Keystroke injection is accomplished by masking a HID (human interface device) such as a mouse, keyboard or jump drive that can execute keystrokes upon insertion. The very idea of this attack is cleaver as the possibility of detection can be low and a very viable solution for bridging air gaps ( a computer or network physically isolated from internet or other networks).
While there are many devices to choose from, I picked up a cheap Arduino pro micro knock off to play with called the Keystudio Pro Micro 32u4. These are cheap and readily available everywhere.
To get started, I read a bit on the keyboard.h library and some of the modifiers while trying devise a quick and dirty attack plan.To me this is one of the most exciting things about Pentesting and security research; visualization of the plan, reconnaissance and establishing viable execution.
Playing with some simple inputs and delays with keyboard shortcut combinations lead to some interesting use cases allowing PowerShell commands to be executed.
To increase the functionality of this device buttons could be added to cycle pre-scripted payloads, and adding an SSD to possibly store text dumps would be beneficial.
Comments
Post a Comment