Infectious Media – Bypassing AutoRun once and for all…

Presented at DerbyCon 1.0 (2011), Oct. 2, 2011, 1 p.m. (50 minutes)

The original teensy research allowed us to drop downloader stagers via keyboard emulation. BSIDES LV this year we figured out a way to drop binaries purely through keyboard emulation. This is awesome however take a long time to write out hexadecimal representations of a binary, do binary conversion and execute. In this talk we’ve upped the game, changed the game, we’ve figured out a way to leverage the Teensy device to copy over a full binary in just a few seconds all through keyboard emulation. This to my knowledge has never been done and is pretty slick. How? …. Guess you’re going to have to come to this talk :) Let’s bypass autorun once and for all…

Presenters:

• Josh Kelley / Winfang   as Josh Kelley (winfang98)
  Josh Kelley is a security engineer at a Fortune 1000 company where he specializes in penetration testing, exploit development, and hitting people with sticks. Josh has contributed to the Social-Engineer Toolkit Teensy payloads. Josh has presented at Defcon 18, Blackhat, BSIDES Las Vegas, and a number of other security related conferences.

Similar Presentations:

• Objective by the Sea version 3.0 (2020) / Binary Emulation Environment for Mach-O Malware
• GrrCON 2018 / emulacra and emulation: an intro to emulating binary code with Vivisect