What are malicious USB keys and how to create a realistic one?
▻http://feedproxy.google.com/~r/inftoint/~3/4RtNyGL5RzY/what-are-malicious-usb-keys-and-how-to-create-a-realistic-one
Dropping a malicious USB key in a parking lot is an effective attack vector, as demonstrated by our recent large-scale study. This blog post follows up on the study by showing how reliable and realistic-looking malicious USB keys can be created. After discussing the pros and cons of the three types of malicious USB keys, this post will walk you through how to create a spoofed HID keys like the one I demoed at the Blackhat conference during my talk on USB drop attacks (slides here and code here). Before getting started, here is a demo of the key in action, to give you a sense of what the end result looks like:
Disclaimer: USB attacks should be carried out only against systems that you own or have permission to attack. This post, as my other blog posts, are only for educational purposes (...)