Virtualised USB Fuzzing using QEMU and Scapy
|
|
- Teresa Taylor
- 5 years ago
- Views:
Transcription
1 Virtualised USB using QEMU and Scapy Breaking USB for Fun and Profit Tobias Mueller School of Computing Dublin City University / 28
2 1 Motivation USB Trivia USB Architecture 2 Obtaining valid USB communication QEMU Virtual USB Device 3 Stack Stress Test USB Fingerprinting Driver Flaws 2 / 28
3 About me Motivation USB Trivia USB Architecture About me Tobi(as) Mueller Mail 974C F452 FDA0 99D8 CB7E 54F7 DC03 BAA3 D349 2A2A Talk 40 mins Ask immediately Demos 3 / 28
4 About me Motivation USB Trivia USB Architecture Motivation What s the problem? USB supported by every major OS USB widely deployed USB drivers in kernel space Not easy to assess security Development board? Inject messages into kernel? 4 / 28
5 Digital Voting Pen Yes, it uses USB. hehe
6 In-Flight entertainment Based on Linux or VxWorks
7
8 About me Motivation USB Trivia USB Architecture USB <1990: Serial and Parallel ports IO and IRQs >1990: USB *yay* cheap to build hotplug auto config However <5 metres device device 8 / 28
9 About me Motivation USB Trivia USB Architecture Architecture Host initiated communication polling Yes, even with keyboards or mice packet-based SETUP IN OUT 9 / 28
10 Application Application Application Userspace Kernelspace Device Driver Device Driver Subsystem USB Stack Subsystem Electrical Layer
11 Device Descriptor Configuration Configuration Interface Interface Interface Endpoint Endpoint Endpoint Endpoint
12 Device Descriptor QemuUSB pipe direction D>H (device to h[...] pid IN devaddr 0 devep 0 length 18 USBIn Descriptor length 18 type Device DeviceDescriptor bcdusb 0x0200 bdeviceclass Base Class bdevicesubclass 0 bdeviceprotocol 0 bmaxpacketsize 64 idvendor 0x1307 idproduct 0x0163 bcddevice 256 imanufacturer 1 iproduct 2 iserialnumber 3 bnumconfigurations1 44 3e
13 Recent USB issues About me Motivation USB Trivia USB Architecture The Playstation 3 Hack Configuration Descriptor overflow... m( 13 / 28
14 Recent USB issues (cont.) About me Motivation USB Trivia USB Architecture Solaris FAIL Configuration Descriptor overflow by Andy Davies (CVE ) 14 / 28
15 About me Motivation USB Trivia USB Architecture Physical Access? Often argued that it s not in the OS s threat model except, it is... Not necessarily needed due to: USB/IP Wireless USB 15 / 28
16 Obtaining valid USB communication QEMU Virtual USB Device Dumb coined in late 80 s feed program with random(?) data received a lot of attention 2004 Smart Modify existing valid structured data Checksums Cover more code Patent encumbered? Scapy Awesome (!) framework sniff, manipulate, craft, send (Ethernet) packets models packets in Python 16 / 28
17 Obtaining valid USB communication QEMU Virtual USB Device Obtaining Valid USB communication Read specs :-( mount none -t debugfs /sys/kernel/debug mount none -t usbmon see Documentation/usb/usbmon.txt :-( Using QEMU: Implement filter to pipe out communication (originally done by Moritz Jodeit) 17 / 28
18 Obtaining valid USB communication QEMU Virtual USB Device Host Virtual Machine (QEMU) Filter USB Device 18 / 28
19 Obtaining valid USB communication QEMU Virtual USB Device Small demo 19 / 28
20 Obtaining valid USB communication QEMU Virtual USB Device QEMU Full virtualisation (not Xen, OpenVZ, UML, etc... ) Free (as in speech) Virtualisation (not VMWare) Existing Virtual USB Drivers (not VirtualBox as of end 2010) 20 / 28
21 Obtaining valid USB communication QEMU Virtual USB Device Virtual USB Device Take simple existing MSD or Serial driver Write out / Read in USB packets Implement desired behaviour externally cat and echo Or enhancing Scapy to read/write from pipes Automaton class 21 / 28
