Jump to content











Photo
- - - - -

BADUSB exploit, can it be usefull to make better compatible usboot?


  • Please log in to reply
2 replies to this topic

#1 matx

matx

    Newbie

  • Members
  • 10 posts

Posted 07 October 2014 - 08:42 AM

https://github.com/a...audill/Psychson

It was published recently:

http://www.securityw...-code-published


  • Nuno Brito likes this

#2 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 14778 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 07 October 2014 - 09:50 AM

Quote
BADUSB exploit, can it be usefull to make better compatible usboot?

No.
Just for the record, unlike how it has been senselessly publicized, it is not a "breakthrough" of some kind, and it is not properly an "exploit", see here:
https://adamcaudill....hics-of-badusb/
the base concept is very simple.
You have a device (the controller on the USB stick) that is to all effects a tiny microprocessor that executes a (limited) set of instructions (the firmware).
Once you decode/reverse engineer the instruction set, you can write a new firmware that can do different things.
What was released is a (nice BTW) PoC (Proof of Concept) to alert about possible risks that are "implied" in the USB communication protocol.
The released code does not anything "malicious" and is limited to a given Phison controller as a patch to an existing firmware.

What may be of use (still limited to the given Phison controller, and possibly to the whole "family" of similar Phison controllers) are the tools that were released to apply the patches/modifications.

But from having the tools to apply/modify a patch (BTW tools that are also in themselves rather simple and not "rocket science") to actually write an useful for booting patch there is a looooong way.

Imagine that you are stuck at the DOS prompt and you have DEBUG running :w00t:.
Your mission, should you accept it, is to write a better Operating System with only that. :ph34r:

The reason why it is interesting is actually the reason why it was released, to draw attention to the fact that even the most stupid thingy you have on your keychain is programmable and that there should be a way to make sure that it is running an appropriate program/firmware (through validation).

Though seemingly unrelated, these experiments:
http://picframe.spri...x.php/Main_Page
http://spritesmods.com/?art=hddhack
https://code.google....rmware-mod-kit/
have the same kind of implications.

:duff:
Wonko
  • Nuno Brito likes this

#3 Nuno Brito

Nuno Brito

    Platinum Member

  • .script developer
  • 10544 posts
  • Location:boot.wim
  • Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
  •  
    European Union

Posted 07 October 2014 - 10:44 AM

Interesting read. Thanks for sharing. :cheers:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users