$30 off During Our Annual Pro Sale. View Details »

Raspdancer

Philippe Teuwen
May 03, 2013
Technology
0
980

 Raspdancer

A lightning talk given at Hackito Ergo Sum 2013 presenting Raspdancer, a Facedancer11 for Raspberry Pi

Philippe Teuwen

May 03, 2013
Tweet

More Decks by Philippe Teuwen

See All by Philippe Teuwen
EEPROM: It Will All End in Tears
doegox
0
72
2021: A Titan M Odyssey
doegox
0
100
WooKey: Episode VII - The Force Awakens
doegox
0
61
EEPROM: It Will All End in Tears
doegox
0
94
Grey-box attacks, four years later
doegox
0
78
PTS18: Story behind our goodies
doegox
0
73
Design de cryptographie white-box : et à la fin, c’est Kerckhoffs qui gagne
doegox
1
190
Hiding your White-Box Designs is Not Enough
doegox
0
320
Hiding your White-Box Designs is Not Enough
doegox
1
1.1k

Other Decks in Technology

See All in Technology
Notionへのデータ移行を成功させる5つのポイント - NIFTY Tech Day 2023
niftycorp
0
140
APIシナリオテストツールとしてのrunn / 4 API testing tools
k1low
1
530
Rest Clientユーザーの自分がPostman の VS Code拡張機能を扱ってみた感想
smt7174
0
150
開発生産性向上へのコミットについて理解してもらうためのスライドテンプレートを作った話
ouchi2501
0
270
device mapperによるディスクI/O障害のエミュレーション
sat
PRO
7
2.3k
提案段階のVS CodeのチャットエージェントAPIを動かしてみた
masa5555
0
130
AWS re:Invent 2023 わざわざ現地まで行く意味あるの?→ありました
minorun365
PRO
5
1k
隙間家具OSS開発で『自分の庭』をつくる / kayac-andpad-event
fujiwara3
0
410
AWS re:Invent 2023の期間中に出たコンテナアップデート集
yoshiitaka
3
330
JAWS-UG_YOKOHAMA_20231204
hiashisan
0
310
コンテナ支部recapをrecapしよう_気になったコンテナの周りのアップデートを紹介.pdf
yoshiitaka
0
280
Go Getでのchecksum不一致に遭遇した話とその対応
replu
0
290

Featured

See All Featured
Infographics Made Easy
chrislema
236
17k
The Cult of Friendly URLs
andyhume
71
5.4k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
240
20k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
1
900
ReactJS: Keep Simple. Everything can be a component!
pedronauck
656
120k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
16
1.5k
Debugging Ruby Performance
tmm1
68
11k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
17
1.4k
Six Lessons from altMBA
skipperchong
18
2.7k
10 Git Anti Patterns You Should be Aware of
lemiorhan
645
57k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
Git: the NoSQL Database
bkeepers
PRO
420
62k

Transcript

  1. RASPDANCER
    Redesigning
    Facedancer11
    for Raspberry Pi
    Philippe Teuwen
    Hackito 2013

    View Slide

  2. Facedancer
    by Travis Goodspeed
    Can pretend to be any USB peripheral
    Allow fuzzing of USB device drivers of a target

    View Slide

  3. Just plug it in...
    It's gonna say:
    “Hey I see you've plugged a new device”
    And it's gonna load the appropriate drivers...
    Quiz:
    Does it ring a bell to anybody?

    View Slide

  4. USB Plug&Play introduced in W98
    Las Vegas, 1998

    View Slide

  5. A closer look
    USB
    Host
    FT232RL MSP430 MAX3420E USB
    Target
    USB USB↔UART UART↔SPI SPI...
    6.60€ 15.80€ 10.00€
    Bottleneck: UART @115200bauds

    View Slide

  6. A closer look
    USB
    Host
    FT232RL MSP430 MAX3420E USB
    Target
    USB USB↔UART UART↔SPI SPI...
    6.60€ 15.80€ 10.00€
    GoodFET
    22.40€
    Bottleneck: UART @115200bauds

    View Slide

  7. To summarize

    MAX3420E:
    USB Peripheral Controller with SPI Interface

    GoodFET hardwired to do USB↔SPI

    All intelligence moved to the host
    in a nice python library

    View Slide

  8. Can we do something like this?
    USB
    Host
    FT232RL MSP430 MAX3420E USB
    Target
    USB USB<>UART UART<>SPI SPI...
    6.59€ 15.77€ 10.00€
    Raspberry Pi
    as host

    View Slide

  9. First mess^H^H^H^Hprototype

    View Slide

  10. First prototype
    Looks awesome... unless you use a crystal case... sigh.

    View Slide

  11. Adapting the code
    GoodFETMAXUSB.py with our raspdancer:
    Drop-in replacement of GoodFET.py library

    no fork, no patch

    mutualize USB fuzzing efforts,
    no matter which hardware is used

    View Slide

  12. Our GoodFET.py
    26MHz!

    View Slide

  13. One step ahead
    Thanks to Jean-Christophe Nicaise for his help!

    View Slide

  14. Advantages

    Reuse of all the good GoodFETMAXUSB.py

    Speed & price

    Potentially autonomous or remote-controlled

    Can be powered over USB of target
    but beware...
    http://wiki.yobi.be/wiki/Raspdancer

    View Slide