00:00:00.000,00:00:05.005 >>Right, hello everyone. Uh- Thank you for, for coming to our talk on uh remote physical 00:00:07.741,00:00:14.047 access attacks via USB. Uh Just in case, you're in the wrong room, that's the bottom line up 00:00:14.047,00:00:19.052 front. We're going to be talking about an end to end attack implementation of a USB implant, 00:00:22.089,00:00:28.161 that's the teddy thing to call it these days, uh, that provides remote access to even devices 00:00:28.161,00:00:33.400 that- that are airgapped, so, it doesn't use the host network. And so then the important things 00:00:33.400,00:00:39.540 there are: no network interface is required, uh, it's gonna be very difficult for forensic 00:00:39.540,00:00:44.111 tools to pick the stuff we're doing up, and we're gonna release the tool set and some 00:00:44.111,00:00:49.616 open hardware so that you guys can- can play with it too. Alright, anyone want to walk out 00:00:49.616,00:00:54.621 after that? [Whispers] Yeah! K. So, we're from a company called SensePost. Uh, we've got an 00:00:58.158,00:01:02.629 office in South Africa and London. We came all the way from South Africa. It's a long 00:01:02.629,00:01:09.036 flight. Uh, we're predominately a penetration testing... Thank you. Sorry We're predominantly a 00:01:09.036,00:01:14.975 penetration testing company, so that's the angle we're coming from in this talk. And we do 00:01:14.975,00:01:20.480 some other things. Started nearly 17 years ago in a bedroom in Pretoria, South Africa. It's 00:01:20.480,00:01:26.920 a picture of said bedroom. Um, and Rogan is the primary researcher on this. He did a lot 00:01:26.920,00:01:32.592 of the uh- most of the heavy lifting. Uh, will that show...? Yeah, it's all on there. So if 00:01:32.592,00:01:36.563 you want to shout at anyone, please shout at him. But if he's not listening then you can shout 00:01:36.563,00:01:41.568 at me. Uh, I'm @singe on twitter and Rogan is @rogandawes on twitter. Alright, so, one of the 00:01:45.105,00:01:51.378 really difficult things in security, particularly on the defensive side, is coming u with 00:01:51.378,00:01:56.683 a realistic threat model. So this is Jeremy Meeks, he was uh, a felon whose mug shot ended up 00:01:56.683,00:02:03.090 going viral and he got a modeling contract afterwards. So you get it? Threat model? eh...? 00:02:03.090,00:02:09.296 No, okay. I'm a dad now, I get to make dad jokes. So, I think what happens a lot of the time 00:02:09.296,00:02:12.532 when you're on the defensive side, is there's all sorts of things you need to prioritize 00:02:12.532,00:02:17.671 your spend, there's lots of vendor marketing, uh there's branded bugs, there's people who 00:02:17.671,00:02:22.175 come give talks at DefCon, um, and you've got to try to figure out where you're going to spend 00:02:22.175,00:02:26.580 your, your time. And I think a lot of the time in information security, uh people are walking 00:02:26.580,00:02:31.051 down a dark alley worried about pianos falling on their head rather than somebody coming to 00:02:31.051,00:02:36.056 mug them. And so, what I think a pen testers job is, is to realistically emulate actual bad 00:02:38.058,00:02:42.696 guy attacks. So things real bad guys are doing that'll affect an organization. I mean it's really 00:02:42.696,00:02:47.834 cool when we come up with super interesting, creative attacks, but if we're not also coming up 00:02:47.834,00:02:52.472 with attacks that real bad guys are using, that's going to be a problem. And so that's- that's 00:02:52.472,00:02:56.243 one of the reasons we wanted to do this work and so, given I'm talking about real bad guys, 00:02:56.243,00:03:01.782 let's start talking about some real bad guys. So, if the NSA is targeting you,then they're, for 00:03:01.782,00:03:06.386 all intents and purposes, one of your bad guys, probably difficult bad guys to deal with, 00:03:06.386,00:03:13.360 but in 2000- in 2008, that's not when this was released, this is part of the Snowden docs and it 00:03:13.360,00:03:19.599 was pointed out that the NSA had this capability which was a miniaturized USB device, it had 00:03:19.599,00:03:26.039 its own RF protocol, uh that could have coms off the host and- and you could get remote 00:03:26.039,00:03:30.143 control of hosts with this hardware implants. And so this is what the NSA was doing circa 00:03:30.143,00:03:35.949 2008. If we consider those guys the apex predators, you know, probably 2008, they were leading 00:03:35.949,00:03:41.555 the pack with this stuff. But then about three years ago, we, uh, were called in to help with 00:03:41.555,00:03:46.426 a crime that was ongoing at a series of financial institutions back in South Africa. And this 00:03:46.426,00:03:51.998 same sort of attack repeated itself in the UK as well. And what this attack was, was they 00:03:51.998,00:03:58.638 were using simple physical hardware to bypass the software controls in place. Um, So the 00:03:58.638,00:04:02.843 first thing were hardware key loggers in the bottom left hand corner. Uh, they would pay 00:04:02.843,00:04:07.647 people to put these down that get a password for somebody that could make a transaction, and 00:04:07.647,00:04:10.750 they'd get a password for someone who could approve a transaction. The thing in the 00:04:10.750,00:04:15.255 top right is a- is a hard- hard drive imaging tool that would pay somebody to go image hard 00:04:15.255,00:04:19.926 drives and these guys were so technically unsophisticated, they would buy computers that 00:04:19.926,00:04:23.864 were the same color as the computer that had been imaged, because they thought that was 00:04:23.864,00:04:28.735 the relevant hardware characteristic. And then they would pay someone to put that, 00:04:28.735,00:04:33.874 that box in the middle down, called a- a pocket port, and that basically provides a VPN 00:04:33.874,00:04:38.111 into the internal network. So now they've got creds, they've got the bank software, and 00:04:38.111,00:04:42.983 they've