Key Stroke Injection
Summary
This document describes Keystroke Injection and it's different usecases. It lists a selection of tools and how to protect a system against such attacks.
Keystroke Injection describes the act of simulating keystrokes by a real person. In fact the keystrokes are generated by a script or other software. Thus wantet and unwanted inputs can be entered very fast. This works over the HID protocol (human interface device), with which every common keyboard works. Because computers trust human input in the form of keystrokes.
To show the actual danger by Keystroke Injection attacks, mostly done with rogue USB flash drives, some authors published the paper Users Really Do Plug in USB Drives They Find on IEEE in May 2016. It shows that 45-98% of the users plug in a found USB flash drive, mostly with the intention to find the drive's owner.
Usage
Text here
Automation
Text here
Penetration Testing
Text here
Hacking
Text here
Tools
Text here
Rubber Ducky
Text here
Pocket Admin
https://www.electronics-lab.com/project/pocketadmin-keystroke-injection-device/
USB Ninja
Bash Bunny
https://shop.hak5.org/products/bash-bunny
Standard Hardware
many sources on internet show manipulated peripheral devices with built in keystroke injection hardware/software
Possible Protections
Text here
https://opensource.googleblog.com/2020/03/usb-keystroke-injection-protection.html
Duckhunt - Windows Defender
https://medium.com/@maarten.goet/defending-against-weaponized-hardware-windows-defender-atp-microsoft-intune-to-the-rescue-80aba28067fe http://konukoii.com/blog/2016/10/26/duckhunting-stopping-automated-keystroke-injection-attacks/
References
- M. Tischer et al., "Users Really Do Plug in USB Drives They Find," 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA, 2016, pp. 306-319, doi: 10.1109/SP.2016.26.
- https://google.com