Black Hat USA 2013 - Revealing Embedded Fingerprints: Deriving intelligence - USB stack interactions

46:53 296 views 100% Published 8 years ago

By: Andy Davis

Embedded systems are everywhere, from TVs to aircraft, printers to weapons control systems. As a security researcher when you are faced with one of these "black boxes" to test, sometime in-situ, it is difficult to know where to start. However, if there is a USB port on the device there is useful information that can be gained. This talk is about using techniques to analyze USB stack interactions to provide information such as the OS running on the embedded device, the USB drivers installed and devices supported. The talk will also cover some of the more significant challenges faced by researchers attempting to exploit USB vulnerabilities using a Windows 8 USB bug recently discovered by the presenter (MS13-027) as an example.

Watch on YouTube

Black Hat USA 2013

Black Hat USA 2013

From 06/02/2014 to 06/02/2019 in Las Vegas, United States