Multiplexed Wired Attack Surfaces

Presented at Black Hat USA 2013, Aug. 1, 2013, 5 p.m. (Unknown duration)

Manufacturers of mobile devices often multiplex several wired interfaces onto a single connector. Some of these interfaces, probably intended for test and development, are still enabled when the devices ship. We'll show you how you can get a shell on a popular mobile phone via its USB port without using a USB connection and we will release an open source tool for exploring multiplexed wired interfaces.

Presenters:

• Kyle Osborn / Kos - AppSec Consulting   as Kyle Osborn
  Kyle Osborn is the lead security engineer at an electric car manufacturer in Silicon Valley where he manages web application, network, and product security. He plays a bad guy at the Western Regional Collegiate Cyber Defense Competition, and has developed a CTF, with his team, for the United States Cyber Challenge "Cyber Camps", which a number of campers competed in. Osborn has previously discussed browser and mobile security at prominent conferences such as BlackHat USA, DefCon, Toorcon, DerbyCon, Hacker Halted, and more.
• Michael Ossmann - Great Scott Gadgets
  Michael Ossmann is a wireless security researcher who makes hardware for hackers. He founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people.

Links:

• https://www.blackhat.com/us-13/archives.html#Ossmann
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2013/video/Black Hat 2013 - Multiplexed Wired Attack Surfaces.mp4
• https://www.youtube.com/watch?v=jYa6-R-piZ4
• https://media.blackhat.com/us-13/US-13-Ossmann-Multiplexed-Wired-Attack-Surfaces-WP.pdf

Similar Presentations:

• ToorCon San Diego 15 (2013) / Multiplexed Wired Attack Surfaces
• ShmooCon XI (2015) / NSA Playset: USB Tools
• ToorCon San Diego TwentyOne (2019) / Hacking Even More USB with USB-Tools