got remote access. And none of it was particularly elite hacks. These were 00:04:42.983,00:04:47.921 criminals paying people. It's kind of the way crimes worked for- for a long time. And they 00:04:47.921,00:04:51.491 were wildly successful. We're talking about hundreds of millions of Rands, which is 00:04:51.491,00:04:56.496 about two dollars. [laughter] You guys laugh, it hurts us. That were taken from all of 00:05:00.167,00:05:04.271 these financial institutions. And so, we were left wondering, if you've got the apex predator 00:05:04.271,00:05:09.342 over here using hardware bypasses of software controls, and you've got criminals who are 00:05:09.342,00:05:13.980 like, color matching their computers, and being wildly successful at actually stealing 00:05:13.980,00:05:19.152 money doing it. We can hypothesize is probably a swath of things in between where 00:05:19.152,00:05:25.759 people are using a similar kind of attack, hardware bypasses of software security, but, um, in 00:05:25.759,00:05:30.397 different ways. And so that tells us real criminals are doing this. Maybe this is 00:05:30.397,00:05:34.501 something we should look at in more detail and stop writing it off as, well if you've got 00:05:34.501,00:05:40.340 physical access the game is lost. And so when you look at the way your average, like your 00:05:40.340,00:05:45.345 average client, corporate defense against USB threats, it's mostly worries about 00:05:47.514,00:05:53.086 malware, mostly dropped from mass storage devices, or unauthorized networking. 00:05:53.086,00:05:58.892 Something like a 3g device or a wifi card by passing the firewall. And so this is the 00:05:58.892,00:06:03.830 sorts of restrictions you see in place. But the USB standard allows for vastly more sorts of 00:06:06.900,00:06:11.571 devices, and um, as hardware is getting smaller and smaller, there's vastly more things you 00:06:11.571,00:06:17.677 can do with those devices, um and, we think that there's ways that you can uh- the attacks 00:06:17.677,00:06:22.983 we're going to show today, theres ways that you can get remote compromises of machines 00:06:22.983,00:06:28.355 via USB that doesn't hit any of those protections. So specifically they objectives of 00:06:28.355,00:06:34.361 our work were 6 fold. The first is we wanted to have a usable end to end attack, so something 00:06:34.361,00:06:38.698 we could use in our engagements to demonstrate this risk to our customers, but then also 00:06:38.698,00:06:43.603 something that you guys can use to demonstrate this risk. And so we didn't want to demonstrate 00:06:43.603,00:06:49.209 one or two concepts, we wanted the whole thing to work from plug in to remote shell. We 00:06:49.209,00:06:53.647 wanted to be able to remotely be able to trigger this stuff at times of our chasing. We didn't 00:06:53.647,00:06:58.118 want to have to deal with finicky random delays from when you plug it in to when it fires 00:06:58.118,00:07:03.056 and make sure the screen saver is not getting in the way. We wanted to avoid obvious USB 00:07:05.925,00:07:11.998 vectors. So we didn't wanted to have USB mass storage dropping malware. We didn't want to have 00:07:11.998,00:07:17.003 uh- malware that was really easy to spot by AV. We wanted to be as automated as possible. Now 00:07:19.072,00:07:22.876 we're talking USB so obviously at some point, somebody needs to plug something into a computer. 00:07:22.876,00:07:27.881 Um, but beyond that, we didn't want to have to be fiddling with things. It must be automated. 00:07:31.051,00:07:35.388 Then this was quite an important design goal for us. We wanted to use a covert backchannel. And 00:07:35.388,00:07:40.860 thats fancy words for, it musn't be a network card. Uh so we'll get into it in more detail but 00:07:40.860,00:07:47.367 we use innocuous looking USB devices. Text printers, sound cards, and then this particular 00:07:47.367,00:07:52.706 thing, generic HID device to do a bunch of our coms. And Rogan is gonna get into that in more 00:07:52.706,00:07:59.512 detail. And then we wanted to limit the forensic impact of this. So, because we're using 00:07:59.512,00:08:04.584 hardware devices, we could put a bunch of the heavy lifting on there, rather then having to 00:08:04.584,00:08:08.922 stick it in malware that's executing on the host. And so naturally, because we're using 00:08:08.922,00:08:15.595 our own RF backchannel, it's not going through the network of the target device or the target 00:08:15.595,00:08:20.600 organization so things like Fireeyes and IBSs, um, that would normally monitor network 00:08:22.635,00:08:27.006 coms looking for C2 coms, things like that, they're not going to come into play. We also then 00:08:27.006,00:08:33.580 have to deal with the vagaries of proxy access that might be in play at various organizations. 00:08:33.580,00:08:39.652 And- and then the second thing is most of the- the payloads that we're running are really 00:08:39.652,00:08:45.725 small simple stub things that don't look particularly dangerous. Now of course AV 00:08:45.725,00:08:49.796 could always take the stuff we release today and develop signatures for that as is they 00:08:49.796,00:08:54.801 want. But we can very quickly change the simple payloads to avoid that and they'd kind of be 00:08:57.070,00:09:02.976 stuck in a game of false positive matching on very simple USB devices that have all sorts 00:09:02.976,00:09:08.815 of other uses. So that was a big- these were the main 6 objectives we were going for 00:09:08.815,00:09:13.820 with this work. >>So, like everybody, we've built um- on the shoulders of giants. Um, 00:09:17.924,00:09:24.297 We're obviously not the first people to come up with a lot of these ideas. Uh- A lot of prior 00:09:24.297,00:09:29.302 art exists, in particular, Adrian Crenshaw's plug & pray from 2010 or 2009. Um- his 00:09:32.205,00:09:38.745 malicious USB devices. He did uh- some really good work there. Um- Hak5's Rubber Ducky's also 00:09:38.745,00:09:43.750 been around for