You are viewing a single comment's thread.

view the rest of the comments →

0
0

[–] kltpzyxm ago  (edited ago)

Thats not at all how it works. If it reads as a generic usb device then it doesnt matter what operating system the host operating system uses, all commands will be passed and executed as though they're coming from a legitimate user typing away on the keyboard.

And as for the Teensy itself, its pretty much the defacto standard for home brew keyboards and game controllers because there are several fully functional open source firmware packages available for it. It also works on all operating systems.

As for injecting data, all you have to do is spoof the real keyboard and the os doesnt even realize theres a second transmitter.

0
0

[–] Kal ago 

So linux would just let 'generic usb device' do whatever it wants such as phoning home a log stored on the keyboard hardware itself? How would it even know how to interact with generic usb device? I am pretty ignorant about how exactly Linux would handle an unknown usb device like this, but as far as I understand, it simply wouldn't work until code was written on how to interact with it. Wouldn't Linux devs be asking themselves why the fuck a keyboard wants to phone home?

0
0

[–] kltpzyxm ago 

Its doesnt generally work like that, no. Linux has generic drivers to cover the most common scenarios. A generic USB mouse driver, a USB keyboard driver, a bluetooth keyboard driver, bluetooth mouse, even a generic bluetooth USB driver! The linux devs try to prepare for everything.

There are of course keyboards with extra features like a USB hub, backlighting a trackpad, media controls, you name it.

The generic keyboard drivers actually include media button support, including a lot of keys to open the terminal, open the default browser, Open the file browser, reset wifi and more. Any combination of those could be dangerous.

Theoretically, its possible to open the terminal, paste a string into a file and transfer that file using basic file transfer protocol. Its just highly unlikely.