AHS Posted June 18, 2020 Posted June 18, 2020 So after having a laptop stolen, and finding really no help to recover it, I had to come up with an idea of my own, or maybe it exists, and I don't know. I want to exploit my own laptop by soldering a USB to the motherboard. This USB, once the computer is turned on and logged into, and detects a network, will do one, or all of three things: 1) Will drop a specific remote access file matching one that is pre-saved in a cloud server, allowing the original owner to remotely access their stolen computer. This file will be dropped every single time on startup, and if the file already exists, will write over the existing one, instead of dropping a new one. 2) Email the owner the IP address of the computer when internet is detected. 3) Email the owner GPS coordinates if available. This would be extremely discreet, and, except the motherboard in which it's soldered to, even if the hard drive was swapped out, or the BIOS or OS was wiped and reinstalled, the drive itself would be present, and persistent, allowing the device to be recovered, remotely wiped, etc. at any given time. An added Idea I was given, was to have this soldered USB contain personal information, and proof of purchase, so the rightful owner can't be contested. Would anyone want to help make this possible? I feel I'm in the right place for this, and I also feel that this would be a product that a LOT of people would really want.
Cap_Sig Posted June 21, 2020 Posted June 21, 2020 This would require a microcontroller if you plan on protecting it from system wipes. You would basically need a stand alone low jack. The next issue you will face is interfacing the built in WiFi adapter to the system for sending data. There are some things out there similar to this but are something usually the manufacture has be installed/setup that the owner activates.
AHS Posted June 27, 2020 Author Posted June 27, 2020 There's a few ideas that I'm mulling over. First: I think this could be relatively possible with a Raspberry Pi Zero W. If i connected it directly to a power source on the motherboard, it could boot up when the power gets turned on, and be programmed to email out whatever data it can find. There's already some pretty decent code written that is set up to do just that. The problem I'm currently running into is what you mentioned, getting it to interface with the wifi. It can't work if it doesn't know the login info, and in order to do that after a wipe, and the laptop being put on a new net work, it would have to be able to talk through the new network. I haven't been able to figure out how to do that yet. A second idea was removing a USB port and putting in a 3D non-removable cover and soldering a Ducky to the ports inside, programming it to wait a certain amount of time after receiving power (in order to wait for boot, login, and connecting to wifi) and have it execute a command to copy data and send out an email. An email could be sent out pretty covertly using commands in powershell, as seen here: https://www.howtogeek.com/wp-content/uploads/2012/07/Sample.txt Any help or ideas would be appreciated.
Cap_Sig Posted June 30, 2020 Posted June 30, 2020 On 6/27/2020 at 12:36 AM, AHS said: A second idea was removing a USB port and putting in a 3D non-removable cover and soldering a Ducky to the ports inside, programming it to wait a certain amount of time after receiving power (in order to wait for boot, login, and connecting to wifi) and have it execute a command to copy data and send out an email. An email could be sent out pretty covertly using commands in powershell, as seen here: https://www.howtogeek.com/wp-content/uploads/2012/07/Sample.txt I would for the time being look at this method. The Pi zero W would be really cool but as you said, it is not realistic interfacing wifi to work jointly with computer login. You could even look at adding a small GPS module if the laptop has internal room for it. Write a script to pull data from whatever sources you want and email out at regular intervals. This should protect against the laptop being wiped as well. Just a waiting game for it to be connected to internet.
THCMinister Posted July 1, 2020 Posted July 1, 2020 Why not create a guest account on the laptop with no password. When that account logs in, have it run the scripts to do what you want. Thieves are more than likely to take the path of least resistance. If they can log in and connect it to the internet, they'll use it. all others will factory reset/wipe if they can't get in. Limit the the rights on the account. Install and configure remote monitoring software. I use a very similar thing on my son's PC with a reverse meterpreter shell/custom scripts and tools.
AHS Posted August 11, 2020 Author Posted August 11, 2020 The reasons being: 1) I want to be able to have the hard drive encrypted. Having a guest account doesn't really allow that. 2) I don't want to make any assumptions about the potential thief. Including if they'll use it, or just sell it, and if they, or the person they sell it to, knows the most basic security measures. I feel it's relatively common knowledge, or at least widely enough known, that a wiped hard drive is an unrecoverable computer, to the point I don't want to trust that it won't happen. 3) I want the service to be free. I do think that hard wiring a ducky into a USB port from within the laptop, where the outside portion of the port can then be discreetly covered up to look as if it doesn't exist, would be the best option. I just have to take some time out to sit down and work out the code.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.