Explore the security implications of USB ports in this 59-minute conference talk from TROOPERS13. Delve into topics such as Wright's Law, parser bugs, system programming, driver vulnerabilities, custom PCB, USB glossary, and Python-based USB device manipulation. Learn about exploiting enumeration, HID emulation, format string vulnerabilities, host mode emulation, device bugs, and Device Firmware Update (DFU). Examine mass storage, USB serial emulation, and potential targets in Windows and FreeBSD systems. Gain valuable insights to enhance USB security and make the digital world a safer place.
Overview
Syllabus
Intro
Wright's Law
Guess the parser bug
System programmer view
I see dead drivers
Custom PCB
USB glossary
USB devices, in Python
Exploiting enumeration
HID Emulation
HID Format String
Host Mode Emulation
Device Bugs
Device Firmware Update (DFU)
Mass Storage
USB Serial Emulation
Targets in Windows
Targets in FreeBSD
Conclusions
Taught by
WEareTROOPERS
