Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BadUSBを作ろう / how to make your own BadUSB and Ke...

Avatar for mu2in mu2in
June 29, 2019
Technology
0
470

BadUSBを作ろう / how to make your own BadUSB and Keyboard

BadUSBを作ってみた話です。

「オープンセミナー2019@岡山 懇親会」でのLT資料です。 https://oso.connpass.com/event/129843/

Avatar for mu2in

mu2in

June 29, 2019
Tweet

More Decks by mu2in

See All by mu2in
スイッチ沼へようこそ / Welcome to the Key Switch Rabbit Hole
Avatar for mu2in mu2in
0
220
Astroで サクッと作るWebサイト(仮) / Quickly create webpages with Astro
Avatar for mu2in mu2in
1
320
CircuitPythonで動く自作キーボードの紹介 / Introducing Self-Made Keyboard from CircuitPython
Avatar for mu2in mu2in
0
2.5k
スクリーンセーバーキラーを作ってみた / Making Mouse Jiggler with CircuitPython
Avatar for mu2in mu2in
0
830
Pythonで始める自作キーボード入門 / Introduction to Self-Made Keyboard from Python
Avatar for mu2in mu2in
1
2.3k
私のエンジニアライフHacks / my-engineer-lifehacks
Avatar for mu2in mu2in
0
570
PyCon mini Hiroshima 2018 でノベルティを作ってみた話/pycon-mini-hiroshima-2018-novelty
Avatar for mu2in mu2in
1
1.6k
家に帰ると灼熱地獄なのをなんとかする/obniz-universal-remote-control
Avatar for mu2in mu2in
0
990
最近ハマってるゲームとか
Avatar for mu2in mu2in
0
800

Other Decks in Technology

See All in Technology
迷わない!AI×MCP連携のリファレンスアーキテクチャ完全ガイド
Avatar for CData Software Japan cdataj
0
580
Introduction to Sansan for Engineers / エンジニア向け会社紹介
Avatar for Sansan, Inc. sansan33
PRO
6
63k
習慣とAIと環境 — 技術探求を続ける3つの鍵
Avatar for azukiazusa azukiazusa1
2
620
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
Avatar for Sansan, Inc. sansan33
PRO
0
2.9k
Exadata Database Service ソフトウェアのアップデートとアップグレードの概要
Avatar for oracle4engineer oracle4engineer
PRO
1
1.1k
SwiftDataを覗き見る
Avatar for akidon0000 akidon0000
0
280
AWS Network Firewall Proxyで脱Squid運用⁈
Avatar for hr0hr57 nnydtmg
1
110
Proxmoxで作る自宅クラウド入門
Avatar for koinunopochi koinunopochi
0
150
Master Dataグループ紹介資料
Avatar for Sansan, Inc. sansan33
PRO
1
4.2k
SOC2は、取った瞬間よりその後が面白い
Avatar for hima 3flower
0
100
名刺メーカーDevグループ 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
1k
研究開発部メンバーの働き⽅ / Sansan R&D Profile
Avatar for Sansan, Inc. sansan33
PRO
4
22k

Featured

See All Featured
Designing for Timeless Needs
Avatar for Cassini Nazir cassininazir
0
120
What does AI have to do with Human Rights?
Avatar for Per Axbom axbom
PRO
0
1.9k
The Spectacular Lies of Maps
Avatar for Per Axbom axbom
PRO
1
440
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
140
How to Talk to Developers About Accessibility
Avatar for Jason CranfordTeague jct
1
100
Leadership Guide Workshop - DevTernity 2021
Avatar for David Neal reverentgeek
1
180
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.3k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
127
17k
The SEO Collaboration Effect
Avatar for Kristina Bergwall kristinabergwall1
0
330
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
187
22k
16th Malabo Montpellier Forum Presentation
Avatar for AKADEMIYA2063 akademiya2063
PRO
0
40