a long time, so the- the concept of a malicious hit device is not new. What we'd 00:09:45.819,00:09:50.824 like to show is that we can take it a step further, um- then other people have done so far 00:09:53.726,00:10:00.233 and hopefully show something novel that uh- that you guys will appreciate. Um- other prior 00:10:00.233,00:10:05.238 art, uh- the facedancer, um- devices from Travis Godspeed and Sergey Bratus. Um- I've shown 00:10:08.341,00:10:13.346 that a lot of um- capability in the USB um- classes, um- the NSA playset TURNIPSHCOOL was a 00:10:16.316,00:10:21.321 really good introduction to um- some embedded USB devices that was uh- a start at emulating the 00:10:25.758,00:10:30.763 uh- the cottonmouth devices. The NSA things. Um- Samy Kamkar has done uh- the USB driveby, which 00:10:33.132,00:10:38.605 is a keyboard and mouse device that will execute keyboard- keystrokes and mouse movements 00:10:38.605,00:10:45.178 on a script, um- and then recently released at uh Hack in the Box in Amsterdam, um 00:10:45.178,00:10:50.650 Seunghun Han's Iron-HID did some very similar things to what we are going to show you today. Um- 00:10:50.650,00:10:57.323 But that was released after our DefCon submission so. So the hardware that we're using, or 00:10:57.323,00:11:02.262 that we used to prototype this is a device from a company in China called April Brother, um- 00:11:04.697,00:11:09.702 it's called the Cactus Micro Rev2, and it has an ESP8266 WiFi micro controller on it, as well 00:11:13.006,00:11:18.011 as an ATmega- um Atmel ATmega32U4 AVR processor on it. And the reason this was 00:11:21.514,00:11:26.519 important for us, the Wifi gives us a coms channel, and the uh- AVR processor gives us the USB 00:11:30.790,00:11:35.795 capabilities. So the combination of the two was critical to- to pulling this off. Um- it has 00:11:39.032,00:11:44.103 some problems obviously. The device itself is really really small, so which is obviously a 00:11:44.103,00:11:50.009 good thing, but it has a micro USB connector on it, which is not particularly good when 00:11:50.009,00:11:54.447 you're trying to make it look like a flash drive. So for those in the back, this is what it 00:11:54.447,00:11:59.452 looks like. [inaudible] Um- so, it's compact enough to be a flash drive. You could put it 00:12:02.055,00:12:07.060 into uh- into a casing but it needed the USB-A connector. Some advantages though, it's cheap. 00:12:09.829,00:12:16.302 Um- they were going for around 11 dollars when I bought- when I bought mine. Um- and it's got 00:12:16.302,00:12:21.307 the basic capabilities that we need. The wifi and the USB capabilities. So we had some 00:12:26.412,00:12:31.417 custom boards made up to address those shortcomings we identified. Most importantly the 00:12:34.554,00:12:39.559 USB-A connector, but also, um- we added some storage capability, a micro SD slot. So 00:12:41.728,00:12:47.200 we can put some storage on it. If we want to make it show up as a- a flash storage we can, or 00:12:47.200,00:12:52.205 store data on it, for exfiltration. Um- but we also connected a few of the other uh- 00:12:54.474,00:12:58.244 lines between the two microprocessors so that we can use some of the other 00:12:58.244,00:13:03.182 capabilities that exist. So there's the- the finished device, both sides. Um, and in a 00:13:07.587,00:13:13.092 case. So, it's pretty innocuous, it looks exactly like a flash drive. There is nothing really 00:13:13.092,00:13:18.097 that distinguishes it otherwise. Ok, so let me run you through the flow of how the device 00:13:26.572,00:13:32.011 actually works. On one side we've got the attacker, and on the other side we've got our 00:13:32.011,00:13:37.016 target. The attacker connects to the esp device, the esp processor, which is running 00:13:39.652,00:13:45.758 esp-link firmware with some modifications. And that connection happens over WiFi 00:13:45.758,00:13:52.632 which means that the attacker can use a lot of standardized tools. That's an interface that 00:13:52.632,00:13:57.637 everybody has capability to interact with. The esp-link then interacts with the AVR 00:14:00.540,00:14:06.879 processor, and I just want to point out that these are both on the same board. It's shown 00:14:06.879,00:14:11.050 separately because I had two separate controllers, two separate micro controllers, but 00:14:11.050,00:14:16.055 they're actually on that same board. Just connected via a serial link, a uart. The AVR 00:14:18.624,00:14:23.629 processor is using the LUFR framework, which is a- um- a software package for the AVR 00:14:26.933,00:14:28.935 processor which allows it to show up or to emulate uh- a variety of different USB 00:14:28.935,00:14:33.940 devices. And that is how the AVR process then appears to our victim once it's plugged in. So 00:14:43.616,00:14:48.621 the first problem that we ran into was well, we need to get keystrokes to come at the USB 00:14:55.595,00:15:00.533 interface and be seen by the victim. So I started off by looking at what the actual bytes 00:15:05.004,00:15:09.475 are, that are needed to send those characters, and you need to send 7 bytes and character A 00:15:09.475,00:15:14.480 is byte 3 et cetera et cetera, and I wrote a program on my PC that would connect to the esp 00:15:16.516,00:15:21.988 over wifi and send those bytes that needed to come out the other side. But that ran into a 00:15:21.988,00:15:28.828 problem, and, you know things like dealing with alt-tabs and control-alt-deletes, et cetera 00:15:28.828,00:15:33.666 et cetera, made life pretty difficult for me. And then I realize that, well hold on a 00:15:33.666,00:15:38.671 second this is actually a solved problem. What I'm really talking about is VNC. VNC has been doing 00:15:40.907,00:15:47.713 network keystrokes and mouse movements for years and years. So, in order to take advantage 00:15:47.713,00:15:52.718 of that, I then implemented a VNC server in the esp micro controller. Turns out that the 00:15:57.023,00:16:01.961 VNC protocol is