Presented at
DEF CON 18 (2010),
July 31, 2010, 6 p.m.
(50 minutes).
"If do right, no can defence" -Miyagi
Do you check every USB plug on your computer before you log-in? Didn't think so... URFUKED is used to take over the user's keyboard input and quickly execute preprogrammed attacks with the user's privileges.
Plug in the USB receiver into the victim's computer. Then attack immediately or if necessary wait for the user to login- then trigger the attack remotely with an RF transmitter.
Walk by and talk to the victim, and while he's turned away from the display, press the button on the transmitter to trigger the attack- it'll be done by the time he turns back around. Or trigger it from across the room. It happens too fast to stop even if the user is watching when it happens.
Learn how to build the device cheaply; program it using the opensource Arduino development environment.Learn how to use it and modify it for specific attacks.
Presenters:
-
Monta Elkins
- Security Researcher
Monta Elkins Bio coming soon
Links:
Similar Presentations: