

Hacking a network with an infectious mouse. - iamichi
http://pentest.snosoft.com/2011/06/24/netragards-hacker-interface-device-hid/

======
JonnieCache
You can have a some much less malicious fun applying the same idea to old
games controllers. People typically put flash drives in them with an emulator
+ roms. It would be fun to put a whole linux distro on there that boots
straight into the emulator, with a special menu, but I've never seen that.

[http://edshowtos.blogspot.com/2008/06/how-to-make-your-
own-n...](http://edshowtos.blogspot.com/2008/06/how-to-make-your-own-nes-usb-
controller.html) (NES)

<http://forums.benheck.com/viewtopic.php?t=35526> (SNES)

You can find a bunch of other hacks like this on HaD:

<http://hackaday.com/page/1/?s=%22usb+hub%22>

------
unreal37
OMG, my mother's internet was dropping off and on yesterday, and as I was
trying to diagnose the problem, she asked "maybe its the mouse." No mom, your
mouse is not causing the Internet to drop....

Maybe it was the mouse. Damn.

------
MichaelApproved
page not loading. Here's the Google cache
[http://webcache.googleusercontent.com/search?q=cache:9Z4lxiV...](http://webcache.googleusercontent.com/search?q=cache:9Z4lxiV3g68J:pentest.snosoft.com/2011/06/24/netragards-
hacker-interface-device-hid/+http://pentest.snosoft.com/2011/06/24/netragards-
hacker-interface-device-hid/&hl=en&client=firefox-a&gl=us&strip=1)

~~~
iamichi
yeah, that went down very quickly. this url has proper formatting...
[http://webcache.googleusercontent.com/search?q=cache:9Z4lxiV...](http://webcache.googleusercontent.com/search?q=cache:9Z4lxiV3g68J:pentest.snosoft.com/2011/06/24/netragards-
hacker-interface-device-
hid/.&cd=9&hl=en&ct=clnk&gl=uk&source=www.google.co.uk)

------
woodall
How was the payload executed? I've been thinking of trying to write malware
test cases using HID specs, but the article doesn't go into much detail.

~~~
TeHCrAzY
0day vuln in convincing windows to auto-install the device drivers.

~~~
woodall
Should have read better, and realized that IronGeek might have played a role.

[http://www.irongeek.com/i.php?page=security/programmable-
hid...](http://www.irongeek.com/i.php?page=security/programmable-hid-usb-
keystroke-dongle)

------
andrewcooke
cool, but if they were given a single IP to target why could they have the
mouse on another machine? alternatively: if they could attack other machines,
why not use another machine that was exposed via the network? something isn't
consistent.

~~~
thaumaturgy
I'm assuming that they were asked to compromise a typical tightened corporate
network, in which there's only a single external address -- the firewall's --
and therefore that's the only address they had to work with.

In that case, compromising one of the clients behind the firewall is the
typical next step for an attack. (They did a heck of a nice job on that,
though.)

------
VladRussian
so, was the person who plugged in the mouse fired? I mean, while the firing
would be understandably and justifiably "for cause", I personally feel disgust
about provocations.

