Explore the security vulnerabilities of laptop docking stations in corporate environments through this Black Hat Europe 2013 conference talk. Delve into how attackers can exploit these seemingly innocuous devices, often considered trusted and "dumb," to gain privileged access to corporate networks. Learn about the construction and demonstration of a remotely controllable, covert hardware implant within a commonly used laptop docking station. Discover techniques for detecting such devices and mitigating the risks they pose. Gain insights into the inner workings of docking stations, various attack vectors including network data capture, video attacks, keystroke insertion, and USB monitoring. Understand the importance of securing not just laptops but also their docking stations in hot-desking environments. Examine detection methods such as weighing docking stations, infrared heat signatures, and monitoring current consumption. Conclude with a discussion on preventive measures and future research directions in this critical area of corporate cybersecurity.
To Dock or Not to Dock - Using Laptop Docking Stations as Attack Platforms
Overview
Syllabus
Introduction
NCC Group
Why use docking stations as attack platforms
How docking stations work
Eseries dock connector
Eseries dock manual
Extended battery
Deconstruction
Hardware implant
Network data capture
Amphenol module
Network attack
Video attack
VGA port
USB and PST
Keystroke insertion
USB audio monitoring
Webcam monitoring
USB controller
USB bus
Proprietary dock connector
Control platform
Raspberry Pi
Power considerations
Putting it all together
No demo
Detecting hardware implants
Weighing docking stations
Infrared heat signature
Thermal imaging camera
Thanks
RF emanations
Current consumption
Preventing
Future research
Conclusions
Questions
Taught by
Black Hat