pretty simple if you can ignore all the graphical compression and uh- that side of 00:16:04.730,00:16:09.735 things. So the esp then passes those keystrokes down to the AVR, the AVR emits those 00:16:13.606,00:16:18.611 keystrokes as USB keystones events and mouse movements as required. the other aspect of 00:16:27.019,00:16:32.024 the uh- of the AVR, is that is can provide multiple uh- interfaces simultaneously, and 00:16:35.161,00:16:39.899 using what's known as a composite device. So while it's being a keyboard and a mouse, it 00:16:39.899,00:16:46.138 can also provide additional channels. We looked at using some, you know, pure keyboard 00:16:46.138,00:16:51.143 and mouse coms, um- thinking that we could extract data using the keyboard LEDs, the scroll 00:16:53.145,00:16:57.617 lock and the- the num lock and the caps lock LEDs, because that's a reverse channel that's 00:16:57.617,00:17:03.356 available to a keyboard. And then we discovered, that's not novel, somebody's already done 00:17:03.356,00:17:08.361 that in 2012 and they managed to get a whopping 1.25 bytes per second. So we reckoned that 00:17:11.264,00:17:17.770 wasn't good enough and uh- explored some other alternatives. Um, other 00:17:17.770,00:17:22.775 alternatives that we- that we considered were devices such as text only printers, um- things 00:17:27.179,00:17:32.184 like sound cards, MIDI devices, which all have default class drivers in most operating 00:17:35.721,00:17:41.994 systems that you're interested in. They'll automatically be recognized. And it'll be really 00:17:41.994,00:17:47.400 really easy for an attacker to connect a device and not have to worry about loading driver 00:17:47.400,00:17:53.439 software or anything like that. No prompts show up on the victim. You simply plug it in, 00:17:53.439,00:17:58.444 Windows recognizes it, and you're good to go. Another aspect of um- what we 00:18:04.483,00:18:09.488 implemented, we realized that as a- as a keyboard and a mouse, it doesn't actually give you any 00:18:11.891,00:18:18.064 particular elevated access, it's just a keyboard. So one thing that we realized is that we can 00:18:18.064,00:18:23.069 only launch our attack, when the screen is unlocked. One thought that we came up with was then to 00:18:26.572,00:18:32.278 implement an automated mouse jiggler. So all it does is it moves the mouse periodically, 00:18:32.278,00:18:38.317 every couple of seconds, one pixel to the left, one pixel to the right. So your mouse doesn't 00:18:38.317,00:18:44.590 move around, but it stops the screen saver from kicking in. And it works pretty well, if you 00:18:44.590,00:18:50.963 only do one pixel, it doesn't actually disturb the screen saver if it's already kicked in. 00:18:50.963,00:18:55.701 So if the machine has gone to sleep and you plug this in, the device will stay asleep, and the 00:18:55.701,00:19:00.639 screen saver will stay active. As soon as somebody unlocks the screensaver though, the mouse 00:19:03.075,00:19:08.080 jiggler will stop it from reactivating. It turned out pretty well. Ok, so, having 00:19:14.387,00:19:19.392 implemented the keystroke channel, we then realized that we needed to have a um- this 00:19:24.230,00:19:29.235 additional pipe. So we've launched our basic exploit, and now we need to have this 00:19:33.406,00:19:39.478 backchannel communications, and in order to do that we used, for this particular exploit, or 00:19:39.478,00:19:44.483 demonstration, we used a generic HID class. What's great about that, is that you plug it in, 00:19:46.786,00:19:52.858 Windows recognizes it, and you've got permission to access it. There's no administrative 00:19:52.858,00:19:57.863 privileges required in order to access the generic HID device. So the process goes um- like 00:20:03.669,00:20:08.674 this: We use a scripted VNC tool to type out our stage zero attack. Our stage zero attack 00:20:14.113,00:20:19.118 then, is as minimal as possible, the bare minimum code that we could um- arrive at that would 00:20:24.123,00:20:30.863 open up that generic HID interface and then read more data from that. A secondary 00:20:30.863,00:20:37.470 stage or a stage one. Some of the problems we ran into, well obviously we want this to be as 00:20:37.470,00:20:42.741 stealthy as possible, so you don't want somebody sitting there, to suddenly see code 00:20:42.741,00:20:47.746 being typed into their machine. So the first thing we did was we configured it, well the code we 00:20:49.849,00:20:55.955 ran set the foreground text to be the same color as the background and then clear the 00:20:55.955,00:21:00.893 screen. So you get a clear- a blank screen just showing up on your PC. Well, it's not great, 00:21:03.596,00:21:08.601 but it only happens for a few seconds. Shortly after that, we move the screen- sorry, we move 00:21:11.103,00:21:16.108 the window off the screen. So, in order to still receive keystrokes, we can't minimize 00:21:18.377,00:21:22.181 the window, but we can move it off screen to position 2000x2000, that's off most 00:21:22.181,00:21:27.186 peoples' screens, um- and it can continue to receive keystrokes even when it's no longer 00:21:29.522,00:21:34.527 visible. It does still remain in the task bar however. Because it was to in order to receive those 00:21:37.029,00:21:42.034 keystrokes. The last thing we do once we've finished executing our payload is to make that 00:21:45.104,00:21:50.109 window disappear from the task bar. From start to finish, the process takes about 3 seconds 00:21:55.347,00:22:00.619 before the um- the text becomes invisible, about 5 seconds before it disappears off the 00:22:00.619,00:22:05.090 window, and about 13 seconds in total, for it to disappear from the task bar. So that's pretty 00:22:05.090,00:22:10.095 quick. It's averaging between 60 and 90 characters per second for our typing. Once our stage 0 00:22:15.968,00:22:22.741 payload is running, we then send a stage one. It's a very simple payload but it can be as complex 00:22:22.741,00:22:29.081 as you