22 Obtaining valid USB communication QEMU Virtual USB Device Host Virtual Machine (QEMU) Virtual USB Software Device 22 / 28
23 Obtaining valid USB communication QEMU Virtual USB Device Small demo 23 / 28
24 USB Stack stress testing How many devices can you handle? def r u n s i m p l e t e s t ( qemu, timeout =4, d e l e t e=f a l s e ) : qemu. usb add ( mouse ) time. s l e e p ( timeout ) cmd = l i s t ( dmesg ) + [ space ] \ + [ minus ] + [ c ] + [ enter ] qemu. s e n d k e y s (cmd) u s b d e v i c e s = qemu. u s b i n f o ( ) i f d e l e t e : f o r d e v i c e i n u s b d e v i c e s [ usbdevices ] : qemu. u s b d e l ( %d.%d % ( d e v i c e [ busnr ], d e v i c e [ devaddr ] ) ) p r i n t qemu. c p u i n f o ( )
25 Stack Stress Test USB Fingerprinting Driver Flaws USB Fingerprinting Targeted attacks OS Packet Sequence Retries Windows SETUP, IN, OUT 3 Linux SETUP (9x), RESET 4+2 OpenBSD 4.7 SETUP, IN, OUT 7 FreeBSD 8.0 SETUP, IN, OUT 6 Tabelle: USB Stack Fingerprints of various operating systems 25 / 28
26 Stack Stress Test USB Fingerprinting Driver Flaws Driver Flaws Demo: Who s got Linux? 26 / 28
27 Future Work What s next? USB-3? (SuperSpeed, Device Initiated Communication) Making it work with GadgetFS Make that work on N900 Get more fingerprints Exploit more drivers Run shellcode USB Firewall 27 / 28
28 Q&A Questions? Muchas Gracias! Preguntas?! 28 / 28
Understand USB (in Linux)
Understand USB (in Linux) Krzysztof Opasiak Samsung R&D Institute Poland 1 Agenda What USB is about? Plug and Play How BadUSB works? May I have my own USB device? Q & A What USB is about? What Internet
More informationRINGDALE USB (UNIVERSAL SERIAL BUS) HID RELAY CONTROLLER (1543)
RINGDALE USB (UNIVERSAL SERIAL BUS) HID RELAY CONTROLLER (1543) TECHNICAL REFERENCE MANUAL Rev 1.0 April 2006 Copyright 2006 Ringdale, Inc. Printed in the United States of America 1 NOTE Information in
More informationKernel USB Gadget Configfs Interface. Matt Porter Linaro
Kernel USB Gadget Configfs Interface Matt Porter Linaro Overview Prereqs: understand USB Linux USB Terminology Brief history of USB gadget subsystem Other filesystem-based gadget interfaces Using USB gadget
More informationHow to fix Usually Slightly Broken devices and drivers?
How to fix Usually Slightly Broken devices and drivers? Krzysztof Opasiak Samsung R&D Institute Poland Agenda USB basics Plug & Play Plug & do what I want Plug & tell me more Summary Q & A 1 This presentation
More informationDebugging Usually Slightly Broken Devices and Drivers
Debugging Usually Slightly Broken Devices and Drivers Krzysztof Opasiak Samsung R&D Institute Poland Agenda USB basics Plug & Play Plug & do what I want Plug & tell me more Summary Q & A 1 This presentation
More informationTP-Link USB Port Hub Model UH700 Power 12V==2A
TP-Link USB 3.0 7-Port Hub Model UH700 Power 12V==2A From website: 7 USB 3.0 Standard A 1 USB 3.0 Micro B Chipset RTS5411./uhubctl Current status for hub 1-1.1 [0bda:5411 Generic 4-Port USB 2.0 Hub, USB
More informationRevealing Embedded Fingerprints: Deriving Intelligence from USB Stack Interactions
An NCC Group Publication Revealing Embedded Fingerprints: Deriving Intelligence from USB Stack Interactions Prepared by: Andy Davis Research Director andy.davis at nccgroup.com Contents 1 List of Figures
More informationUC20 WinCE USB Driver
UC20 WinCE USB Driver User Guide UMTS/HSPA Module Series Rev. UC20_WinCE_USB_Driver_User_Guide_V1.0 Date: 2013-08-12 www.quectel.com Our aim is to provide customers with timely and comprehensive service.
