Jump to content

Imac > Hardware Keylogger?


whitehat
 Share

Recommended Posts

Posted · Hidden by whitehat, May 16, 2012 - spammers are stalking me on here
Hidden by whitehat, May 16, 2012 - spammers are stalking me on here

hmm thanks Mr. Protocol, but if data coming out of the keyboard was encrypted wouldn't that preclude it working when that keyboard is plugged into a PC or older/tower Mac? Because it worked in those scenarios.

Also, just for the record, these USB Apple keyboards come with a USB port for your mouse. We tried it with and without the mouse plugged in. The mouse is also not detected when the logger is attached.

Link to comment
Posted · Hidden by whitehat, May 16, 2012 - booty
Hidden by whitehat, May 16, 2012 - booty

I think OP said he did take the mac KB to a PC and it worked.

Indeed. It sucks too, bc I got authorized to do a pen test that mostly uses Mac's and I've been having a string of bad luck w/ it.

Idk about the HID number theory although I'd be happy to test it if I knew how. The reason I say idk though is that the iMacs will work with any keyboard or HID so it would have to be that they figured out what the HID number of the logger is and blacklisted it, which seems unlikely (especially given that it's not just this one logger based on what Hamiltonian is saying).

Link to comment

I think OP said he did take the mac KB to a PC and it worked. I had not come across this issue myself, but now that you mention it I can confirm that my iMac also experienced the phenomena with a KL.

HID number? Interesting. Any way to test or work around that? I didn't realize these things had a number associated with them?

Ah, skimmed the OP :P.

Most notably for the rubber ducky to emulate not only a HID (keyboard) but any other type of device. I guess me saying HID was incorrect. Sorry, it's late and too distracted lol. But devices do have an Device ID to let the computer know what it is to a degree.

Indeed. It sucks too, bc I got authorized to do a pen test that mostly uses Mac's and I've been having a string of bad luck w/ it.

Idk about the HID number theory although I'd be happy to test it if I knew how. The reason I say idk though is that the iMacs will work with any keyboard or HID so it would have to be that they figured out what the HID number of the logger is and blacklisted it, which seems unlikely (especially given that it's not just this one logger based on what Hamiltonian is saying).

As I said before, HID was the wrong word for me to use. But that might be something to do with why the rubber ducky freaks out on Macs? I don't hit the rubby ducky thread as hard as I should.

For all I know, Apple could have known about the device and blocked it's ID from the OS.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...