want it to be, the stage zero simply reads a two byte length and then that many bytes 00:22:29.081,00:22:34.086 of powershell to execute. So some examples of a stage one we have, um- one that spawns a 00:22:37.289,00:22:42.294 command shell, which we'll show you. Um- we've got another one that takes a screenshot of the 00:22:44.463,00:22:50.736 victim's desktop and then sends it back as a jpeg. Um, and we've got some other payloads that 00:22:50.736,00:22:54.974 we're still playing with that uh- we'd love to show you if you're interested after the 00:22:54.974,00:22:59.979 talk, because I think we're going to run out of time. >>So, like Rogan was saying, one of 00:23:05.084,00:23:10.889 the- the big problems with this is you need to make sure that that initial typed payload is as 00:23:10.889,00:23:17.029 stealthy as possible. Um- and I think we've come up with some fairly decent optimizations 00:23:17.029,00:23:23.602 that- that mean we can type an incredibly small payload so our- our sneakiest payload is about 00:23:23.602,00:23:28.607 just less than 1000 characters, which can be typed pretty quickly. Uh- and we can do a 00:23:32.978,00:23:37.349 bunch of optimizations before hand to hide it, plus I think it's pretty cool that it reads 00:23:37.349,00:23:42.288 from the HID device. You don't have to rely on sort of fragile typing to- to get the thing 00:23:42.288,00:23:48.127 across. Uh- we tried some other things so we ran into some issues with alternative keyboard 00:23:48.127,00:23:53.132 layouts. Uh- so were using a UK keyboard layout versus uh- a USA keyboard layout. And different 00:23:55.367,00:23:58.370 characters come through differently, particularly when you're typing sort of 00:23:58.370,00:24:04.109 semi-advanced powershell code. One of the easy solutions would be to base64 encode that, but 00:24:04.109,00:24:08.847 those of you who have played with things like empire or powershells, base64 encoding, 00:24:08.847,00:24:13.218 that ends up like over doubling the size of the characters required because of the way it 00:24:13.218,00:24:19.692 does the base64 encoding. So we had to keep it as small and as sneaky as possible. We also 00:24:19.692,00:24:23.062 tried some other interesting things which we thought were quite clever but they didn't 00:24:23.062,00:24:28.334 work out so well. Because we're typing, we could technically use tab completion from powershell, 00:24:28.334,00:24:32.638 so we were able to implement a payload that uses tab completion as much as possible, which saved 00:24:32.638,00:24:37.876 us, I think a total of 12 characters. Um- it wasn't really worth the effort. But with the 00:24:37.876,00:24:41.413 code we're going to release, we're going to release a simple little powershell mini-fyer so 00:24:41.413,00:24:46.151 those of you who are trying to get smaller powershell exploits into smaller buffers, that might 00:24:46.151,00:24:51.156 be- be helpful for some of you. >>So some of the other prob- yeah- Some of the other problems 00:24:58.764,00:25:03.702 we ran into were uh- float control issues. So, the process of developing this was, one of, 00:25:07.639,00:25:11.810 pretty much pulling my hair out, um- to be quite honest. You start off with the attacker's 00:25:11.810,00:25:17.182 machine which is a multi gigahertz desktop, you're talking to an 80 megahertz 32 00:25:17.182,00:25:22.187 bit processor dealing with the Wifi stuff, talking down to an 8 megahertz, 8 bit processor, with 00:25:25.190,00:25:30.863 a few bytes of rams and so on, um- and then ultimately talking to another multiple gigahertz 00:25:30.863,00:25:35.868 processor. So it became quite a problem of making sure that while you're sending the data at 00:25:39.838,00:25:44.777 full speed from the attackers machine to the esp, the esp then has the ability to say, woah 00:25:44.777,00:25:49.782 slow down, I can only send data so fast to the AVR. Again, only send it so fast to the victims 00:25:52.117,00:25:58.857 PC, and then, again in the same- in the reverse direction, from the victim, back across all of 00:25:58.857,00:26:03.796 these different disparate capabilities. Some of the problems um- that we ran into, 00:26:06.965,00:26:11.970 the esp has a 128 bit fiffer- uh buffer. So you fill the buffer, and then the AVR goes, okay 00:26:14.673,00:26:20.579 enough, but, it's filled it again by the time the AVR has read of that- that data, and you 00:26:20.579,00:26:27.586 end up running over the edge of the buffer and jumping off into no man's land. Some of the 00:26:27.586,00:26:31.957 problems though, you're debugging so you've go no um- you know no screens or anything 00:26:31.957,00:26:37.763 like that to see what's actually happening. You're trying to infer behavior based on- like a 00:26:37.763,00:26:44.002 light flashing or something along those lines. So it became, kind of an exercise in whack a 00:26:44.002,00:26:50.642 mole trying to figure out exactly where all this was going wrong. And especially when it 00:26:50.642,00:26:55.647 came to debugging the esp. Its behavior if you got anything wrong is to reboot. The watchdog 00:26:57.649,00:27:03.455 timer kicks in, and everything goes away. While it's got uh- debug capabilities, um- the 00:27:03.455,00:27:08.460 esp-link firmware in particular gives you a nice debug window that you can access using an 00:27:08.460,00:27:13.465 http server. once it reboots that data is gone. So, in order to successfully debug it, what I 00:27:16.101,00:27:22.508 ended up doing was putting two USB to Serial adapters, monitoring the lines between the 00:27:22.508,00:27:29.381 esp and AVR so that any debugging output are to send from one processor to the other, 00:27:29.381,00:27:35.220 monitor it with the um- with the two USB Serial adapters, and then I could finally sought to 00:27:35.220,00:27:40.225 figure out where I was going wrong. And then, a final problem that I needed to be able to 00:27:46.532,00:27:52.704 solve, was the orchestration of all the components. You've got