Hacking Even More USB with USB-Tools
2019-11-08, 16:30–16:55 (US/Pacific), Blue Day

USB seems hard -- and it shouldn't. A serious lack of inexpensive tooling has made this relatively simple (and near-omnipresent) protocol seem overwhelming -- to the point where even 'highly-secured' targets ignore USB as a vector for hacking and reverse engineering. In this talk, we discuss our efforts to dispel USB's aura of mystery -- and empower hackers and engineers to observe and interact directly with USB using a set of open-source tools that includes analyzers, fuzzers, and a variety of other USB-poking hardware and software.


The tasks of USB hacking and reverse engineering are often way more challenging than they need to be -- and accordingly, USB doesn't get nearly the attention it merits. USB is often neglected when sizing up systems -- whether when trying to understand a closed-off system, or trying to ensure your USB port doesn't become a vector for embarrassing vulnerabilities.

Earlier this year, we unveiled usb-tools -- an organization to unify open-source USB-hacking solutions -- and introduced ViewSB, our open-source, low-cost USB analysis toolkit. This talk documents our continued efforts to make USB fully accessible for designers, attackers, defenders, and reverse engineers alike. We'll talk about new developments in our tools -- with emphasis on Rhododendron, our ultra-low-cost USB analyzer, and new developments in the technologies that power FaceDancer and Numap, our USB emulation and fuzzing toolkits.

This talk -- as always -- features new live demonstrations, and focuses on introducing the audience to new tools and techniques they can use in their own daily USB lives.

Kate Temkin leads the software development team at Great Scott Gadgets. Kate is a seasoned USB researcher, and maintains a variety of open-source hardware and software tools, including FaceDancer and GreatFET, and has discovered a number of well-known USB vulnerabilities– including CVE-2018-6242, which famously allowed full exploitation of the Nintendo Switch. When not researching hardware security herself, her passions include making hardware and reverse engineering more accessible to everyone who wants to learn.

Kate has given talks at venues including the CCC, Hardwear.io, ShmooCon, ToorCon, TROOPERS, and many more-- including appearances as a keynote speaker. She also has authored full curricula for several university-level engineering courses, and routinely gives trainings on USB security.

-

Mikaela Szekely is an open-source software and hardware enthusiast with a long-standing interest in USB, embedded systems, and the (ab)use of arbitrary code execution vulnerabilities on video game consoles. At the confluence of these interests, she maintains “fusée-launcher”, an open-source USB exploit tool and firmware loader for the Nintendo Switch. When not maintaining her own tools, Mikaela contributes to a variety of open-source projects, makes truly terrible puns, and hones her computer science skills in scenic Colorado.