Help Community Login Here:  
HomeForumsComputingSoftwareVirus & Malware
\\'elcome to GeekDrop. All Are Welcome! Jump right in and start posting!

Join GeekDrop today (free) for a chance to win a free iPod Touch
Free iPod Touch on GeekDrop.com
in an upcoming contest!
(Be sure to verify your account by clicking the link in your email to be qualified to win)

A Hack on Apple Keyboards (installs a keyloger)



  • Post reply
No replies
Sun, 08/02/2009 - 7:11pm  (1 year 5 weeks ago)
smartmom's picture
From:
 whitetrashrepairs.com
smartmom
is enjoying life to its fullest!
Moderator (Watching Over The Masses)Joined the Dark SidePremium Member (Gold)I'm a Code Monkey!The Steel CurtainI use FirefoxI use Google ChromeI use Internet ExplorerI'm Here To Help, & Have Proven It!Linux UserWindows UserA Messiah (Leader of a popular GD Group)I'm a word nerd, read my blog! (5 Blogs)I donated more than $20+ to GeekDrop!I spend all day Photobucketing!Booga Booga BoogaI took a bite of the AppleI'm MagicThe JokerSTaRDoGG <3's you ;)
Relationship Status: Married
Joined: 01/15/2009
Posts: 6382
Drops: 9282
Mood: Giggly
Groups: Advice Corner, AWESOME!, Broadway!, Game Group, Geekdrop Cafe, GeekDrop Pub, Jokes, Let's go to the Movies, MOM's Group, Sports Den, The Cooks Corner, U.S. Military


Well as much as we hear that there is no issues for those who own Apples there is and it was demonstrated at Blackhat (Defcon 17) this year.

Apple keyboard firmware hack demonstrated

APPLE KEYBOARDS ARE vulnerable to a hack that puts keyloggers and malware directly into the keyboard. This could be a serious problem, and now that the presentation and code is out there, the bad guys will surely be exploiting it.

The vulnerability was discovered by K. Chen, and he gave a talk on it at Blackhat this year. The concept is simple, a modern Apple keyboard has about 8K of flash memory, and 256 bytes of working ram. For the intelligent, this is more than enough space to have a field day.

K. Chen demonstrated the hack to S|A at Defcon today and it worked quite well. You start out by running GDB, and set a breakpoint in Apple's HIDFirmwareUpdaterTool. This tool is meant to update the firmware in human interface devices, hence the name. The tool is run, a breakpoint set, and then you simply cut and paste the new code into the firmware image in memory. That's it.

Here is a mini video of K. Chen showing how it works
 

now in the story they mention a PDF that shows the code

the story wrote:

The new firmware can do anything you want it to. K. Chen demo'd code that you put in a password, and when you hit return, it starts playing back the last five characters typed in, LIFO. It is a rudimentary keylogger, a proof of concept more than anything else. Since there is about 1K of flash free in the keyboard itself, you can log quite a few keystrokes totally transparently. If you want the code, it is on page 170 of the PDF presentation linked above.

You can read the code PDF HERE

So why didn't they just tell Apple about this?

Apple Keyboards Vulnerable to Firmware Hack

They would've told Apple about this, but the last few times when they called Apple in similar cases, the company didn't even return their calls. "Don't believe them when they try to spin this as minor, owning a keyboard gives you ownership of a system."

Chen can write a tool to lock down the firmware, he says, but he's waiting for a possible official solution from Apple before he attempts to do so. However, he is afraid that Apple will fix this in current and future versions of Mac OS X only, leaving the keyboards open to be attacked from other sources. The fix needs to be implemented at the hardware/firmware level, he says.

 

 

Help us share the love?
  • Facebook
  • Twitter
  • MySpace
  • Delicious
  • StumbleUpon
  • Google Buzz
Top
  • reply
  • 137 reads
  • quote
  • Post reply
All contents ©Copyright GeekDrop 2009-2010