your VNC script sending 00:27:52.704,00:27:59.678 keystrokes, um- you've got your stage one being sent over Telnet, uh- and you need to make 00:27:59.678,00:28:04.917 sure that stage zero is completed before stage one starts pro- trying to be 00:28:04.917,00:28:11.089 processed, and then any subsequent stages. So it became, um- a little bit of a- a dance, 00:28:11.089,00:28:15.594 if you like. Making sure that all the moving pieces were moving in the right time, and in 00:28:15.594,00:28:20.599 the right direction. >>And so the bits Rogan doesn't tell you about, he says he lost a bunch 00:28:24.570,00:28:29.875 of hair. But- include things like 3 o'clock yesterday night as he's trying to develop one 00:28:29.875,00:28:35.714 more thing, dancing around the room thinking something's won, only to have it fall over, and 00:28:35.714,00:28:41.320 to return to his chair in disappointment. Um- and so the thing that this made clear to us 00:28:41.320,00:28:47.859 in developing it is that in the- the world of PCs and mobile phones, as attackers, or even 00:28:47.859,00:28:52.598 just normal users, we're used to the idea that there's these really robust, well tested 00:28:52.598,00:28:57.603 frameworks, stacks, libraries. But the second you move to little pieces of shitty hardware 00:28:57.603,00:29:03.675 that are this big, um- you end up in a dark world of pain, fear and loathing. Um- and so the- 00:29:03.675,00:29:10.048 the move from the theoretical to the actual implementation with this is quite a long path, 00:29:10.048,00:29:14.553 particularly as you move across all of these different layers, I'm sure there are embedded 00:29:14.553,00:29:21.460 hardware programmers who would look at the code and laugh, and laugh, and laugh. Um- but, it's 00:29:21.460,00:29:26.431 not like you can have just one area of specialization in this. You're moving from USB to Wifi 00:29:26.431,00:29:31.436 to Telnet to VNC to Powershell and really is a cross functional thing. And so, we weren't able 00:29:35.073,00:29:39.911 to find any live chickens in Las Vegas, um- and we haven't sacrificed anything to the demo 00:29:39.911,00:29:45.617 god, um- and we're going to try and show you a video demo. We're going to try and show a live 00:29:45.617,00:29:50.555 demo later on, but we thought, let's have at least one thing which works before we march off 00:29:50.555,00:29:55.560 in shame. So, this is a video of said demo, and on the- It's not showing up, is it? >>Yep, We're 00:29:57.729,00:30:02.734 good >>Alright so, that's your right hand side is the attacker, and the left hand side is the 00:30:13.278,00:30:18.283 victim. So the victim machine is bog standard Windows 8 uh- default configuration other than 00:30:20.552,00:30:26.124 having installed antivirus. There's no network connection available. So, the thing is air 00:30:26.124,00:30:31.463 gapped for all intents and purposes. And then, probably the longest part of setting up this 00:30:31.463,00:30:36.435 machine was downloading the bloatware that is McAfee, um- for it to give us a little green 00:30:36.435,00:30:39.805 icon saying we're secure and we updated it last night. So we've got the latest and greatest 00:30:39.805,00:30:45.977 protections there. Now, we mentioned that it's got a mouse jiggler to stop the screen 00:30:45.977,00:30:52.651 saver, and so you can see the screen saver is set to timeout after one minute. Um- and the 00:30:52.651,00:30:56.555 really cool thing about this implementation, the mouse jiggler that we've found, is 00:30:56.555,00:31:02.861 that most operating systems smooth the output, so you don't see the mouse moving at all. So 00:31:02.861,00:31:07.733 even though it's moving the mouse one pixel right and left, you just don't see anything. So, 00:31:07.733,00:31:11.870 if everyone could brace themselves, we're now going to spend a minute watching time 00:31:11.870,00:31:17.776 tick on that clock. No not really. Uh- if we fast forward a minute, uh- Rogan and I set this 00:31:17.776,00:31:23.315 staring at the screen, waiting for that clock to tick. It's really just to show that after a 00:31:23.315,00:31:28.653 minute, the screen saver doesn't engage. So the user's gotten up, they went to get some coffee, 00:31:28.653,00:31:34.092 trusting that their screensaver would kick in, it doesn't, and we're now free to launch our 00:31:34.092,00:31:39.097 payload. Alright, so, we then move to the attacker's machine. Obviously we're displaying these 00:31:41.399,00:31:46.238 side by side. They're not going to be physically next to each other, there would be a wifi 00:31:46.238,00:31:51.243 connection between the attacker and the little device. And so we ran our attack, which just pipes 00:31:55.781,00:32:01.920 everything to that were- that we're trying to do. And so here you can see it running- the- it 00:32:01.920,00:32:06.792 popped up- start, run, typed in powershell, brought up a powershell window, and you can 00:32:06.792,00:32:11.897 see in a couple of seconds, it's hidden the text. So that's the first attempt at sneakiness, so 00:32:11.897,00:32:16.601 user doesn't see a bunch of strange hieroglyphs flying across their screen. Um- and 00:32:16.601,00:32:22.908 then after a couple of more seconds, we move that window off of the screen. But keyboard 00:32:22.908,00:32:26.645 input is still going into that window. If we'd hidden the window, the keyboard input 00:32:26.645,00:32:31.983 wouldn't go there. But you can see it's still on the task bar. Eventually after it's put in 00:32:31.983,00:32:36.521 enough to start reading from the HID device, we don't need the keyboard input anymore, and we 00:32:36.521,00:32:40.425 can hide that window and put it into a proper background process. You'll see then on the 00:32:40.425,00:32:47.232 right it says sending 2568 bytes, that's the second stage that Rogan was talking about. 