Saturday, November 16, 2013

Multiplexed Wired Attack Surfaces

Kyle Osborn and I presented Multiplexed Wired Attack Surfaces at ToorCon 15. This was the second time we gave the talk. The first was at Black Hat USA 2013, but the ToorCon video was posted first.

The basic idea is that connectors on electronic devices are often used in unexpected ways and that some devices, especially phones and tablets, even multiplex several functions onto a single connector. We demonstrated how we are able to access an interactive shell on certain Android phones by connecting a special serial adapter to the phone's USB port; although we were physically connected to the phone via the USB port, we were not using USB.

Similar multiplexed interfaces are present on a wide variety of portable devices, often accessible via USB or headphone connectors. An excellent example using a headphone jack was published earlier this year. We hope that our talk will raise awareness about the attack surfaces presented by these types of interfaces.

The talk at ToorCon was a lot of fun. We got a shell and activated adb on a phone handed to us by a volunteer from the audience. I hope you enjoy the video, but you should also read the paper we wrote for Black Hat.

We've posted links to several resources related to the talk.

9 comments:

Doctor Who said...

Mr Ossman, I've gone over the work the two of you did last year with that diea to launch an ADB based shell on an Android based phone. I also studied the rig that you both wired. From the USB adapter it is easy to understand where everything goes. But not for the FT232R breakout board. What pins were selected for the colored wires in that photo?

Doctor Who said...

Pardon me, that should be "idea".

Xhakeira said...

this is what I need for my phone..
Informative URL for Atlanta Carpet Repair Company

Informative URL for Alaska Fishing Guide website said...

Thanks for sharing this resouces http://greatscottgadgets.com/infiltrate2013/ will check out this one

Informative URL for Santa Barbara Carpet Repair Outfit said...

This is way to complex for me, but it's a good post btw

Agen Bola Terpercaya said...

nice arrived hear Agen bola terpercaya

Agen Bola said...

nice day all guy.Agen Bola

Charlotte J. Gravely said...

Very nice post. I love it !
read more

Kyile rey said...

There is lot of articles on the web about this. But I like yours more, although i found one that’s more descriptive.

Access Control Services