Security
Key-logger, Video, Mouse
How to turn your KVM into a raging key-logging monster
Key-Loggers are cool, really cool. It seems, however, that every conceivable aspect of key-logging has already been covered: from physical devices to hooking techniques. What possible innovation could be left in this field?
Well, that’s what we used to think too. That is until we noticed that little grey box sitting there underneath a monitor, next to yesterday’s dirty coffee cup. The little grey box that is most commonly known as ‚KVM‘.
The talk will tell the tale of our long journey to transform an innocent KVM into a raging key-logging monster.
We will safely guide you through the embedded wastelands, past unknown IC’s, to explore uncharted serial protocols and unravel monstrous obfuscation techniques.
Walking along the misty firmware woods of 8051 assembly we will challenge ambiguous functions, and confront undebuggable environments.
Finally, we will present a live demo of our POC code and show you that air-gapped networks might not be as segregated as you imagined.
You will witness that malware code could actually reside outside your computer, persisting through reboots, wipes, formats, and even hardware replacements.
You might laugh, you might cry, but one thing is certain – you will never look at your KVM the same as before
Our presentation will guide the audience trough an entire research project process: from the choice of a research subject, the learning stage, trough the many failures along the way, and until a complete success is finally achieved.
Our research process provides useful insights for both entry-level and experienced researchers in the hardware hacking area.
This research sheds light on a brand new field that has yet to be uncovered by the security community. We believe that CCC, as one of the world’s largest security convention, will provide the most suitable stage to share our research story and its implications.
And finally, this talk is the product of a long research project which was both fulfilling and exciting, we are confident the audience will relive our experiences throughout the presentation.
Additional information
| Type | lecture |
|---|---|
| Language | English |
More sessions
| 12/27/15 |
Can we build trustworthy client systems on x86 hardware? What are the main challenges? What can we do about them, realistically? Is there anything we can?
|
| 12/27/15 |
Unser Vortrag demonstriert einen PLC-only Wurm. Der PLC-Wurm kann selbstständig ein Netzwerk nach Siemens Simatic S7-1200 Geräten in den Versionen 1 bis 3 durchsuchen und diese befallen. Hierzu ist keine Unterstützung durch PCs oder Server erforderlich. Der Wurm „lebt“ ausschließlich in den PLCs.
|
| 12/27/15 |
Dr. Peter Laackmann und Marcus Janke zeigen mit einem tiefen Einblick in die Welt der Hardware-Trojaner, auf welchem Wege „Institutionen“ versuchen können, sich versteckten Zugang zu Sicherheits-Hardware zu verschaffen.
|
| 12/27/15 |
This presentation covers windows kernel driver security issues. It'll discuss some background, and then give an overview of the most common issues seen in drivers, covering both finding and fixing issues.
|
| 12/27/15 |
Did you ever want to have access to a few hundred thousand network end points? Or a few hundred thousand phone numbers? A short look behind the curtains of how not to do network security.
|
| 12/27/15 |
For years SCADA StrangeLove team speaks about vulnerabilities in Industrial Control Systems. Now we want to show by example of railway the link between information security and industrial safety and demonstrate how a root access gained in a few minutes can bring to naught all the years of efforts that were devoted to the improvement of fail-safety and reliability of the ICS system. Railroads is a complex systems and process automation is used in different areas: to control power, switches, ...
|
| 12/27/15 |
Seven years after presenting „running your own GSM network“, we are back presenting about how to do the same for 3G (UMTS/HSPA) networks.
|
