It sure would be nice if Windows client would pop-up some sort of dynamic challenge (like eg. a very simple CAPTCHA) on screen when a peripheral reporting as an HID device was plugged in before allowing input from that device to manipulate things in the OS. Sure would be nice.https://twitter.com/mame82/status/1205538348934352897 …
-
-
They possibly could be creatng a whitelist of approved USB devices by HID and these are the only ones that would be installed. https://docs.microsoft.com/en-us/windows/security/threat-protection/device-control/control-usb-devices-using-intune#allow-installation-and-usage-of-specifically-approved-peripherals … Obviously if a malicious HID is spoofing a legitimate keyboard then that would be an issue.
-
It's certainly better than nothing, in that it would force an attacker to do host-specific recon rather than just being able to take a device and use it opportunistically on any machine you come across. But one would like something more capable vs the spoofing problem.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
USB cable with implant for bi-directional RF communication connects mobile phone in airplane mode, with Win10 box (no network connections).
2nd mobile injects keystrokes and brings up a covert channel shell, using the RF implant. File transfer still works