HIDIOUS Methods of Keystroke Injection

Presented at HOPE Number Nine (2012), July 13, 2012, 5 p.m. (60 minutes)

It’s amazing what can be accomplished with just a few keystrokes. Changing user passwords, formatting disks, and scanning a network are each one command away in most modern operating systems. What if you had two minutes of access on a system? Is this enough time to accomplish information gathering or exploitation on even the most hardened system? It just might be. Through a combination of software and hardware, hundreds of keystrokes a minute can be flawlessly injected into any computer to gain control of system resources. The HIDIOUS (HID Injection Over USB Suite) allows for easy configuration of keyboard/mouse injection attacks through USB.

Presenters:

• JP Dunning
  JP Dunning is a security consultant and researcher. His research interests include wireless and portable security. He is the primary developer on Katana: Portable Multi-Boot Security Suite. He maintains www.hackfromacave.com for publishing projects and research.

Links:

• http://www.hopenumbernine.net/schedule/#hidious (Conference Schedule)
• https://infocon.org/cons/2600/HOPE Number Nine (2012)/HOPE Number Nine (2012) - HIDIOUS Methods of Keystroke Injection.srt (subtitles)
• https://infocon.org/cons/2600/HOPE Number Nine (2012)/HOPE Number Nine (2012) - HIDIOUS Methods of Keystroke Injection.mp4
• https://www.youtube.com/watch?v=9voisr3aalg

Similar Presentations:

• Black Hat Europe 2015 / Commix: Detecting and Exploiting Command Injection Flaws
• DEF CON 24 (2016) / MouseJack: Injecting Keystrokes into Wireless Mice
• THOTCON 0xA (2019) / MIYK - Man in your keyboard