Questions tagged [badusb]
A USB device firmware hack allowing the device to spoof other USB devices when plugged into a computer, and run code on the victim's machine.
76
questions
2
votes
1
answer
206
views
Is it possibile to capture unlock pin of smartphone(android/ios) using usb cable?
For example, bad USB cable( charging devices) loaded with script to record the unlock code of an android phone which is current being charged.
so basically, the bad usb cable and the usb charger is ...
0
votes
0
answers
106
views
If you encrypt an entire USB with Veracrypt can malware be put on the USB while encrypted?
Let's say that you take a USB drive and encrypt the entire thing with Veracrypt. Could someone modify that USB drive to include malware on it? This is not assuming that physical changes to the device ...
1
vote
0
answers
137
views
Different types of USB charger attacks that work on Android phones
I'm wondering about different types of malicious USB charger attacks that work on Android devices when USB debugging option is disabled and if the USB option is set to "charge only".
I'm not ...
0
votes
0
answers
125
views
How exactly are hidraw 'Billboard' devices interrogated?
I have some USBHub ( Ethernet + HDMI + USB + VGA). When it doesn't have anything connected it exposes to Linux operating system device:
'hiddev0, hidraw1'
in opposite to HID mouse:
which is visible as ...
2
votes
1
answer
115
views
Could a "writeblocker" device be circumvented by it's own restrictions?
Speaking hypothetically, if a person wished to secure their data drives and a "writeblocker" device was of concern, could a piece of encryption software be crafted to write to the drive in ...
2
votes
2
answers
752
views
Is there software on Windows that will protect myself from devices like the "USB Rubber Ducky"? [duplicate]
I'm pretty sure a lot of you are familiar with the "USB Rubber Ducky", the USB stick that emulates a keyboard. Is there software for Windows that will prevent this type of attack, while ...
0
votes
2
answers
439
views
BadUSB and external USB peripherals - is using a USB device in a sandbox a risk?
I would like to ask about "BadUSB" vulnerability real world attack vectors. I got this idea, because I use virtual box as a sandbox for checking incoming files from clients (I am not an ...
4
votes
2
answers
6k
views
Difference in attack vectors between Bash Bunny and USB Rubber Ducky
Can someone please explain to me the difference between the USB Rubber Ducky and the Bash Bunny? I understand that the Bash Bunny can emulate more trusted devices then just the keyboard like the USB ...
0
votes
1
answer
700
views
Are there any USB flash controllers without any firmware?
UFDs with a Phison 2251 controller are famous for being potential BadUSB devices. It's basically a (8051) microprocessor running application-specific firmware, which is stored on the big flash memory ...
2
votes
1
answer
368
views
If I buy any FIPS 140 certified USB flash drive can I be sure that it's firmware is signed?
Does either FIPS 140-2 or FIPS 140-3 certification require USB flash drive's firmware to be signed so that malicious computer cannot overwrite flash drive's firmware? e.g. badusb attack.
If I buy any ...
3
votes
3
answers
2k
views
Identifying a BadUSB using Linux
Using Linux, is there anyway to detect that an arbitrary USB device is a BadUSB or not?
For example:
Booting a Linux into multi-user.target.
No graphical interface / tty (getty login).
Plug the USB ...
1
vote
2
answers
898
views
How to safely use a possible BadUSB?
I have to use a USB stick that introduce itself as a HID device. I'm not sure if it does something fishy behind the scene or not, but I rather to think it's not safe and take the necessary steps to ...
1
vote
2
answers
1k
views
How unsafe is a USB flash drive vs DVD for OS (Tails linux)?
Compared to a DVD live Tails Linux, how unsafe is using the USB version?
I'm trying to help a friend who for years has been mired in the laborious iterative process of remastering their own DVDs of ...
-1
votes
1
answer
282
views
How to check if ps2 to usb adapter isnt malicious? [duplicate]
I got an adapter for free from someone in my city.
After googling the serial number I found it also here:
https://www.ebay.de/itm/MOUSE-ADAPTER-501215-B004-PS-2-TO-USB-CONVERTER-/331762184078
Can I ...
2
votes
1
answer
2k
views
How do I securely transfer information between airgapped systems?
I'm trying to take information that's on Computer A, write it onto some form of persistent storage, and copy that information onto Computer B. Both will be running a relatively recent version of ...