MB60893 Posted May 29, 2018 Posted May 29, 2018 The Bash Bunny is brilliant. It can already emulate USB devices such as keyboards, USB to Ethernet adapters, serial devices and mass storage devices. I don’t know how Hak5 have implemented the emulation features, but I imagine the Bash Bunny could potentially emulate other USB devices...? My question is what other USB devices would be really interesting to see implemented? How about USB fingerprint readers, for example? Could this allow a current PC to divulge information about a user’s fingerprint, or perhaps allow another fingerprint to be loaded onto the system? I’m really interested in how this could be implemented, and what devices could be emulated. Please let me know what you think! -MB60893.
Dice Posted May 29, 2018 Posted May 29, 2018 The only moment emulating a fingerprint scanner would be to overrule the existing one (if available) and passing the fingerprint that allows you to access the system. Extracting that hash/token would require scripts or programs mounted from a function already present on the Bunny
Dice Posted May 29, 2018 Posted May 29, 2018 4 hours ago, RazerBlade said: It could emulate a mouse To what purpose ? have the mouse move around indefinately to prevent a screen going to sleep ?
Dave-ee Jones Posted May 30, 2018 Posted May 30, 2018 You can "pretend" to be anything provided you know the VID/PIDs of the thing you want to emulate. Have a Google around ? I believe there's a list on this forums somewhere as well, use the search bar.
MB60893 Posted May 30, 2018 Author Posted May 30, 2018 19 hours ago, Dice said: To what purpose ? have the mouse move around indefinately to prevent a screen going to sleep ? I imagine this wouldn't be of particular use. I just had a realization that there are many different types of USB devices out there, and because of this, there may be even more ways a system may be exploited, so I'm interested in seeing what devices we can emulate to expose vulnerabilities in a machine.
MB60893 Posted May 30, 2018 Author Posted May 30, 2018 7 hours ago, Dave-ee Jones said: You can "pretend" to be anything provided you know the VID/PIDs of the thing you want to emulate. Have a Google around ? I believe there's a list on this forums somewhere as well, use the search bar. Many thanks for this, @Dave-ee Jones! I'll look into this... ?
Dice Posted May 30, 2018 Posted May 30, 2018 3 minutes ago, MB60893 said: I imagine this wouldn't be of particular use. I just had a realization that there are many different types of USB devices out there, and because of this, there may be even more ways a system may be exploited, so I'm interested in seeing what devices we can emulate to expose vulnerabilities in a machine. In this light, i am trying to see which usb device would grant 'useful' access to a system. Interesting angle
Recommended Posts
Archived
This topic is now archived and is closed to further replies.