Learn, hack!

URL

https://media.blackhat.com/bh-dc-11/Stavrou-Wang/BlackHat_DC_2011_Stavrou_Zhaohui_USB_exploits-Slides.pdf

File name

BlackHat_DC_2011_Stavrou_Zhaohui_USB_exploits-Slides.pdf

File size

1.9 MB

MD5

fe2e3f468a54ebd2787a08ced55f5962

SHA1

d04ff001a45b1d851df70bd48abb7f5354b2e090

The Universal Serial Bus (USB) connection has become the de-facto standard for both charging and data transfers for smart phone devices including Google’s Android and Apple’s iPhone. To further enhance their functionality, smart phones are equipped with programmable USB hardware and open source operating systems that empower them to alter the default behavior of the end-to-end USB communications. Unfortunately, these new capabilities coupled with the inherent trust that users place on the USB physical connectivity and the lack of any protection mechanisms render USB a insecure link, prone to exploitation. To demonstrate this new avenue of exploitation, we introduce novel attack strategies that exploit the functional capabilities of the USB physical link. In addition, we detail how a sophisticated adversary who has under his control one of the connected devices can subvert the other. This includes attacks where a compromised smart phone poses as a Human Interface Device (HID) and sends keystrokes in order to control the victim host. Moreover, we explain how to boot a smart phone device into USB host mode and take over another phone using a specially crafted cable. Finally, we point out the underlying reasons behind USB exploits and propose potential defense mechanisms that would limit or even prevent such USB borne attacks. Angelos Stavrou is an Assistant Professor at George Mason University.