Hacking the USB World with FaceDancer
USB connectivity has become ubiquitous: the sheer variety of usb-connected devices— ranging from computers and game consoles to resource-constrained embedded systems— has resulted in a wide variety of vendor-specific protocols and custom USB software stacks. This exercise-driven training covers the basics of USB, and explores the role of USB in attack and defense using open-source hardware and software, including FaceDancer and GreatFET.
USB connectivity has become ubiquitous. The sheer variety of usb-connected devices— ranging from computers and game consoles to resource-constrained embedded systems— has resulted in a wide variety of vendor-specific protocols and custom USB software stacks.
Being able to fuzz, monitor, mitm, or emulate USB can often be a foot in the door for working with black box systems; whether your goal is to build tools that work with existing hardware and software, find vendor interfaces or vulnerabilities to execute custom code, or to play NSA.
In this training, we’ll teach you the basics of USB– including:
- Fundamentals of USB: how USB hosts and devices communicate, from the physical layer to the basics of enumeration and standard device classes
- Understanding existing USB devices: how you can use open-source software and hardware tools to reverse engineer and understand existing USB devices
- Understanding the USB attack suface: understanding the (lack of a) USB trust model, and understanding how misbehaving hosts and devices can wreak havoc
- Rapid construction of new USB devices: how to use the FaceDancer tool kit to rapidly create new USB devices– including creation of misbehaving USB devices
- Manipulation of existing USB devices: including using USBProxy to man-in-the-middle USB communications to tamper with target hosts and devices
- Using USB skills offensive and defensively: how to use the skills developed thus far to attack USB hosts and devices, and understanding the challenges of securing USB hardware
- Advanced USB techniques: including discussion and demonstration of real USB attacks developed by the trainers
This training is primarily excercise-driven, and will primarily consist of hands-on, CTF-style excercises interspersed with short lectures. Students will gain experinence with open-source hardware and software– including GreatFET, FaceDancer, and USBProxy– and learn how they can apply these tools to their own development, research, and pentration testing work.
Who should attend this training?
This training is targeted towards a technical audience, and aims to introduce USB tools and techniques to developers, IT professionals, and security professionals. Anyone with an interest in security and who works with USB systems will benefit.Please describe the target groups of your training.
Attendees should have basic proficiency in a scripting language, with a casual familiary with python preferred. Course exercises will involve simple python development, but a very basic familiarity with a scripting language should be sufficient.
A laptop with at least two USB ports (or a USB hub), and which has the free VirtualBox hypervisor and extension pack installed.