Tags
Language
Tags
March 2024
Su Mo Tu We Th Fr Sa
25 26 27 28 29 1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31 1 2 3 4 5 6

Pentester Academy - USB Forensics and Pentesting

Posted By: serpmolot
Pentester Academy - USB Forensics and Pentesting

Pentester Academy - USB Forensics and Pentesting
English | 2015 | mp4 | H264 1280x720 | mp3 2 ch | pdf | 816 MB
eLearning

This course will cover USB in detail with an emphasis on understanding USB Mass Storage devices (also known as flash drives or thumb drives).By the end of this course students will know how to sniff USB traffic using open source tools, be able to write-block USB mass storage devices using software and microcontroller-based hardware, be able to impersonate other USB devices, and understand how to make forensic duplicates of USB mass storage devices. Along the way students will also learn how to use microcontrollers and Udev rules.

A non-exhaustive list of topics includes:
USB basics
- USB hardware
- USB versions
- Connection process
USB classes
- HID
- Mass storage
- Others
USB endpoints
- Interupt
- Bulk
- Isochronous
- Control
Descriptors
- Device
- Interface
- Configuration
- Endpoint
- String
Mass Storage Basics
- Presentation (SCSI hard drive)
- NAND flash limitations
- Communication
- - Command Block Wrappers
- - Data transport phase
- - Command Status Wrappers
Making forensic images and duplicates
- FTDI Vincullum II microcontroller
- Simple compact duplicator
- - Reading sectors
- - Main processing loops
- - Hardware implementation
- - Programming the hardware
- - Improving performance
- More user friendly duplicator
- Adding an LCD screen
USB Write blocking
- Motivation
- Software write blocker
- Hardware write blocker
- Mitigation of BadUSB and similar threats
USB Impersonation
- Motivation
- High level design
- Timers
- Descriptor request handler
- GPIO (buttons and displays)
- Software
- Hardware
- Buttons
- LEDs
- LCDs
Leveraging Open Source
- lsusb
- understanding Linux USB busses
- dmesg
- sniffing USB traffic
- - usbmon
- - WireShark
- - - Viewing descriptors in WireShark
Dealing with Windows-only devices
Using udev rules

Screenshots:

Pentester Academy - USB Forensics and Pentesting

Pentester Academy - USB Forensics and Pentesting

Pentester Academy - USB Forensics and Pentesting

NO MIRRORS PLEASE

WANT MORE? VISIT MY BLOG!


Pentester Academy - USB Forensics and Pentesting