23. USBadBehavior: Using Novel USB Devices to Hack a System

USB is a universal standard for devices, such as a laptop or desktop computer, to communicate with peripherals or other computers. This project will look at how this communication between devices is exploited to allow an attacker to perform different malicious actions. The first device explored in this project is the bad USB. A bad USB is a device, typically disguised as a flash drive, which can be plugged into the USB port of any PC and allows the attacker to inject keystrokes quickly and automatically. The most common bad USB available on the market is the HAK5 USB Rubber Ducky, but these devices can be made from other kinds of USBs. In this project a Digispark Attiny85 is used in place of a USB Rubber Ducky, this device offers similar capabilities while being much cheaper, the main difference is that the USB Rubber Ducky is programmed using a ducky script while the Attiny85 is an Arduino based device. The Attiny85 is used to demonstrate how a simple USB device can be used to inject malicious code into a computer allowing the attacker to gain access to different methods of attack. The methods of attack used with these devices are typically some forms of PowerShell back door or keylogger, but there are many other forms of attack used with bad USBs. The second device in this project is a custom keyboard, based on the keyboards used in the classrooms of Newton Oaks, with a built-in keylogger and malicious code injector. The board used to both log the keystrokes of the keyboard and inject malicious code will be the Teensy 4.1. The Teensy 4.1 is another Arduino device that is embedded inside the shell of the keyboard to make the modified keyboard indistinguishable from any other keyboard. These devices will demonstrate the dangers of leaving a computer unlocked and unattended, both devices can give an attacker access to your computer, but the keyboard will demonstrate the dangers of hardware keyloggers which cannot be detected by antivirus software and will help give awareness to the dangers of hardware keyloggers.