Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
BadUSBを作ろう / how to make your own BadUSB and Ke...
Search
mu2in
June 29, 2019
Technology
0
460
BadUSBを作ろう / how to make your own BadUSB and Keyboard
BadUSBを作ってみた話です。
「オープンセミナー2019@岡山 懇親会」でのLT資料です。
https://oso.connpass.com/event/129843/
mu2in
June 29, 2019
Tweet
Share
More Decks by mu2in
See All by mu2in
スイッチ沼へようこそ / Welcome to the Key Switch Rabbit Hole
mu2in
0
210
Astroで サクッと作るWebサイト(仮) / Quickly create webpages with Astro
mu2in
1
300
CircuitPythonで動く自作キーボードの紹介 / Introducing Self-Made Keyboard from CircuitPython
mu2in
0
2.5k
スクリーンセーバーキラーを作ってみた / Making Mouse Jiggler with CircuitPython
mu2in
0
810
Pythonで始める自作キーボード入門 / Introduction to Self-Made Keyboard from Python
mu2in
1
2.2k
私のエンジニアライフHacks / my-engineer-lifehacks
mu2in
0
550
PyCon mini Hiroshima 2018 でノベルティを作ってみた話/pycon-mini-hiroshima-2018-novelty
mu2in
1
1.5k
家に帰ると灼熱地獄なのをなんとかする/obniz-universal-remote-control
mu2in
0
980
最近ハマってるゲームとか
mu2in
0
780
Other Decks in Technology
See All in Technology
ユニットテストに対する考え方の変遷 / Everyone should watch his live coding
mdstoy
0
120
GC25 Recap+: Advancing Go Garbage Collection with Green Tea
logica0419
1
400
pprof vs runtime/trace (FlightRecorder)
task4233
0
160
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
5.4k
組織観点からIAM Identity CenterとIAMの設計を考える
nrinetcom
PRO
1
170
神回のメカニズムと再現方法/Mechanisms and Playbook for Kamikai scrumat2025
moriyuya
4
520
自作LLM Native GORM Pluginで実現する AI Agentバックテスト基盤構築
po3rin
2
250
LLMアプリケーション開発におけるセキュリティリスクと対策 / LLM Application Security
flatt_security
7
1.8k
How to achieve interoperable digital identity across Asian countries
fujie
0
110
GA technologiesでのAI-Readyの取り組み@DataOps Night
yuto16
0
270
それでも私はContextに値を詰めたい | Go Conference 2025 / go conference 2025 fill context
budougumi0617
4
1.2k
KMP の Swift export
kokihirokawa
0
330
Featured
See All Featured
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.6k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.2k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
30
2.9k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
23
1.5k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
2.6k
Producing Creativity
orderedlist
PRO
347
40k
Writing Fast Ruby
sferik
629
62k
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.1k
Scaling GitHub
holman
463
140k
Why Our Code Smells
bkeepers
PRO
339
57k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
252
21k
Transcript
#BE64#Λ࡞Ζ͏ʂ Φʔϓϯηϛφʔ!Ԭࢁ࠙ձ
‣ @mu2in ‣ JavaΤϯδχΞ6 ‣ ͖ͳϓϩάϥϛϯάݴޠɿJavaScript ‣ ࢀՃίϛϡχςΟ ▹ ͍͢͝ౡ
(ਫ༵͘͘ձ) ओ࠵ ▹ PyCon mini Hiroshima 2019 ▹ Φʔϓϯηϛφʔ2020@ౡ ࣗݾհ
BadUSBͱ ‣ USBϙʔτʹૠ͚ͩ͢ͰPCյͤΔͭ
BadUSBͱ ‣ USBϙʔτʹૠ͚ͩ͢ͰPCյͤΔͭ ▹ ͦΕUSB Killer
BadUSBͱ ‣ 20148݄ʹ։ൃऀձٞ Black Hat 2014 USAͰ ൃද͞Εͨ߈ܸख๏ ▹ USBͷϑΝʔϜΣΞΛॻ͖͑Δ͜ͱʹΑͬͯɺෆਖ਼ͳ
ϓϩάϥϜΛ࣮ߦ͢Δ͜ͱ͕Ͱ͖Δɻ ▹ Өڹ͕େ͖͍ͨΊɺ࣮ূίʔυΛެ։͞Ε͍ͯͳ͔ͬͨɻ ‣ ཌ݄ͷ9݄ʹߦΘΕͨηΩϡϦςΟձٞͷ DerbyCon 4.0 Ͱผͷݚڀऀ͕GitHubʹެ։ ▹ USBΩʔϘʔυͷϑΝʔϜΣΞΛॻ͖͑ͯɺ উखʹΩʔΛೖྗͤ͞ΔσϞ͕ߦΘΕͨɻ
Ͱ࡞ͬͯΈ·͠ΐ͏
༻ҙ͢Δͷ • CJMCU Beetle ▹ Arduino LeonardoޓͷϚΠίϯ • HID(ώϡʔϚϯΠϯλʔϑΣʔεσ όΠε)ͱͯ͠ৼ͏͜ͱ͕Ͱ͖Δ
• USBΦε͕͍ͯΔͨΊૠ͠Մೳ • ී௨ͷUSBϝϞϦΑΓখ͍͞ • AmazonͰ¥1,000 தࠃ༌ೖ¥300
ϚΠίϯʹBadUSBͷίʔυΛॻ͖ࠐΉ
USBΛૠ͚ͩ͢ͰϩάΞτ
͜ΕͰօ͞Μ#BE64#͕࡞Ε·͢ʂ
ण࢘ΩʔϘʔυΛ࡞Ζ͏ʂ
• Ruby Kaigi 2017Ͱͬͨण࢘ΩʔΩϟοϓ ( Misoca͞ΜϒʔεΑΓ ) • CJMCU Beetle
• Cherry MXΩʔεΠον • Cherry MX Switch Breakout • μΠΦʔυɺ߅ • ϐϯϔομ • LED • δϟϯύʔϫΠϠʔ • ϒϨουϘʔυ ༻ҙ͢Δͷ
ΈཱͯΔ
#include <Keyboard.h> #define PIN_KEYSW (0) int preState; int currentState; void
setup() { pinMode(PIN_KEYSW, INPUT); preState = HIGH; Keyboard.begin(); } void loop() { currentState = digitalRead(PIN_KEYSW); if((currentState != preState) && (currentState == HIGH)) { Keyboard.press(KEY_LEFT_ALT); Keyboard.print("d83c"); Keyboard.print("df63"); delay(10); Keyboard.releaseAll(); } preState = currentState; delay(10); } ण࢘ΩʔϘʔυͷίʔυΛॻ͖͜Ή Ωʔ͕ԡ͞ΕͨΒ 6OJDPEFೖྗͰ ͷαϩήʔτϖΞΛೖྗ
MacͷೖྗιʔεΛมߋ
ण࢘ΩʔΛಈ͔͢
·ͱΊ ‣ BadUSBૠ͚ͩ͢ͰΩʔೖྗΛ࣮ߦͰ͖ͯɺ ϚΫϩʹศརɻ ‣ ࣗ࡞ΩʔϘʔυ࡞Γָ͍͠ɻ ‣ ৭ΜͳΩʔϘʔυ࡞Γ͍ͨʢপʣ ‣ ѱ͍USB͚ͩͲɺ͍ํ࣍ୈͰ৭ʑͳ͜ͱ͕
Ͱ͖Δͧʂ