More informationARM Cortex core microcontrollers
ARM Cortex core microcontrollers 11 th Universal Serial Bus Balázs Scherer Budapest University of Technology and Economics Department of Measurement and Information Systems BME-MIT 2017 Goals Cheap standardized
More informationFuture Technology Devices International Ltd. Application Note AN_168. Vinculum-II USB Slave. Customizing an FT232 Device
Future Technology Devices International Ltd. Application Note AN_168 Vinculum-II USB Slave Customizing an FT232 Device Document Reference No.: FT_000395 Version 1.0 Issue Date: 2011-02-04 This application
More informationMWR InfoSecurity Security Advisory. Linux USB Device Driver - Buffer Overflow. 29 th October Contents
Contents MWR InfoSecurity Security Advisory Linux USB Device Driver - Buffer Overflow 29 th October 2009 2009-10-29 Page 1 of 8 Contents Contents 1 Detailed Vulnerability Description... 4 1.1 Technical
More informationSerial Communications
Serial Communications p. 1/2 Serial Communications Prof. Stephen A. Edwards sedwards@cs.columbia.edu Columbia University Spring 2007 Early Serial Communication Serial Communications p. 2/2 Data Terminal
More informationFuzzing the USB in your devices
Fuzzing the USB in your devices or How to root your USB-stick Olle Segerdahl olle@nxs.se whoami Technical IT-sec background Currently in Information Assurance When you're sure it does what it's specified
More informationCM6120-S Best USB Audio Single Chip for PC Speakers Solution
DESCRIPTION CM6120S series is a highly integrated single chip for USB speaker application with 2-Channel Class-D output. Minimum external components are needed for building an USB speaker system, which
More informationSerial Communications
Serial Communications p. 1/2 Serial Communications CSEE W4840 Prof. Stephen A. Edwards Columbia University Early Serial Communication Serial Communications p. 2/2 Data Terminal Equipment Serial Communications
More informationApplication Note. 32-bit Cortex -M0 MCU NuMicro Family. Application Note of NUVOTON 32-bit NuMicro Family
of NUVOTON 32-bit NuMicro Family 32-bit Cortex -M0 MCU NuMicro Family An Example of CCID (Circuit Card Interface Devices) - i - Rev. 1.00 Table of Contents- 1 INTRODUCTION... 2 2 CCID PROGRAM... 3 2.1
More informationApplication Note: AN00136 USB Vendor Specific Device
Application Note: AN00136 USB Vendor Specific Device This application note shows how to create a vendor specific USB device which is on an XMOS multicore microcontroller. The code associated with this
More informationDirect IP. Direct IP Integration Guide Rev 1.0 Distribution under NDA only
Direct IP Direct IP Integration Guide 2131327 Rev 1.0 Distribution under NDA only Preface Important Notice Safety and Hazards Due to the nature of wireless communications, transmission and reception of
More informationEmulating USB Device Firmware Update
Introduction Emulating USB Device Firmware Update for Quickly Reversing and Exploiting Embedded Systems Travis Goodspeed Breakpoint 2012, Melbourne, Australia Travis Goodspeed () Emulating DFU Breakpoint
More informationJSR80 API Specification
JSR80 API Specification Dan Streetman ddstreet@ieee.org January 27, 2004 CONTENTS i Contents 1 Introduction 1 2 USB Bus Topology 1 3 USB Device Hierarchy 2 4 UsbDevice 3 5 UsbConfiguration 4 6 UsbInterface
More informationHacking the Kinect. Created by lady ada. Last updated on :21:33 AM UTC
Hacking the Kinect Created by lady ada Last updated on 2017-07-14 05:21:33 AM UTC Guide Contents Guide Contents Overview Verify the VID & PID Determine the Descriptors Making a Driver Installing Python
More informationUSB INTERFACE SPECIFICATION
USB INTERFACE SPECIFICATION IOLab Document Number 1814F03 Revision 11 Prepared for W.H. Freeman Date: 24-Jul-2013, 11:10 AM This document is the property of Indesign, LLC and is considered PROPRIETARY.
