Sonsivri
 
*
Welcome, Guest. Please login or register.
Did you miss your activation email?
December 04, 2016, 12:58:05 00:58


Login with username, password and session length


Pages: [1]
Print
Author Topic: Christmas project idea: Bad USB defender.  (Read 656 times)
0 Members and 1 Guest are viewing this topic.
dotm
Active Member
***
Offline Offline

Posts: 149

Thank You
-Given: 61
-Receive: 47


C15H15NO2S


« on: December 09, 2014, 11:04:51 23:04 »

I ask myself what to do IF there is little spare time during hollydays.
One option: farcry4
another one: doing electronics, for a change.

How hard could that be?
An Adapter that you can Plug your USB stick into, it checks if it is not a HID (thus BAD USB) and if everything is ok it connects it to the computer.
Anyone thought about this?

Yours
m.
Logged
pickit2
Moderator
Hero Member
*****
Offline Offline

Posts: 3816

Thank You
-Given: 567
-Receive: 2049


There is no evidence that I muted SoNsIvRi


« Reply #1 on: December 09, 2014, 11:26:07 23:26 »

It sounds more like software project.
http://msdn.microsoft.com/en-us/library/windows/hardware/dn376877(v=vs.85).aspx
Logged

Note: If you have no posts other than, I want or reporting a dead link Then you can't complain If I remove your post So Stop Leeching
dotm
Active Member
***
Offline Offline

Posts: 149

Thank You
-Given: 61
-Receive: 47


C15H15NO2S


« Reply #2 on: December 09, 2014, 11:36:31 23:36 »


Yes.
But if I somehow want to definitely make it as hardware (for recreational purpose?), how hard can it be?
Should I use a mcu with integrated host like the ftdi vinculum series? Or should I use a software stack like LUFA?
Logged
Gallymimu
Hero Member
*****
Offline Offline

Posts: 577

Thank You
-Given: 98
-Receive: 151


« Reply #3 on: December 09, 2014, 11:40:18 23:40 »

This would be a bit of work because the adapter would have to act as a host, identify the device, and then disconnect and pass the device through.

What would be the purpose of limiting to HID drivers??

The other issue is that I think you would need a database of ALL device PIDs.  Otherwise how would you know what driver a device needs?  The way windows knows is it scans through a list of PIDs it has for devices and if one matches a driver, it installs that driver.
Logged
dotm
Active Member
***
Offline Offline

Posts: 149

Thank You
-Given: 61
-Receive: 47


C15H15NO2S


« Reply #4 on: December 09, 2014, 11:44:19 23:44 »

What would be the purpose of limiting to HID drivers??

As far as I read, bad usb will reprogramm the memory controller to act as a HID besides its memory controller functions.
The security risk then comes from hidden keyboard inputs. So the goal would be to limit the stick to storage devices.
My naive idea is to check if there is one and JUST ONE device connected to the host and if this device is a storage device, eveything should be fine.
Logged
Gallymimu
Hero Member
*****
Offline Offline

Posts: 577

Thank You
-Given: 98
-Receive: 151


« Reply #5 on: December 09, 2014, 11:54:57 23:54 »

hmmm,

interesting.  You would have to get a processor that could be a full host or possibly OTG would work.
Logged
dotm
Active Member
***
Offline Offline

Posts: 149

Thank You
-Given: 61
-Receive: 47


C15H15NO2S


« Reply #6 on: December 10, 2014, 12:05:59 00:05 »

You would have to get a processor that could be a full host

like this ?
http://www.farnell.com/datasheets/64691.pdf
(ftdi site is down atm)
Would be limiting valid devices to class 08h (storage) sufficient?
Logged
CocaCola
V.I.P
Senior Member
*****
Offline Offline

Posts: 397

Thank You
-Given: 108
-Receive: 179


« Reply #7 on: December 10, 2014, 12:10:49 00:10 »

At the end of the day nothing is going to be fool proof, on Windows follow the steps in this link and disable installation of USB keyboards and that will solve most of the 'BADUSB' thumb drive exploits...

https://heimdalsecurity.com/blog/badusb-exploit-vulnerability-fix/
Logged
Pages: [1]
Print
Jump to:  


DISCLAIMER
WE DONT HOST ANY ILLEGAL FILES ON THE SERVER
USE CONTACT US TO REPORT ILLEGAL FILES
ADMINISTRATORS CANNOT BE HELD RESPONSIBLE FOR USERS POSTS AND LINKS

... Copyright 2003-2999 Sonsivri.to ...
Powered by SMF 1.1.18 | SMF © 2006-2009, Simple Machines LLC | HarzeM Dilber MC