[TriEmbed] Kali Yin/Yang with Arduino

Rodney Radford ncgadgetry at gmail.com
Thu Jun 4 17:32:24 CDT 2015


I think you misunderstood the point of the post. The Arduino is not running
Linux, but it can act as a USB device that can emulate a keyboard.  Plug
that into a computer and it can inject text into any system - Windows,
Linux, Mac, etc - but it must be at a location where it can accept text.
It can't force the system to be at a command prompt.

However, there are easier  hacks than using an Arduino and hope that the
system gets rebooted, and hope that you can get into bios or command line,
etc, so this is more of an academic issue than a real issue.

At a previous job I worked on a USB hack device that took advantage of the
way encrypted/compressed USB keys work. They have two partitions in them -
the data one and then one that contains a device driver that is loaded into
the system that controls the encryption/compression of the data partition.

It is possible to use this to hijack a system - write your own device
driver that loads into the kernel that can then do things such as key
logging, monitoring network traffic, reading/writing to disks, etc.  It can
even spawn it's own user processes, and then hide the device driver and the
user process from normal view (so not seen on a device/process list).  It
can also send all this data back 'home' to a waiting server, even hiding
that traffic from normal view.

Now just take that USB key, drop it off near the front of the building you
want to hijack, or better yet, drop a couple nearby in the parking lot, in
restaurants frequented by the employees of the company, etc and wait for an
employee to stick it into their system - curious what is there. Now hide a
few innocuous files - pictures of kittens - and while they are looking at
that, their entire system got compromised, and from that, their network.

Unfortunately, that is not science fiction, or movie drama - is very real
and much easier than using an Arduino.


On Thu, Jun 4, 2015 at 6:19 PM, Scott Hall via TriEmbed <
triembed at triembed.org> wrote:

> The Arduino is a 8-bit mpu not capable of booting and running Linux.
>
> On Thu, Jun 4, 2015 at 2:51 PM, John Vaughters via TriEmbed <
> triembed at triembed.org> wrote:
>
>>
>> With a continued escalation on security, I decided to check out the most
>> recent Kali Linux (Security Distribution). While scanning around the menus,
>> I noticed that Arduino IDE was loaded. How curious was that? Further
>> digging took me to a concept that I found intriguing enough to write this
>> email. While this little Open Source Hardware project has been capturing
>> our minds, it apparently has been noticed by the security industry as well.
>>
>> I have not looked into all the possibilities of Arduino use, but the one
>> that I noticed right away is affected by the Physical Security aspect. As
>> you may or may not know, newer Arduino's and the Teensy as well as other
>> devices can be configured to be recognized as a keyboard by a computer.
>> Well, this is quite powerful if you can basically place a keyboard device
>> in a computer and let it hack away. Now add an sd card and you have some
>> serious scripting capability.
>>
>> So the attack works like this. A person walks into your building (Think
>> cleaning crew), and finds a computer that seems to be not used much or
>> worse a server. The person plugs in an arduino configured as a keyboard and
>> walks away. You now have a robotic keyboard filled with scripts to attempt
>> mal intents. One thing that came to my mind was to include a USB stick as
>> well with a bootable distribution of a linux OS that could basically grant
>> a person access to an outside computer that would allow entry into your
>> network. The Arduino keyboard could reboot a computer and attempt to boot
>> the USB stick. Arduino keboard could even log into bios. Actually the
>> possibilities seem almost endless to me, but the work to create the scripts
>> would not exactly be easy. Would require quite a bit of testing I would
>> imagine.
>>
>> Anyhow, don't underestimate the power of physical access to your
>> computers. Many people are turning off their USB ports for file
>> capabilties, but I have not looked into this stopping a keyboard from
>> getting access to bios.
>>
>> I just thought that some of you might be interested in the double edged
>> Yin/Yang technology that we have become so enamored with in the past 5 or
>> so years.
>>
>> John Vaughters
>>
>>
>> _______________________________________________
>> Triangle, NC Embedded Computing mailing list
>> TriEmbed at triembed.org
>> http://mail.triembed.org/mailman/listinfo/triembed_triembed.org
>> TriEmbed web site: http://TriEmbed.org
>>
>>
>
>
> --
> Scott G. Hall
> Raleigh, NC, USA
> scottghall1 at gmail.com
>
> _______________________________________________
> Triangle, NC Embedded Computing mailing list
> TriEmbed at triembed.org
> http://mail.triembed.org/mailman/listinfo/triembed_triembed.org
> TriEmbed web site: http://TriEmbed.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.triembed.org/pipermail/triembed_triembed.org/attachments/20150604/c2f8bcd7/attachment.htm>


More information about the TriEmbed mailing list