00:32:47.232,00:32:52.404 And this one, we're just sending the simple command shell that can speak the HID protocol that 00:32:52.404,00:32:57.409 we developed. And it gives us a DOS shell back over wifi. Um- and so we can run the l33test 00:33:01.713,00:33:06.718 thing we could thing of, calc.exe. [applause] Uh- If only my mother got this applause 00:33:17.629,00:33:24.002 overtime she ran calc. And then of course, our trusty, multiyear, multiuser McAfee 00:33:24.002,00:33:29.341 license has done its job. It told us the computer is secure. And, don't really blame 00:33:29.341,00:33:33.144 antivirus, we developed this so that it's inherently not something that's going to be 00:33:33.144,00:33:38.149 picked up by- by those sorts of things. Alright, let's see if we can go back here. So that was 00:33:40.986,00:33:45.991 the- the basic demo. I think we're doing kind of alright on time, we'll see. So, defenses 00:33:48.526,00:33:53.632 are kinda hard for this. Um- now if we're completely honest about this, if you calculate the CVSS 00:33:53.632,00:33:58.637 score, this comes to like a 5 at a max. Because it requires physical access. Um- but, the 00:34:00.872,00:34:05.810 problem with this is it's- it's a very difficult problem to fix. So the immediate and obvious 00:34:05.810,00:34:11.349 solution is going proxy or USB ports, but that's not a particularly practical solution. 00:34:11.349,00:34:17.856 Uh- we've seen organizations that have GPOs in place that will prevent changes to their- 00:34:17.856,00:34:22.594 the USB devices. So practically the way it manifests is you unplug your keyboard and you 00:34:22.594,00:34:27.432 can't plug it back in again. I mean you can physically plug it in again but it doesn't show up. 00:34:27.432,00:34:33.505 An IT guy needs to come out and type in an admin password. Uh- so those of you who run 00:34:33.505,00:34:38.543 organizations who have service desks will know that that's probably so impractical, that 00:34:38.543,00:34:43.281 you'll have a large part of the user base just skipping it. Mostly executives, right? 00:34:43.281,00:34:48.820 They'll get so mad about it, they'll shout at IT and then they'll get bypassed. Um- so 00:34:48.820,00:34:54.893 that's the one set of defenses. They're kind of uncomfortable. This stuff that you often see 00:34:54.893,00:34:59.864 proposed in response- for example USB HID attacks in general, is that we need some 00:34:59.864,00:35:06.071 sort of USB authorization framework. But it's actually a really difficult problem to do. 00:35:06.071,00:35:09.941 So what that would look like, is you could imagine there's some kind of crypto chip in your USB 00:35:09.941,00:35:16.781 devices, your mouse, your keyboard, that has got some kind of signed key, that means it's 00:35:16.781,00:35:21.586 allowed to run on- on the device. But, I mean that- if you look at the response to 00:35:21.586,00:35:26.358 Microsoft's changes to driver side signing recently, um- the barriers to entry then for your 00:35:26.358,00:35:31.196 average hardware manufacturer gets much higher, and it's gonna push up the cost. And even if 00:35:31.196,00:35:35.500 you do all that, there's nothing really stopping us from just hooking into a legitimate 00:35:35.500,00:35:40.772 keyboard signed thing to do some of these things. And so now you've got to start having like- 00:35:40.772,00:35:45.777 tamper proof hardware, and TPM chips and an entire PKI um- all to try and make it much harder 00:35:48.179,00:35:52.283 to plug a keyboard or a mouse in. This is an inherently difficult problem to solve. And 00:35:52.283,00:35:56.054 so we're in the uncomfortable position of what are we going to write in pen test reports if we 00:35:56.054,00:36:02.761 use these things. Um- and that's kind of the point, is, we see real bad guys doing it, from the 00:36:02.761,00:36:08.266 NSA to garden variety criminals. Why don't we have the ability to detect hardware key loggers in 00:36:08.266,00:36:13.538 software. Um- this has got to be a problem that- that we need to solve now. I mean, hardware key 00:36:13.538,00:36:19.411 loggers are used in real attacks all the time. Um- and so, yeah, unfortunately the defenses are 00:36:19.411,00:36:25.517 really uncomfortable, and hopefully we'll- people will apply some smart thought here 00:36:25.517,00:36:30.522 and those will get a bit better. Alright, so, that's kinda the end, but um- Rogan has a polo 00:36:33.224,00:36:38.863 neck and he thought he would try a Jobsian- Jobsian one more thing. So we're going to try a 00:36:38.863,00:36:43.868 live demo, which is definitely not going to work. I'm just managing expectations here. 00:36:50.141,00:36:56.915 Alright so lets move all the windows around. So what Rogan spent time doing last night 00:36:56.915,00:37:01.853 instead of working on- on slides, well let me leave it to you. [pause] >>So what I was 00:37:08.259,00:37:14.732 working on last night was trying to get some integration with metaspolit framework and I was 00:37:14.732,00:37:19.737 successful in getting a shell, uh, staged shell. So Shigoku Chennai and I stage shell sent 00:37:23.842,00:37:28.847 over the HID interface to- to the victim machine and running there, talking back again, 00:37:31.616,00:37:37.922 across the HID interface to an MSF console running on the attacker's machine. And in order 00:37:37.922,00:37:42.927 to do that, uh- I implemented a TCP proxy that would accept a TCP connection on port 655 00:37:46.564,00:37:51.569 through 5 to local host, and then relay any connection- or any data across the HID 00:37:54.372,00:38:01.146 interface. Nice thing about using local host, is that your loc- your Windows firewalls et 00:38:01.146,00:38:06.151 cetera, don't pop up any alerts for listening sockets. If you're listening on a public IP address 00:38:08.853,00:38:12.991 or a public interface, a publicly accessible interface, whatever. Should we say 00:38:12.991,00:38:18.329 externally accessible interface. Your firewall popup and say do you want to allow this um- 00:38:18.329,00:38:23.668 application to listen, but if it's on local host only, the assumption by the firewall is 00:38:23.668,00:38:28.673 