Transcript

  1. #BE64#Λ࡞Ζ͏ʂ Φʔϓϯηϛφʔ!Ԭࢁ࠙਌ձ

  2. ‣ @mu2in ‣ JavaΤϯδχΞ6೥໨ ‣ ޷͖ͳϓϩάϥϛϯάݴޠɿJavaScript ‣ ࢀՃίϛϡχςΟ ▹ ͍͢͝޿ౡ

    (ਫ༵΋͘΋͘ձ) ओ࠵ ▹ PyCon mini Hiroshima 2019 ▹ Φʔϓϯηϛφʔ2020@޿ౡ ࣗݾ঺հ

  3. BadUSBͱ͸ ‣ USBϙʔτʹૠ͚ͩ͢ͰPCյͤΔ΍ͭ

  4. BadUSBͱ͸ ‣ USBϙʔτʹૠ͚ͩ͢ͰPCյͤΔ΍ͭ ▹ ͦΕ͸USB Killer

  5. BadUSBͱ͸ ‣ 2014೥8݄ʹ։ൃऀձٞ Black Hat 2014 USAͰ ൃද͞Εͨ߈ܸख๏ ▹ USBͷϑΝʔϜ΢ΣΞΛॻ͖׵͑Δ͜ͱʹΑͬͯɺෆਖ਼ͳ

    ϓϩάϥϜΛ࣮ߦ͢Δ͜ͱ͕Ͱ͖Δɻ ▹ Өڹ͕େ͖͍ͨΊɺ࣮ূίʔυΛެ։͞Ε͍ͯͳ͔ͬͨɻ ‣ ཌ݄ͷ9݄ʹߦΘΕͨηΩϡϦςΟձٞͷ DerbyCon 4.0 Ͱผͷݚڀऀ͕GitHubʹެ։ ▹ USBΩʔϘʔυͷϑΝʔϜ΢ΣΞΛॻ͖׵͑ͯɺ
 উखʹΩʔΛೖྗͤ͞ΔσϞ͕ߦΘΕͨɻ

  6. Ͱ͸࡞ͬͯΈ·͠ΐ͏

  7. ༻ҙ͢Δ΋ͷ • CJMCU Beetle ▹ Arduino Leonardoޓ׵ͷϚΠίϯ • HID(ώϡʔϚϯΠϯλʔϑΣʔεσ όΠε)ͱͯ͠ৼ෣͏͜ͱ͕Ͱ͖Δ

    • USBΦε͕෇͍ͯΔͨΊ௚ૠ͠Մೳ • ී௨ͷUSBϝϞϦΑΓ΋খ͍͞ • AmazonͰ¥1,000 தࠃ௚༌ೖ¥300

  8. ϚΠίϯʹBadUSBͷίʔυΛॻ͖ࠐΉ

  9. USBΛૠ͚ͩ͢ͰϩάΞ΢τ

  10. ͜ΕͰօ͞Μ΋#BE64#͕࡞Ε·͢ʂ

  11. ण࢘ΩʔϘʔυΛ࡞Ζ͏ʂ

  12. • Ruby Kaigi 2017Ͱ໯ͬͨण࢘ΩʔΩϟοϓ
 ( Misoca͞ΜϒʔεΑΓ ) • CJMCU Beetle

    • Cherry MXΩʔεΠον • Cherry MX Switch Breakout • μΠΦʔυɺ఍߅ • ϐϯϔομ • LED • δϟϯύʔϫΠϠʔ • ϒϨουϘʔυ ༻ҙ͢Δ΋ͷ

  13. ૊ΈཱͯΔ

  14. #include <Keyboard.h> #define PIN_KEYSW (0) int preState; int currentState; void

    setup() { pinMode(PIN_KEYSW, INPUT); preState = HIGH; Keyboard.begin(); } void loop() { currentState = digitalRead(PIN_KEYSW); if((currentState != preState) && (currentState == HIGH)) { Keyboard.press(KEY_LEFT_ALT); Keyboard.print("d83c"); Keyboard.print("df63"); delay(10); Keyboard.releaseAll(); } preState = currentState; delay(10); } ण࢘ΩʔϘʔυͷίʔυΛॻ͖͜Ή Ωʔ͕ԡ͞ΕͨΒ 6OJDPEFೖྗͰ ͷαϩήʔτϖΞΛೖྗ

  15. MacͷೖྗιʔεΛมߋ

  16. ण࢘ΩʔΛಈ͔͢

  17. ·ͱΊ ‣ BadUSB͸ૠ͚ͩ͢ͰΩʔೖྗΛ࣮ߦͰ͖ͯɺ ϚΫϩʹศརɻ ‣ ࣗ࡞ΩʔϘʔυ࡞Γ௒ָ͍͠ɻ ‣ ৭ΜͳΩʔϘʔυ࡞Γ͍ͨʢপʣ ‣ ѱ͍USB͚ͩͲɺ࢖͍ํ࣍ୈͰ৭ʑͳ͜ͱ͕

    Ͱ͖Δͧʂ