More informationS1R72U06 Technical Manual
S1R72U06 Technical Manual Rev. 1.00 NOTICE No part of this material may be reproduced or duplicated in any form or by any means without the written permission of Seiko Epson. Seiko Epson reserves the right
More informationUsing a VMware Network Infrastructure to Collect Traffic Traces for Intrusion Detection Evaluation
Using a VMware Network Infrastructure to Collect Traffic Traces for Intrusion Detection Evaluation by Frederic Massicotte, Mathieu Couture and Annie De Montigny Leboeuf http://www.crc.ca/networksystems_security/
More informationAN2554. Creating a Multi-LUN USB Mass Storage Class Device Using the MPLAB Harmony USB Device Stack INTRODUCTION CONTROL TRANSFERS
Creating a Multi-LUN USB Mass Storage Class Device Using the MPLAB Harmony USB Device Stack INTRODUCTION The Universal Serial Bus (USB) protocol is widely used to interface storage devices to a USB Host
More informationPL-25A1 Hi-Speed USB Host-to-Host Bridge Controller (Chip Revision B) Product Datasheet
PL-25A1 Hi-Speed USB Host-to-Host Bridge Controller (Chip Revision B) Product Datasheet Document Revision: 1.0B Document Release: Prolific Technology Inc. 7F, No. 48, Sec. 3, Nan Kang Rd. Nan Kang, Taipei
More informationLZ85202 IrDA Control Host Controller with USB Interface User s Guide
IrDA Control Host Controller with USB Interface User s Guide Version. SHARP reserves the right to make changes in specifications described herein at any time and without notice in order to improve design
More informationReliable Linux Wireless - Techniques for Debugging Wireless Module Integrations STEVE DEROSIER / CAL-SIERRA CONSULTING
Reliable Linux Wireless - Techniques for Debugging Wireless Module Integrations STEVE DEROSIER / CAL-SIERRA CONSULTING IntroducIon 50 minutes?! How to work with WiFi modules with the Linux kernel - especially
More informationMASSIVE SCALE USB DEVICE DRIVER FUZZ WITHOUT DEVICE. HC Tencent s XuanwuLab
MASSIVE SCALE USB DEVICE DRIVER FUZZ WITHOUT DEVICE HC Ma @ Tencent s XuanwuLab whoami Security Researcher@ Used to doing Chemistry; Interested in: Console Hacking; Embedded Device Security; Firmware Reverse
More informationQiang Li && Zhibin Hu/Qihoo 360 Gear Team Ruxcon 2016
Qiang Li && Zhibin Hu/Qihoo 360 Gear Team Ruxcon 2016 Who are we Security researcher in Qihoo 360 Inc(Gear Team) Vulnerability discovery and analysis Specialize in QEMU currently 50+ security issues, 33
More informationA Userspace Packet Switch for Virtual Machines
SHRINKING THE HYPERVISOR ONE SUBSYSTEM AT A TIME A Userspace Packet Switch for Virtual Machines Julian Stecklina OS Group, TU Dresden jsteckli@os.inf.tu-dresden.de VEE 2014, Salt Lake City 1 Motivation
More informationUnencrypted Mouse Packet
MouseJack Injecting Keystrokes into Wireless Mice Marc Newlin Bastille Threat Research Team February 12, 2016 Abstract MouseJack is a collection of security vulnerabilities affecting non-bluetooth wireless
More informationPL-2533 Hi-Speed USB MS PRO / MS / SD / MMC Card Reader Controller IC Product Datasheet
查询 PL-2533 供应商 捷多邦, 专业 PCB 打样工厂,24 小时加急出货 PL-2533 Hi-Speed USB MS PRO / MS / SD / MMC Card Reader Controller IC Product Datasheet Document Revision: 1.4 Document Update: Prolific Technology Inc. 7F, No.
More informationDevops, Docker and Security. John
Devops, Docker and Security John Willis @botchagalupe About Me https://github.com/botchagalupe/my-presentations One of the founding members of Devopsdays Co-author of the Devops Handbook. Author of the
More informationUniversal Serial Bus Device Class Definition For Content Security Devices
Universal Serial Bus Device Class Definition For Content Security Devices INTEL CORPORATION MICROSOFT CORPORATION PHILIPS ITCL-USA USB 1.0 Release Candidate Revision 0.9a January 26, 2000 January, 26,
More informationAN USB HID Intermediate with PSoC 3 and PSoC 5LP. Contents. 1 Introduction
AN58726 Author: Robert Murphy Associated Project: Yes Associated Part Family: All PSoC 3 and PSoC 5LP parts Software Version: PSoC Creator 3.3 SP1 and higher Related Application Notes: See Related Resources
More informationPL-2507 Hi-Speed USB 2.0 to IDE Bridge Controller Preliminary Datasheet
PL-2507 Hi-Speed USB 2.0 to IDE Bridge Controller Preliminary Datasheet Document Revision: 0.9 Document Release: August, 2002 Prolific Technology Inc. 7F, No. 48, Sec. 3, Nan Kang Rd. Nan Kang, Taipei