that, this is legit. It's an interprocess communication and nothing to worry about. So, yep. 00:38:44.956,00:38:49.961 On the left we have out victim. Make sure our USB device is connected. >>So, what Rogan did, 00:38:55.333,00:39:01.673 which I think is pretty cool, is he built a little TCP proxy that will then bind to local host. 00:39:01.673,00:39:06.878 Uh- so the powershell would invoke this thing on the- the host. So that means, is uh- 00:39:06.878,00:39:11.883 payloads, which talk TCP or HTTP can now talk the HID protocol without needing to be rewritten 00:39:15.620,00:39:20.158 to use the HID protocol. Um- and so- whats- that's one of the ways you can then use something 00:39:20.158,00:39:25.697 like- like Meterpreter, um- and the disadvantage is it's slightly less stealthy. You're 00:39:25.697,00:39:31.636 gonna have a socket on local host, 65535 running as a proxy, but the plus side is you can 00:39:31.636,00:39:38.176 more rapidly integrate other payloads, you know, your favorite um- favorite malware to 00:39:38.176,00:39:43.181 use this local stealthy coms. >>So one of the things uh- we are looking at is doing a proper 00:39:46.951,00:39:51.956 integration uh- into Meterpreter, uh- build a proper HID payload r HID um- transport 00:39:54.292,00:39:59.297 and get that to work natively without the TCP proxy as the TCP proxy does have its advantages 00:40:01.399,00:40:06.404 in terms of easy implementation of additional payloads. So, sacrifice is done, let's see. So 00:40:13.044,00:40:18.049 this is real time, this is live. Gives you a real indication of how long it really takes. 00:40:23.821,00:40:28.826 [chuckle] >>Um- and so, if you look on the bottom right, maybe I should zoom in on that. You'll 00:40:32.797,00:40:37.802 notice that the L Host is 127.0.0.1 so this isn't going over- over some local- local 00:40:40.271,00:40:45.276 network. >>Nope, it died. >>Oh no >>Unfortunately. Sacrifice not accepted. I did have it 00:40:53.217,00:40:58.222 working, but yeah. >>Yep, alright, well that was the least exciting demo of the day. 00:41:04.862,00:41:09.867 [applause] >>Alright, does anyone have any questions? Um- we're going to release the code 00:41:16.607,00:41:21.312 shortly after this. You can get it on github.com/sensepost. Thanks for your time. >>Is there 00:41:21.312,00:41:26.317 any way to detect uh- that the mouse track has mo- moved- uh moved um- remotely. >>So the 00:41:31.055,00:41:35.526 question is, is there a way to detect whether the mouse is moving remotely? So like the 00:41:35.526,00:41:40.531 mouse Jiggler specifically. >>Uh- so not really, to answer the question. Not really, 00:41:43.835,00:41:48.806 there's no feedback mechanism from us. Keyboard's got a feedback mechanism with the USB- 00:41:48.806,00:41:52.910 sorry, with the toggle LEDs. Mouse has got no feedback mechanism so you won't get 00:41:52.910,00:41:57.849 anything over the USB connection unless you've already got some code running on the device 00:41:57.849,00:42:02.787 itself. [inaudible] You'd have to be in front of the victims machine in order to see that 00:42:06.657,00:42:12.563 the- you're not going to see the mouse moving. This was part of it. It's moving one pixel which 00:42:12.563,00:42:17.935 is actually indistinguishable. The operating system doesn't actually move the cursor at all. 00:42:17.935,00:42:23.741 Um- so even if you were there, you wouldn't actually see the mouse moving. All you would see 00:42:23.741,00:42:28.746 is that the screen saver doesn't activate. [inaudible] >>From the mouse itself you cannot query 00:42:36.053,00:42:42.760 for the current x,y position on it? >>No, >>ok >>you- you- you- well >>In partial? >>In partial 00:42:42.760,00:42:49.233 you can, the operating system knows what the mouse point is x,y is. A mouse simply emits, I 00:42:49.233,00:42:54.238 moved left, I moved right. So the mouse itself has no idea. >>Uh- how quickly could you 00:42:57.642,00:43:03.181 re-characterize the keyboard you're impersonating. For example, from a corporate client 00:43:03.181,00:43:10.087 point of view, you might have the domain white listing a short list of USB devices so their 00:43:10.087,00:43:15.092 classic design for the keyboard, or the classic design for the mouse that goes into an entire 00:43:17.462,00:43:23.801 fleet purchase set of laptops or desktops and you don't start out with the same keyboard 00:43:23.801,00:43:28.806 identification, like you're not an HP for example. >>Right, Ok. So, we're emulating- emulating a 00:43:31.709,00:43:37.882 standard keyboard. Uh- obviously different keyboards have got different uh- USB descriptors so 00:43:37.882,00:43:43.621 given a particular keyboard that we want to copy, copy the descriptor, and then make sure 00:43:43.621,00:43:48.626 you behave the same way, not particularly difficult. Uh- it's probably under a day's worth of 00:43:51.796,00:43:57.001 effort. Under a day. >>Awesome talk ahem- awesome talk guys, well done, looking forward to 00:43:57.001,00:44:01.572 seeing the code when it's released. Uh- could you say a few words about what individual 00:44:01.572,00:44:06.978 people could do to prevent this on their machines, not GPO solutions for enterprises, but 00:44:06.978,00:44:10.915 private people running, I don't know, Windows versions that might have some hardening 00:44:10.915,00:44:16.888 features that you can use to prevent this. >>Um- so, this is what you're saying is a really 00:44:16.888,00:44:22.260 difficult thing to do. If you- if you implement the GPOs, it makes it really difficult to use 00:44:22.260,00:44:26.631 your machine. You know, you want plug in a flash drive, denied. You want to plug in a keyboard, 00:44:26.631,00:44:33.571 denied. Uh- you know, IT has to connect over the network and authorize it. And that leads to 00:44:33.571,00:44:40.144 all sorts of, you know, impediments to actually getting your work done. Okay, we're 00:44:40.144,00:44:45.149 done. We can talk outside. >>Thanks very much. [Applause]