DeepSec 2022 Talk: Wireless Keystroke Injection As An Attack Vector During Physical Assessments – Simonovi Sergei
A lot of wireless input devices are vulnerable to keystroke injection due to the lack of security mechanisms, which makes it a perfect attack vector. During the attack, an attacker can send any text string to the victim machine acting as a remote keyboard, which can lead to quick and stealthy compromise of the system. No antivirus software shall spot the attack, as the keyboard, even remotely, is not malicious by itself and is always trusted.
We asked Simonovi Sergei a few more questions about his talk.
How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?
I came up with the idea of using a wireless keystroke injection during one unfortunate physical engagement, during which my team could not get any foothold using regular methodologies. The next day I gave the “Mousejack” a try and ended up with a decent foothold which led to the active directory compromise.
Why do you think this is an important topic?
Many people prefer wireless non-bluetooth keyboards and mice, as they don’t require any cable management and look more modern than their wired predecessors. Nobody wants to be behind the times. But, what people do not realise is that their wireless devices could be vulnerable and this could lead to a full system compromise. If we imagine the amount of people using wireless input devices, it becomes clear that the attack surface is really vast.
Is there something you want everybody to know – some good advice for our readers maybe?
Always use trusted bluetooth keyboards and mice, I guess. There is always the probability of getting hacked just because of a cheap, vulnerable keyboard.
A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?
As for future plans, there is a research to be done in order to identify more vendors and products which might be vulnerable to wireless keystroke injection.
Sergei was passionate about computers from childhood. He started his IT Career as a service technician, slowly moving towards network and system administration, then to DevOps and finally ending up in cyber security. Became AWS Certified in 2019. Obtained the OSCP Certification in April of 2022.