More informationT24 Technical Manual Programming guide & advanced documentation. User Manual mantracourt.com
T24 Technical Manual Programming guide & advanced documentation User Manual mantracourt.com Introduction / Overview... 6 2.4GHz Radio General... 6 Communicating with T24 Devices... 6 Packet Types... 6
More informationIntroduction to USB/LPC23xx
Introduction to USB/LPC23xx Amitkumar (Amit) Bhojraj Business Line Standard IC s Product Line Microcontrollers October 2007 Introduction to USB Agenda LPC23xx Block diagram MCB2300 demo 2 Introduction
More informationUSS-720 Instant USB USB-to-IEEE* 1284 Bridge
Preliminary Data Sheet, Rev. 3 USS-720 Instant USB USB-to-IEEE* 1284 Bridge Features Device Features: Full compliance with the Universal Serial Bus Specification Revision 1.0 On-chip transceivers for USB
More informationAn Introduction to Universal Serial Bus
An Introduction to Universal Serial Bus Neil Scott June 27, 2008 NEIL SCOTT JUNE 27, 2008 1 Overview Introduction History Hierarchy Enumeration Demonstration Circuit Conclusions Questions NEIL SCOTT JUNE
More informationPart 1 - Introduction to USB
USB Made Simple - Part 1 Index Part 1 - Introduction to USB Forward Part 1 Part 2 Part 3 Part 4 Part 5 Part 6 Part 7 Links This series of articles on USB is being actively expanded. If you find the information
More informationTravis Cardwell Technical Meeting
.. Introduction to Docker Travis Cardwell Tokyo Linux Users Group 2014-01-18 Technical Meeting Presentation Motivation OS-level virtualization is becoming accessible Docker makes it very easy to experiment
More informationInternet infrastructure
Internet infrastructure Prof. dr. ir. André Mariën (c) A. Mariën 04/03/2014 1 Topic Vulnerability and patch management (c) A. Mariën 04/03/2014 2 Requirements Security principle: Everything can and will
More informationHypervisor security. Evgeny Yakovlev, DEFCON NN, 2017
Hypervisor security Evgeny Yakovlev, DEFCON NN, 2017 whoami Low-level development in C and C++ on x86 UEFI, virtualization, security Jetico, Kaspersky Lab QEMU/KVM developer at Virtuozzo 2 Agenda Why hypervisor
More informationCM6327A USB Audio Single Chip Solution for Mono Microphone
DESCRIPTION CM6327A is C-Media s new Audio SOC IC. It contains high performance Mono ADC, and have various interface like I2C, allowing all kinds of Microprocessor or DSP to communicate. Especially in
More informationEmbedded USB Drive. Preliminary Release. Revision History. July 14, 2006
Revision History May 24, 2006 Updated datasheet to Reflect Gen III drive with SM324 Controller July 14,2006 Updated mechanical drawing and P/N decoding Asia: Plot 18, Lrg Jelawat 4, Kawasan Perindustrian
More informationPL-2305 USB to Printer Bridge Controller (Chip Rev I) Product Datasheet
PL-2305 USB to Printer Bridge Controller (Chip Rev I) Product Datasheet Document Revision 1.0 Document Release: Prolific Technology Inc. 7F, No. 48, Sec. 3, Nan Kang Rd. Nan Kang, Taipei 115, Taiwan, R.O.C.
More informationInterrupt transfers & USB 2.0 & USB 3.0. Group Members Mehwish Awan Mehwish Kiran
Interrupt transfers & Isochronous transfers in USB 2.0 & USB 3.0 Group Members Mehwish Awan Mehwish Kiran Agenda What is isochronous transfer? Use of isochronous transfer Format of isochronous transactions
More informationHandbook. Step by step practical hacking training
HACKING SCHOOL Handbook Step by step practical hacking training Title: Hacking School - Handbook First English Edition, 2010. ISBN: 978-83-923745-3-4 Copyright 2010 by CSH Press. All rights reserved. The
More informationRevision History. Rev Date Details A October 14, 2008 New release of Short and Legacy eusb Spec with SM325AC controller
Revision History Rev Date Details A New release of Short and Legacy eusb Spec with SM325AC controller Asia: Plot 18, Lrg Jelawat 4, Kawasan Perindustrian Seberang Jaya 13700, Prai, Penang, Malaysia Tel:
More informationUniversal Serial Bus Device Class Definition Billboard Devices
RELEASE 1.21-1 - USB Device Class Definition Universal Serial Bus Device Class Definition for Billboard Devices Revision 1.21 RELEASE 1.21-2 - USB Device Class Definition Copyright 2016, USB 3.0 Promoter
More informationUniversal Serial Bus Device Class Definition for Printing Devices
Universal Serial Bus Device Class Definition for Printing Devices Version 1.1 January 2000 Contributors Axiohn IPB Kevin Butler Kevin.Butler@axiohm.com Canon Sadahiko Sano sano@cse.canon.co.jp Canon Naoki
