[Version 1] Getting The Os?

[DjMaddius]

Is there a way to quickly get the operating system the teensy is connected to?

[Jerico_Tyler]

look at the screen :P

software wise I don't think you can talk back to the ducky

[DjMaddius]

I meant software wise.

[Jerico_Tyler]

only thing I think the ducky can get back is the num/scroll/cap lock lights

[DjMaddius]

Ahh thats to bad.

[H@L0_F00]

If the Teensy is considered a HID, what is to stop someone from coding a program to communicate with it?

[Seshan]

You can comunicate with HID's, Think force feedback joysticks? Those are HIDs right? But maybe they count as something else :|

Edited April 25, 2010 by Seshan

[stacked]

It is not like a Ps/2 keyboard, since it is usb it has few limitations. Communication seems pretty easy.

It would be a good idea to check the source code of teensy loader and teensyduino to see how it communicates naturally. (I am thinking that teensy is an open source project)

[H@L0_F00]

You can comunicate with HID's, Think force feedback joysticks? Those are HIDs right?

Exactly...

Just found this.

We're in business... ;)

[stacked]

http://www.irongeek.com/i.php?page=securit...eystroke-dongle

I found this link on teensy's website and found it interesting.

At schmoocon 2010 the ducky was called a "phantom keystroker"

E/

It was also given this acronym.

Programmable HID USB Keystroke Dongle,

or PHUKD for short.

Edited April 25, 2010 by stacked

[Seshan]

No, the phantom keystroker is this http://www.thinkgeek.com/computing/input/ae83/ There is a thread on phukd here http://www.hak5.org/forums/index.php?showtopic=16061&hl=

[Paul Stoffregen]

Is there a way to quickly get the operating system the teensy is connected to?

Not easily or directly. But much like TCP/IP fingerprinting, there are subtle differences between the various operating systems which might be recognizable.

For example, you could probably tell windows vs macos vs linux by just recording a log of which endpoint0 messages arrive, and perhaps their relative timing (eg, use timer1 in 16 bit CTC mode and capture the value for each logged message).

Recently I've been working on a USB mass storage example. The specific SCSI commands each operating system sends are very different, at least while starting the driver and reading the partition table. For example, Windows XP sends command 0x23 right after the 1st inquiry, but linux and macos never use 0x23. If the WP bit indicates the card is writable, macos is the only system that immediately writes things like a .Trashes directory, but linux and windows immediately write stuff (at least clean, default installs don't anyway).

The HID drivers are pretty similar on all 3 systems, but I'm pretty sure if you intentionally gave wrong responses, there would be detectable differences in the ways each system handles certain situations and recovers.

Of course, this is some fairly advanced hacking on the low-level USB code. It's all available to be edited, though you'll need quite a bit of knowledge about USB. A USB protocol analyzer (eg, beagle12) would help, but at least a good USB packet sniffer program would probably suffice.

Then again, maybe just a simple array with code storing the first several dozen USB events/messages might give enough info. I really hope someone tries this. There are so many interesting things like this, which so far nobody seems to have attempted and published their results.

[Jerico_Tyler]

well I'm glad I was wrong

[deleted]

Well, a simple although easily thwarted solution could be devised with what we have.

If you are able to get the the state of a Num Lock Light, since some windows systems will have the num lock key active at boot so you could have it guess the operating system from that. Just a thought (and probably a wrong one at that).

[H@L0_F00]

Maybe representing the Teensy as a HID keyboard accommodating special buttons (Home, Internet, Back, Forward, etc.) would allow more communication between the Teensy and the OS that would be more OS specific?

Edited April 26, 2010 by H@L0_F00

[Jerico_Tyler]

Well, a simple although easily thwarted solution could be devised with what we have.

If you are able to get the the state of a Num Lock Light, since some windows systems will have the num lock key active at boot so you could have it guess the operating system from that. Just a thought (and probably a wrong one at that).

That's actually set in the bios (I had an old pc that had locked bios with numlock turned off by default and it drove me crazy) but most bios have it on by default so I guess that might work.

[deleted]

That's actually set in the bios (I had an old pc that had locked bios with numlock turned off by default and it drove me crazy) but most bios have it on by default so I guess that might work.

I've been using Mac's too long... :(

[stacked]

Thinking about it more, a simple 2 way switch would suffice.

Since the 3 primary target would be Linux, Mac, and Windows. I don't think very many people use BSD or Solaris.

Linux is also out of the picture because it is so protected under Super User privileges. Also I wouldn't want to exploit anything open source; it just doesn't seem right.

So a Mac vs Pc switch would work. Also Macs are very distinguishable by there casing.

[Seshan]

Thinking about it more, a simple 2 way switch would suffice.

Since the 3 primary target would be Linux, Mac, and Windows. I don't think very many people use BSD or Solaris.

Linux is also out of the picture because it is so protected under Super User privileges. Also I wouldn't want to exploit anything open source; it just doesn't seem right.

So a Mac vs Pc switch would work. Also Macs are very distinguishable by there casing.

It's really just Windows VS no one. Mac's also need user passwords if you want to change anything serious from the terminal, or install anything like key loggers.