Sus Serial Bus

The keyboard: an innocuous human interface device. Operating systems trust them completely. However, an automatic keyboard that fits in a USB form factor can be used to hijack any computer in seconds!

Comment

Inspiration

An Arduino Leonardo that fits in a USB form factor and which can be used with the Keyboard API to send keypresses automatically via USB. The inspiration for the name comes from the interface, USB, which stands for Universal Serial Bus. Our Serial Bus isn't universal, but it is a little suspicious. Hence: Sus Serial Bus.

What it does

Suppose an unsuspecting person finds this device on the ground and brings it back to their computer. When he plugs it into his Windows computer, it begins typing a series of keystrokes at lightning speed that installs a malicious program that runs in the background. This background malware communicates with a web panel for stats and control of each individual infected PC.

How we built it

  1. We used Arduino IDE and C++ to code the Sus Serial Bus itself, which types the code to download the payload.
  2. The payload (by Ryan) is a Powershell script that installs itself into the Windows startup directory and gets all the information about the infected PC, along with initiating a loop to send the clipboard when it changes and an image of the screen every few seconds. The loop also monitors the server for commands to execute.
  3. The beautiful dashboard (by Ben) aggregates all the most recent data about each infected PC. It receives data via a Supabase database API endpoint and stores historical data in the various tables.

Challenges we ran into

  1. Learning the database system (Supabase) and how to interact with it with cURL.
  2. Timing problems with the automated typing.
  3. The Powershell script wasn't working on startup.

Accomplishments that we're proud of

  1. General visual of the dashboard, and being able to see the screen of the infected PC.
  2. The speed at which the hack takes place and the amount of useful information being sent back to the dashboard.

What we learned

  1. We learned a lot about this specific vulnerability. It's something that a lot of people wouldn't think of. Most tech people would probably feel safe plugging in a suspicious USB thinking they can outsmart it, but you can't really outsmart a keyboard that hacks your computer in under a second.
  2. Databases (Supabase specifically). There were a lot of challenges overcome by both of us relating to SQL commands via the API endpoints.

What's next for Sus Serial Bus

  1. More features such as WiFi passwords.
  2. Keylogger.
  3. True reverse shell.
  4. Interactive remote desktop control.
  5. Support for multiple OSs.

GitHub Repo

https://github.com/bentzi-shuster/SusSerialBus

Built With

Share this project:

Updates