More informationCM6327A USB Single-Chip Audio Solution for Mono Microphone
DESCRIPTION The CM6327A is C-Media s new Audio SOC IC designed for advanced VoIP applications. It boasts a high-performance mono ADC, as well as I2C interface, that allows for communication with various
More informationGeneral Pr0ken File System
General Pr0ken File System Hacking IBM s GPFS Felix Wilhelm & Florian Grunow 11/2/2015 GPFS Felix Wilhelm && Florian Grunow #2 Agenda Technology Overview Digging in the Guts of GPFS Remote View Getting
More informationApplication Note AN_164. Vinculum-II USB Slave. Writing a Function Driver
Future Technology Devices International Ltd. Application Note AN_164 Vinculum-II USB Slave Writing a Function Driver Document Reference No.: FT_000373 Version 1.0 Issue Date: 2011-03-15 This application
More informationUniversal Serial Bus Device Class Definition for Mass Storage Devices
Universal Serial Bus Device Class Definition for Mass Storage Devices 0.90c Draft Revision February 2, 1996 Scope of this Revision The 0.9c release candidate of this definition is intended for industry
More informationComposite USB Gadgets on the Raspberry Pi Zero isticktoit.net 1 / :36. g_{hid,ether,serial,*}
1 / 8 23.4.2017 17:36 g_{hid,ether,serial,*} 2 / 8 23.4.2017 17:36 $ sudo BRANCH=next rpi-update $ echo "dtoverlay=dwc2" sudo tee -a /boot/config.txt $ echo "dwc2" sudo tee -a /etc/modules libcomposite
More informationCM6307A USB Audio Single Chip with Array Microphone
DESCRIPTION CM6307A is C-Media s new Audio SOC IC. It contains highly performance ADC, and is extended by additional interface like I2C, SPI, allowing all kinds of Micro processor or DSP to communicate
More informationEZ Loader Custom USB Firmware Loader Driver
Introduction A unique feature of the Cypress EZ-USB, EZ-USB FX, and EZ-USB FX2 family of microcontrollers is the ability to change device personality through firmware download and ReNumeration. An EZ-USB-based
More informationChapter 13: I/O Systems
COP 4610: Introduction to Operating Systems (Spring 2015) Chapter 13: I/O Systems Zhi Wang Florida State University Content I/O hardware Application I/O interface Kernel I/O subsystem I/O performance Objectives
More informationUsing the HT66FB5x0 for 2D Joystick Applications C Language Example
Using the HT66FB5x0 for D Joystick Applications C Language Example D/N : AN0E Introduction The HT66FB5x0 series of devices are 8-bit A/D type Flash MCUs with a USB interface. This application note provides
More informationCM6120-XL USB 2CH Audio Controller for Speaker
DESCRIPTION CM6120-XL series is a highly integrated single chip for USB speaker application with 2-Channel Class-D output. Minimum external components are needed for building an USB speaker system, which
More informationUSB System Design in Sitara Devices Using Linux. [Part 6]: Use USB in Device Mode Bin Liu (EP, Processors)
USB System Design in Sitara Devices Using Linux [Part 6]: Use USB in Device Mode Bin Liu (EP, Processors) Agenda Define USB Use Case Design USB Hardware Configure USB in Kernel Verify USB in sysfs Use
More informationLast time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control
Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating
More informationPL-2507C Hi-Speed USB 2.0 to IDE Bridge Controller Product Datasheet
PL-2507C Hi-Speed USB 2.0 to IDE Bridge Controller Product Datasheet Document Revision: 1.2 Document Release: October, 2004 Prolific Technology Inc. 7F, No. 48, Sec. 3, Nan Kang Rd. Nan Kang, Taipei 115,
More informationComputer Engineering Laboratory. MSc THESIS. PDP8 meets USB
2004 Computer Engineering Laboratory MSc THESIS PDP8 meets USB Abstract The first PDP minicomputer was built by Digital Equipment Corporation (DEC) in 1960. DEC produced several different types of PDP
More informationMCUXpresso SDK USB Stack Composite Device User s Guide
NXP Semiconductors Document Number: USBCOMDUG User s Guide Rev. 6, 03/2017 MCUXpresso SDK USB Stack Composite Device User s Guide 1 Overview This document describes steps to implement a composite device
More informationI run a Linux server, so we re secure
Silent Signal vsza@silentsignal.hu 18 September 2010 Linux from a security viewpoint we re talking about the kernel, not GNU/Linux distributions Linux from a security viewpoint we re talking about the
More informationQNX Momentics DDK. Universal Serial Bus (USB) Devices. For QNX Neutrino or QNX , QNX Software Systems Ltd.
