The official hash tag for HITBSecConf2010 - Amsterdam is #HITB2010AMS
Come see your tweets fly around our on-site Twitter wall!

Niels Teusink (Penetration Tester, Fox-IT)

Presentation Title Owned Live on Stage: Hacking Wireless Presenters
Presentation Abstract

A wireless presenter is basically a wireless keyboard with only a couple of buttons. What if you could use the buttons that are not physically present on the presenter? What if you could send random keystrokes to Steve Jobs’ computer during his keynote or to the laptop of someone giving a presentation at a major security conference? I created the hardware to do exactly this and you can build it for less than EUR40 using an Arduino and a cheap wireless module.

This talk describes the process of reverse engineering modern 2.4Ghz wireless presenters sold by Logitech. It also details the creation of a combination of hard- and software that allows an attacker to actively scan for these devices and send custom keystrokes to them. The result: remote code execution (and possibly public humiliation). I will show how it is possible to get a meterpreter on the system using this technique.

Using a wireless mouse? This kind of attack may affect you as well; in my talk I will show what can happen and how.This research will be presented publically for the first time at Hack in the Box.

About Niels

Niels holds a bachelor degree in Computer Science and has been experimenting with IT security for over a decade. He has worked for Fox-IT since 2005; first as a software engineer and since 2007 as a penetration tester. He has since performed dozens of penetration tests for all sorts of companies, including governments, banks and nuclear installations. He has been a speaker at HAR2009, OWASP-NL and Dutch Universities. When he can find the time, Niels likes to travel to Ireland or Russia. He has a personal technical blog on blog.teusink.net.