Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!

Mousejacking

Expl01t

Full Registered User
Joined
Aug 8, 2017
Messages
8
Likes
0
#1
I've been looking into this vulnerability recently (it was publicly released circa 1yr ago).
Has anyone (forensic examiners???) investigated any incidents/seen it used in the wild? Would be interested to know.

Basically, it exploits a certain chipset used in wireless mice/keyboards and the proprietary protocol used therein. Although the protocol runs on the 2.4ghz frequency, being proprietary it's not bluetooth or wifi based.

Attacker can 'listen' for vulnerable devices, and then submit keystrokes to the receiving usb dongle which are in turn executed on the victim machine. I've tested it against myself, and obtaining remote shell access to the victim device couldn't be easier.

Remediation is simple - don't use wireless keyboards or mice. However, if you want to use them just make sure they are not vulnerable. Check out Bastille's Mousejack web page for more info on specific vulnerable devices.

Might be one for TSCM (or maybe protection) folks to consider advising against.
 

sekura

Full Registered User
Joined
Sep 7, 2017
Messages
37
Likes
2
#2
This doesn't surprise me in the slightest. 2.4GHz is an ISM band, a pretty cluttered and overused one at that. Many devices which use ISM bands, especially for propriety use, do not take into account security. It is relatively easy to intercept most of these signals, especially for LPD433 devices, which largely use binary dits and dahs. There is much literature in the taking control of garage doors, doorbells, and the like by spoofing the signals of these devices, especially more recently with SDR's such as HackRF.

An exploit of this nature is rather interesting considering the attack vector being rather un though of until recently. With the talk of experimental monitoring of signals emmitted from screens, cable and the like, it's rather funny how something such wireless devices have come and kicked us in the teeth, however gaining root on an unsecure device (in particular IP phones) is a long known way into a network.
 
Top Bottom