QNX Momentics DDK Universal Serial Bus (USB) Devices For QNX Neutrino 6.3.0 or QNX 4 2004, QNX Software Systems Ltd. QNX Software Systems Ltd. 175 Terence Matthews Crescent Kanata, Ontario K2M 1W8 Canada
More informationChapter 13: I/O Systems
Chapter 13: I/O Systems Silberschatz, Galvin and Gagne 2013! Chapter 13: I/O Systems I/O Hardware" Application I/O Interface" Kernel I/O Subsystem" Transforming I/O Requests to Hardware Operations" STREAMS"
More informationVirtually Pwned Pentesting Virtualization. Claudio
Virtually Pwned Pentesting Virtualization Claudio Criscione @paradoxengine c.criscione@securenetwork.it Claudio Criscione /me The need for security Breaking virtualization means hacking the underlying
More informationVirtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.
Virtualization...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania April 6, 2009 (CIS 399 Unix) Virtualization April 6, 2009 1 / 22 What
More informationVirtual Machine Monitors!
ISA 673 Operating Systems Security Virtual Machine Monitors! Angelos Stavrou, George Mason University! Virtual Machine Monitors 2! Virtual Machine Monitors (VMMs) are everywhere! Industry commitment! Software:
More informationSMART MODULAR eusb Drive
SMART MODULAR eusb Drive PN:, Rev B www.smartm.com REVISION HISTORY Date Revision Details October 2013 A Initial and Preliminary release. B Preliminary designation removed. TBW values updated. ESD Caution
More informationCMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 09, SPRING 2013
CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 09, SPRING 2013 TOPICS TODAY I/O Architectures Interrupts Exceptions FETCH EXECUTE CYCLE 1.7 The von Neumann Model This is a general
More informationQNX Momentics DDK. Universal Serial Bus (USB) Devices. For QNX Neutrino or QNX , QNX Software Systems GmbH & Co. KG.
QNX Momentics DDK Universal Serial Bus (USB) Devices For QNX Neutrino 6.3.0 or QNX 4 2006, QNX Software Systems GmbH & Co. KG. 2000 2006, QNX Software Systems. All rights reserved. Published under license
More informationVIRTIO 1.0. Paravirtualized I/O for KVM and beyond. Stefan Hajnoczi 8 th February 2014 INTERNAL ONLY PRESENTER NAME
VIRTIO 1.0 Paravirtualized I/O for KVM and beyond Stefan Hajnoczi 8 th February 2014 1 What we're going to cover How VIRTIO 1.0 works You want to: Understand paravirtualized I/O Design
More informationISA 564 SECURITY LAB. Introduction & Class Mechanics. Angelos Stavrou, George Mason University
ISA 564 SECURITY LAB Introduction & Class Mechanics Angelos Stavrou, George Mason University Course Mechanics Course URL: http://cs.gmu.edu/~astavrou/isa564_f16.html Instructor Angelos Stavrou Email: astavrou@gmu.edu
More informationDavid Harrison, Design Engineer for Model Sounds Inc.
David Harrison, Design Engineer for Model Sounds Inc. 1 History -1 In 1994 an alliance of four industry partners (Compaq, Intel, Microsoft and NEC) started to specify the Universal Serial Bus (USB). The
More informationDesign Of Linux USB Device Driver For LPC2148 Based Data Acquisition System Including GSM.
