Kastriot Fetahaj - 0Keyboard (a simple keyboard with the evil inside) - BSides Prishtina 2022
0Kyeboard is a hardware tool developed for physical Red Team engagements that is run by Kali Linux and can be controlled remotely from WIFI or Bluetooth. 0Keyboard is based on a simple USB keyboard and inside it is implanted a Raspberry Pi Zero W and the USB Hub. When the victim plugs the keyboard into the USB the keyboard will work like a normal one, but at the same time, a person that has plugged a malicious Raspberry Pi Zero W is a victim of different types of attacks on a PC or on the network. Inside the Raspberry Pi Zero W is installed Kali Linux and P4wnP1 A.L.O.A. P4wnP1 A.L.O.A. is a framework that turns a Raspberry Pi Zero W into a flexible, low-cost platform for pen-testing, red teaming, and physical engagements. More about P4wnP1 A.L.O.A: https://github.com/RoganDawes/P4wnP1_aloa 0Keyboard can ack as the following devices when is plugged into a PC: • USB Ethernet (RNDIS and CDC ECM) • USB Serial • USB Mass Storage (Flashdrive or CD-Rom) • HID Keyboard • HID Mouse 0Keyboard is capable to make different types of attacks including: • HID keystroke attacks using WIFI • Network scan and other types of network attacks using WIFI or USB Ethernet • Extract data from the PC using USB Mass Storage The following topics are covered as part of the presentation: • Introduction and Presentation • What is 0Keyboard • How is made 0Keyboard • Cost analyses for 0Keyboard • Type off attacks that 0Kyeboard can do • Live demo (USB keystroke attack)
0Kyeboard is a hardware tool developed for physical Red Team engagements that is run by Kali Linux and can be controlled remotely from WIFI or Bluetooth. 0Keyboard is based on a simple USB keyboard and inside it is implanted a Raspberry Pi Zero W and the USB Hub. When the victim plugs the keyboard into the USB the keyboard will work like a normal one, but at the same time, a person that has plugged a malicious Raspberry Pi Zero W is a victim of different types of attacks on a PC or on the network. Inside the Raspberry Pi Zero W is installed Kali Linux and P4wnP1 A.L.O.A. P4wnP1 A.L.O.A. is a framework that turns a Raspberry Pi Zero W into a flexible, low-cost platform for pen-testing, red teaming, and physical engagements. More about P4wnP1 A.L.O.A: https://github.com/RoganDawes/P4wnP1_aloa 0Keyboard can ack as the following devices when is plugged into a PC: • USB Ethernet (RNDIS and CDC ECM) • USB Serial • USB Mass Storage (Flashdrive or CD-Rom) • HID Keyboard • HID Mouse 0Keyboard is capable to make different types of attacks including: • HID keystroke attacks using WIFI • Network scan and other types of network attacks using WIFI or USB Ethernet • Extract data from the PC using USB Mass Storage The following topics are covered as part of the presentation: • Introduction and Presentation • What is 0Keyboard • How is made 0Keyboard • Cost analyses for 0Keyboard • Type off attacks that 0Kyeboard can do • Live demo (USB keystroke attack)