The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Extracting data with USB HID

Posted by Xavier Ashe on January 27, 2013

As I get more into my Bit9 job, I will be doing a lot more endpoint security. I’ve been on the network side of security for so long, I have some ramping up to do. A very common request is to secure USB devices. Here’s a good article on getting data off a locked down system.

High security workstations have some pretty peculiar ways of securing data. One of these is disabling any USB flash drives that may find their way into a system’s USB port. Security is a cat and mouse game, so of course there’s a way around these measures. [d3ad0ne] came up with a way of dumping files onto an SD card by using the USB HID protocol.

We’ve seen this sort of thing before where a microcontroller carries an executable to extract data. Previously, the best method was to blink the Caps Lock LED on a keyboard, sending one bit at a time to a microcontroller. [d3ad0ne]‘s build exploits the USB HID protocol, but instead of 1 bit per second, he’s getting about 10kBps.

Hack-a-Day: Extracting Data with USB HID

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: