As I get more into my Bit9 job, I will be doing a lot more endpoint security. I’ve been on the network side of security for so long, I have some ramping up to do. A very common request is to secure USB devices. Here’s a good article on getting data off a locked down system.
High security workstations have some pretty peculiar ways of securing data. One of these is disabling any USB flash drives that may find their way into a system’s USB port. Security is a cat and mouse game, so of course there’s a way around these measures. [d3ad0ne] came up with a way of dumping files onto an SD card by using the USB HID protocol.
We’ve seen this sort of thing before where a microcontroller carries an executable to extract data. Previously, the best method was to blink the Caps Lock LED on a keyboard, sending one bit at a time to a microcontroller. [d3ad0ne]‘s build exploits the USB HID protocol, but instead of 1 bit per second, he’s getting about 10kBps.