village/tree/master/usb
- Sniffing and decoding USB packets using a logic analyzer; usbmon and wireshark; USBProxy Nouveau; OpenVizsla.
- Demonstration of BadUSB attacks using the original Rubber Ducky, Bash Bunny and Lan Turtle. BadUSB using cheap Chinese analogues Rubbery Ducky (ATtiny55, CJMCU, Cactus WHID) and Raspberry Pi Zero.
USB device emulation of standard classes:
- Using the Facedancer framework on Facedancer21 and GreatFET One;
- using legacy modules of the Gadget subsystem (g_hid.ko, etc.) and the Composite Gadget framework (FunctionFS / ConfigFS) on the Raspberry Pi Zero.
Emulation of custom USB devices:
- Using the Facedancer framework on Facedancer21 and GreatFET One;
- using legacy modules of the Gadget subsystem (GadgetFS and Raw Gadget) and Raspberry Pi Zero.
Fuzzing USB Stack:
- in virtual machines using syzkaller and vUSBf;
- physical devices using Facedancer21, GreatFET One, and Raspberry Pi Zero.
Broadcast Link