Design Of Linux USB Device Driver For LPC2148 Based Data Acquisition System Including GSM. Snehal A. More, Tejashree R. Padwale, Anuja B. Sapkal, Prof. Pradeep R. Taware Abstract- Among several other advantages
More informationEZ-USB AT2LP USB 2.0 to ATA/ATAPI Bridge
EZ-USB AT2LP USB 2.0 to ATA/ATAPI Bridge 1.0 Features (CY7C68300B/CY7C68301B and ) Fixed-function mass storage device requires no firmware code Two power modes: Self-powered and USB bus-powered to enable
More informationResults of a security assessment of the TCP and IP protocols and common implementation strategies
Results of a security assessment of the TCP and IP protocols and common implementation strategies Fernando Gont project carried out on behalf of UK CPNI DEEPSEC 2009 Conference November 17-20, 2009. Vienna,
More informationRenesas USB MCU and USB ASSP
APPLICATION NOTE Renesas USB MCU and USB ASSP LibUSB - A Complete RX USB Function and PC Host Solution R01AN0492EJ0200 Rev. 2.00 Introduction You don t necessarily have to follow a class specification
More informationBOOTSTRAP YOURSELF WITH LINUX-USB STACK: DESIGN, DEVELOP, DEBUG, AND VALIDATE EMBEDDED USB
BOOTSTRAP YOURSELF WITH LINUX-USB STACK: DESIGN, DEVELOP, DEBUG, AND VALIDATE EMBEDDED USB RAJARAM REGUPATHY Course Technology PTR A part of Cengage Learning ;
More informationCIT 480: Securing Computer Systems. Operating System Concepts
CIT 480: Securing Computer Systems Operating System Concepts Topics 1. What is an OS? 2. Processes 3. Memory management 4. Filesystems 5. Virtual machines A Computer Model An operating system has to deal
More informationChapter 13: I/O Systems. Operating System Concepts 9 th Edition
Chapter 13: I/O Systems Silberschatz, Galvin and Gagne 2013 Chapter 13: I/O Systems Overview I/O Hardware Application I/O Interface Kernel I/O Subsystem Transforming I/O Requests to Hardware Operations
More informationAn introduction to the Katsuni theorem and its application to sandboxing and software emulation. Jonathan Brossard (Toucan System)
An introduction to the Katsuni theorem and its application to sandboxing and software emulation Jonathan Brossard (Toucan System) 25/09/2013 Who am I? - Security researcher, publishing since 2005. - Past
More informationCreating a USB Audio Device on a PIC32 MCU Using MPLAB Harmony
Creating a USB Audio Device on a PIC32 MCU Using MPLAB Harmony Introduction The Universal Serial Bus (USB) is among the most commonly used interfaces for connecting different electronic devices. Along
More informationUniversal Serial Bus Mass Storage Class. Bulk-Only Transport
Universal Serial Bus Mass Storage Class Bulk-Only Transport Revision 1.0[RC3RC4] Revision 1.0[RC3] March 29, 1999 Change History Revision Issue Date Comments 0.7 September 23, 1998 Initial draft, pre-release
More informationDesigning A Low Cost USB-PS/2 Combination Interface Mouse with the Cypress Semiconductor CY7C63723 encore USB Microcontroller
Designing A Low Cost USB-PS/2 Combination Interface Mouse with the Cypress Semiconductor CY7C63723 encore USB Microcontroller Introduction The Universal Serial Bus (USB) is an industry standard serial
More informationPL-2303X Edition (Chip Rev A) USB to Serial Bridge Controller Product Datasheet
PL-2303X Edition (Chip Rev A) USB to Serial Bridge Controller Product Datasheet Document Revision: 1.5F Document Release: Prolific Technology Inc. 7F, No. 48, Sec. 3, Nan Kang Rd. Nan Kang, Taipei 115,
More informationLinux Kernel Futex Fun: Exploiting CVE Dougall Johnson
Linux Kernel Futex Fun: Exploiting CVE-2014-3153 Dougall Johnson Overview Futex system call Kernel implementation CVE-2014-3153 My approach to exploiting it Futexes Fast user-space mutexes 32-bit integer
More informationCIS c. University of Pennsylvania Zachary Goldberg. Notes
Notes Root Privileges sudo su Changing system configuration needs root Installing things, like Perl Modules! Intentionally things are owned by root so you don t accidentally break anything! 10/03/09 Slide
More information3.1 Introduction. Computers perform operations concurrently
PROCESS CONCEPTS 1 3.1 Introduction Computers perform operations concurrently For example, compiling a program, sending a file to a printer, rendering a Web page, playing music and receiving e-mail Processes
More informationTiming Attacks Made Practical
Timing Attacks Made Practical Timothy D. Morgan Blindspot Security Jason W. Morgan Ohio State Timothy D. Morgan Founder & Chief Pwner Blindspot Security Jason W. Morgan, Ph.D. Post-Doctoral Researcher
More informationVirtunoid: Breaking out of KVM
Virtunoid: Breaking out of KVM Nelson Elhage Black Hat USA 2011 July 27, 2011 Nelson Elhage (Black Hat USA 2011) Virtunoid: Breaking out of KVM July 27, 2011 1 / 42 Outline 1 KVM: Architecture overview
More informationCS 485/ECE 440/CS 585 Fall 2013 Midterm
CS 485/ECE 440/CS 585 Fall 2013 Midterm Name: This test is open book and open notes, but closed neighbor and closed everything else except for a pen or pencil. If you are logged into any lab computer or
More informationHands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last revised 10-4-17 KonBoot Get into any account without the password Works on Windows and Linux No longer free Link Ch 5r From the
More informationHands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last revised 1-11-17 KonBoot Get into any account without the password Works on Windows and Linux No longer free Link Ch 5r From the
More information