Company: Bentley Systems
“What the HID! How Blue and Red Teams can deal with HID Attacks”
Since the first public appearance of HID Attacks, many awesome researches, tools and devices have been released.
However, Offensive Security folks were always seeking cheap and dedicated hardware that could be controlled remotely (i.e. over WiFi or BT). And this is how WHID Injector and P4wnP1 were born.
WHID stands for WiFi HID injector, it is an USB Rubberducky on steroids, designed to fulfill Pentesters needs during their engagements. It can be easily controlled over the WiFi network and can potentially bypass air-gapped environments.
P4wnP1 is a tool based on RaspberryPi Zero W and it is a Bashbunny on Steroids. It has many cool features like Win10 Lockpicker, HID backdoor (which bypasses air-gapped environments as well), a call-home feature, etc.
During the talk we will see in depth how WHID & P4wnP1 were designed and we will compare their features. And (Murphy permitting) You will see them in action! 😎 We will also look which tools and techniques Blue Teams can use to detect and mitigate this kind of attacks.
Luca Bongiorni is working as Principal Offensive Security Specialist. He is also actively involved in IT Security, where the main fields of research are: Radio Networks, Reverse Engineering, Hardware Hacking, Antani, Internet of Things and Physical Security. Since 2012 is keeping a closer eye on FSB operations within Baltics.
Get promotions and special offers directly to your inbox.