Arthur Villeneuve and Franck Bitsch discuss their research at DFRWS EU 2019.Arthur: Good morning. My name is Arthur, this is Franck. We are going to talk about malicious HID devices. We represent what is HID devices just after. We’re working for a French bank.
The agenda today: we will start with a short introduction about HID devices, and typically the presentation will look at malicious HID devices. We will spend some time on attacker possibilities; Franck is doing the blue team, so the defence side; I am on the red team, so the attacker side. And Franck will use some practical malware forensics on the malicious HID devices, and what information can be extracted from a chip, and finally some takeaways.
Franck: So first things first, what is an HID device? HID stands for human interface devices, and basically it’s a device that takes input from a user, you know them as a keyboard or a mouse. These devices can be subverted to be malicious.
If you remember six years ago, the NSA Toolbox leaked in the press: one of the implements was a Cottonmouth. Cottonmouth is an HID implant which embeds two modules: the [inaudible]; and the second module is a howlermonkey, which is a radio frequencies model allowing to remote control the device.
Ten years ago, these kinds of modules cost about $20,000 for one; since far cheaper options have been designed and they’re available for anybody.
Arthur: I think most of you have heard of rubber ducky. It’s one of the most well-known HID devices and one of the first available on the internet. It’s pretty simple: you plug what seems to be a USB key and it simulates a keyboard and executes a payload. The payload is stored on the SD card, so it’s a compiled binary on the SD card, FAT32. That’s simple, that’s just similar to a keyboard.
There is far more interesting devices, and this one, the WHID injector is very interesting because it is used for wifi and for the rubber ducky, you have only the USB connection; for this one you have wifi. Wifi as an access point, or as a client. So it means you can connect on the board, or you can tell the bot to connect on the wifi, for example.
It has many interesting features, such as a serial port which can be used to exfiltrate data, so it’s interesting. And it’s pretty easy to hide the chips with some soldering skills. For example, we have recognised this mouse. So basically the chip is inside the mouse, so the mouse is fully functional, but it can also simulate a keyboard and launch some payloads. So it’s a really really interesting device, we can [indecipherable] this one for a demonstration at the bank.
And the last one is the USB ninja. It’s the most recent, I think. The interesting feature is that you can start the payload remotely due to Bluetooth, so that’s an interesting feature. So you can be away from your targets, you just click on your phone and the payload is executed. The most complicated part is that if you want to store payload on the cable, which looks like a fully functional cable, you have to recompile an Arduino program and upload it on the bot. So it’s a little expensive for what it is, but the factors are interesting.
So, attackers’ perspective with these kinds of devices. Maybe some of you have seen Mr. Robot. During the season 1, they want to infiltrate, I think it’s a prison, a jail. And Darlene drops a USB key at a parking. And the USB has HID devices which start a payload to gain remote access.
You have many ways to do this. The most simple, and the most used by malware, is actually to start PowerShell, so you just open and tap this line, and you have remote access to the computer. So the user will see, but if it is done quickly it is almost invisible. So it’s really interesting, that is one opportunity I think the product will catch this line, but you can do some things such as use lolbins to [indecipherable] Windows binary to download a program, for example Certutil or Bitsadmin. And you can drop embedded files within the payload and execute them, for instance. You can do what you want.
With the WHID cactus, you have a serial port. On Windows 10, serial ports are automatically linked to COM ports, so you can talk with the COM ports. It’s pretty simple, you just write a simple payload; you read on the code the file you want to infiltrate, and you can infiltrate all available COM ports and try to [indecipherable] on all ports. There will be a good one, and normally you will be able to exfiltrate data.
But you still need to get access to the weaponised object to get the file back, or if you have the wifi it’s OK. Maybe you will not need to get the device back, it really depends on the context.
So I will let Franck talk about some forensics of what we have done with the mouse.
Franck: Now on the blue team side, [indecipherable] an incident related with a malicious device.
I will start with an alert. Somehow an alert is raised: maybe it’s a ULP system, or an event management tool or a user that reaches you because it spotted suspicious activity. So you take out your basic forensics IR. So you collect the targeted devices; you dump your data; you run your tools; you extract indicators of compromise and you give them to your security team; and you hunt on the networks to see if there is another device related to this attack. And then you repeat the process.
OK. Now, as you may know, Windows is full of useful artifacts. From our perspective, when we are using these kinds of incidents, we always pass through USB user preview, and in our case we put that 15:46 and the USB device is connected. And at the exact same time, you can see that there is another HID device connected. So we have the mouse here, and at the same time we can see that you have a serial device with another VID identification, and a USB hub, and this must place another during the process.
