Hackers of India

Here are your keystrokes

 Nikhil Mittal 

2011/11/04

Abstract

It is getting difficult by day to exploit machines using “ms08_netapi” during internal penetration tests. Nowadays, enterprises who are even a little serious about their security have their patches in place, servers are hardened, firewall policies are there, IPS and IDS devices are present (and configured) and there is some monitoring too. You may not find a machine vulnerable to a well known bug which allows you to exploit your way in the network (Ok, you may but we should know other ways too, right? ;-)). The first thing that comes to mind is client side attacks, a simple webpage or email attachment may do more damage than a shiny exploit. You have to turn to your social engineering skills to send some emails wishing that users click on some links and/or open some attachments, which again may depend on client side vulnerability. What if you can catch an unlocked system and type in some commands quickly or force a user browse to webpage of your choice? What if it would be possible to be dead accurate while using such commands? Know Teensy.

Teensy which is a very versatile device can be used as a keystroke dongle and can be programmed to “type” commands, use mouse when a specific condition is met. All you need to do is to program commands into the device, connect it to a system using USB port and you will see commands being sent. Much work has been done on Teensy, with some really great things done with this.

This talk focuses on simple usage of Teensy in a Penetration Test. The emphasis is on typing as less as possible to be stealthy, so mostly there will be one line code. You will see how easy it is to pwn a machine using teensy with just a few keystrokes. Some intuitive attack methods (or commands you can say) will be tried. We will have a look on how fabulously teensy goes through the instructions provided. We will also go through some steps in tutorial mode so that you can program your own teensy device. This is a relatively new attack vector and needs attention and contribution. The talk will be full of live demos. English conference