For a while now security researchers have been using the
Teensy for HID attacks. Which really is the way to go if that’s all you want to
do. However, if you are like me you want to do other things as well you need something bigger. Enter the
Arduino Leonardo, this Arduino board supports emulating a HID (Human Interface
Device) out of the box. It’s not tiny like the Teensy but it is only 2.7” x 2.1”
in size which is still small. It would be very easy to just leave the Leonardo
in a backpack and just run the USB cable to the victim device, especially since
the whole attack takes about 5 seconds.
Here is the attack in action via screen recording.
In the first part of the video I show what users are on the
system. Then the device is plugged in and the attack launches. The Leonardo starts to emulate a keyboard by activating the windows key and
then types in cmd.exe. Next it uses the keyboard shortcut for run as admin (ctrl+shift). Then the Leonardo hits tab 3 times to select OK on the UAC protection and hits
enter. Finally, an administrator command prompt is open and the Leonardo types out
the commands to add user and adds the user to the local administrators group and closes the prompt. The nice part
about this is since you write the program there are no typing errors and it
types about a hundred times faster than you do.
Thanks to @irongeek_adc
for pointing out the Leonardo and answering my questions and to @matthewneely, @SoapyWetDish and @dave_rel1k for other guidance.
No comments:
Post a Comment