Kautilya: Teensy Beyond Shell
- Type
- Paper
- Tags
- embedded, penetration testing
- Authors
- Nikhil Mittal
- Event
- Black Hat Abu Dhabi 2011
- Indexed on
- Mar 27, 2013
- URL
- https://media.blackhat.com/bh-ad-11/Mittal/bh-ad-11-Mittal-Kautilya_Teensy_Beyond_Shell-WP.pdf
- File name
- bh-ad-11-Mittal-Kautilya_Teensy_Beyond_Shell-WP.pdf
- File size
- 365.5 KB
- MD5
- 9f63531bbba51f3cfe97a526418a930a
- SHA1
- 1bbeb5ed49a8273273b94dd729d5f5a0ba1ff54b
As hackers, we have been exploiting the inherent trust by Operating System on Human Interface Devices for some time now. Teensy is a USB Micro-controller; a device which can act as a Human Interface Device when connected to a computer and is able to do the job pre-programmed in it. Many interesting things have been done using Teensy as a keyboard. We have mostly seen shells, many types of them. It is time we start looking at Teensy as a pentesting device capable of doing much more than popping shells. Introducing Kautilya, a toolkit which can be used to perform various pre-exploitation and post-exploitation activities. Kautilya aims on easing the use of attack vectors which traditionally require human intervention but can be automated using Teensy. Kautilya contains some nice customizable payloads which may be used for enumeration, info gathering, disabling countermeasures, keylogging and using Operating System against itself for much more. The talk will be full of live demonstrations.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