And by the way, if you want to know all about the mcache hive, you want to read the paper written by Blanche, she is here today.
So when we review the bottom line, within that USB device that was connected, when we review the Windows event log, two specific Windows event logs were very useful for us.
So the first one is the event ID 225, which means your USB cannot currently be removed because it is being used by a process — in our case, Powershell — and we make a link to the device that can be not removed. And in our case, remember, the suspicious VKID. So you definitely want to review if any current ID related to Powershell is present.
And we were in the event log 600 ensures the command line runs on the computer with an [indecipherable], it makes this 64-encoding, so it’s difficult to decode. And when you decode it, you can see what the attacker wants to target. So in your case, we want that we trace the content of a specific file [indecipherable].
So at this moment, we know that the HID device was used to launch a Powershell payload. So we don’t panic, of course; we can retrieve the USB device, and now what to do for the [indecipherable] of the device?
The basic rule: do not connect a USB device untrusted on your computer! I know it’s a kind of classic rule, but it can happen even to the best of the best. And I can hear some of you in the room saying “Yeah, yeah, blah blah blah, I have a Mac or a Linux, I am secure, booyah,” but what if you may be able to connect the USB key there? The device will discharge about 200 volts through USB on the device, and this could be fatal for your lovely computer. Or you may be able to connect USB device like a proof of concept, Mr. Self Destruct from Mike Grover, and [indecipherable] the best really is some [indecipherable] or explosions.
So the basic process in such a case: you have to do some external and internal inspection to determine if there is a storage available for this [indecipherable]. At some time we have to tear down the device. Adn even with the data dump, you have a great chance to have to open the device.
The simple case: rubber ducky. You extract the card, you have the data, you use your favourite tool to retrieve it. There is already a tool available.
Arthur: Just a precision: the tools are used to reverse the payload, because payloads are binary, so the tools have to be careful about the [indecipherable], because as it simulates a keyboard, basically, we use a French keyboard but by default the payload is a US keyboard, so we have to look out for that in terms of Powershell. And if you have to analyse one of these, be careful of its layout. It could be a source of [indecipherable].
Franck: And in this case is a process well finished, but in our case the WHID injector was hidden inside a mouse, and [indecipherable]. We see here on the other side, a wifi module with a shield, OK? So we have to show them other things, so you put off the shield and you find the ESP module and just a flash memory. [Indecipherable] we can assume in this memory — in this chip — we can find the data that can be interesting.
So let’s try to dump this flash memory. So the basic process: we unsolder the chip to avoid any potential interference. On this kind of [indecipherable] there is little chance for interference, but if you are dealing with a circuit you might have a problem on the PC. And you solder it back on the breakout board to access more quickly to the pin. And this is an SPI pin, so you connect on this pin and you invoke the holy spirit of electronics, and you will see if it works.
Our chip is supported by flashrom. Flashrom is a kind of [indecipherable] tool that supports a lot of flash memory. And basically, it talks to the chip for you and extracts your data if you have [indecipherable] connection in the [indecipherable]. So you use your best tool in forensics to test if the data is available.[Indecipherable] The data seems readable. If the target chip is not readable, you can use a tool like HydraBus. With such a tool, you could talk to the chip with the supported command to read the data, so you see right here the command supported by the chip to read the data. When you use this, you can specify the data to send to the chip and check the returns. And you can set it to record the data.
This chip uses SPIFFS — SP flash file system — for storage. We are not able to fully understand it. We are working on it. But we are going to exploit the wifi configuration, with some interesting intel, and some intel about the attackers giving us great information. If there is any [indecipherable] on the attacker side, we can see [indecipherable].
So some [indecipherable] learned that the attackers tried to exfiltrate the content of the JPEG file. And after this, hundreds of data with a [indecipherable], we were able to recover the stolen data, which is in this case available for them.
Now if we speak about USB ninja, if we keep the same process, somehow your forensic analysis leads you to the device, but in this case it could be more complicated to access the hardware. Basic rules: tear down all the things, again.
So this one is quite tricky. We need to open it to access to try to dump the [indecipherable] and do the same thing for the [indecipherable]… and we are still going on this one, so stay tuned.
So a few takeaways: as you will see from the keynote yesterday and now today, there is a lot to be done in the forensics field. The key to success is equipment and practice, practice, practice. You have to fail to get it.