The USB device seen plugged in on the right of this image was found in between the keyboard and USB port of the company computer belonging to a Senior Executive. [Brad Antoniewicz] was hired by the company to figure out what it is and what kind of damage it may have done. He ended up brute forcing an unlock code to access the device, but not before taking some careful steps along the way.
From the design and placement the hardware was most likely a key logger and after some searching around the Internet [Brad] and his colleagues ordered what they thought was the same model of device. They wanted one to test with before taking on the actual target. The logger doesn’t enumerate when plugged in. Instead it acts as a pass-through, keeping track of the keystrokes but also listening for a three-key unlock code. [Brad] wrote a program for the Teensy microcontroller which would brute force all of the combinations. It’s a good thing he did, because one of the combinations is a device erase code hardwired by the manufacturer. After altering the program to avoid that wipe code he successfully unlocked the malicious device. An explanation of the process is found in the video after the break.
Continue reading “Brute Force Used To Crack A Key Logger’s Security Code”
[Irongeek] is up to his old tricks once again with this new key logger prototype. It’s in the early stages, as attested by the breadboard built circuit, but [Adrian] still gives us a demo video after the break showing where he’s at right now. It comes in two flavors, the USB pass through seen above, or another that still connects to the computer via USB but functions with a PS/2 keyboard.
Aside from the obvious issue of a key logger stealing everything you type, there’s some prank value in this device too. The Teensy has more than enough processing power to watch what you typing and make changes as it goes. He shows off blatant rewrites, like changing “has” to “haz” or “you” to “U”. We think it would be better to change things like “they’re” to “their” or “it’s” to “its”. These would be very difficult to see happening and if you added randomness to how often the replacements occur, your victim would sooner come to the conclusion that they’re going crazy than that they’re the target of a little hazing. In fact, that’s probably the reason for our own grammar errors though the years; blast!
Continue reading “USB And PS/2 Key Loggers And Mess With Your Grammar”