How to Bring HID Attacks to the Next Level

Presented at TROOPERS18 (2018), March 14, 2018, 10:30 a.m. (Unknown duration).

Since the first public appearance of HID Attacks, many awesome researches, tools and devices have been released.

However, Offensive Security folks were always seeking cheap and dedicated hardware that could be controlled remotely (i.e. over WiFi or BT). And this is how WHID Injector and P4wnP1 were born.

WHID stands for WiFi HID injector, it is an USB Rubberducky on steroids, designed to fulfill Pentesters needs during their engagements. It can be easily controlled over the WiFi network and can potentially bypass air-gapped environments.

P4wnP1 is a tool based on RaspberryPi Zero W and it is a Bashbunny on Steroids. It has many cool features like Win10 Lockpicker, HID backdoor (which bypasses air-gapped environments as well), a call-home feature, etc.

During the talk we will see in depth how WHID was designed and which software it supports. We will also compare its features against P4wnP1's ones. And (Murphy permitting) You will see them in action!


Presenters:

  • Luca Bongiorni
    Luca is very good at writing biographies. He is working as Principal Offensive Security Specialist and also actively involved in InfoSec where the main fields of research are: Radio Networks, Reverse Engineering, Hardware Hacking, Antani, Internet of Things and Physical Security. Since 2012 is keeping a closer eye on FSB operations. His favorite hobbies are Pasta, Grappa and ARP-Spoofing.

Links:

Similar Presentations: