Infectious Media – Bypassing AutoRun once and for all

DerbyCon 1 - 2011

Presented by: Joshua Kelley (winfang98)
Date: Sunday October 02, 2011
Time: 13:00 - 13:50
Location: Track 1

The original teensy research allowed us to drop downloader stagers via keyboard emulation. BSIDES LV this year we figured out a way to drop binaries purely through keyboard emulation. This is awesome however take a long time to write out hexadecimal representations of a binary, do binary conversion and execute. In this talk we’ve upped the game, changed the game, we’ve figured out a way to leverage the Teensy device to copy over a full binary in just a few seconds all through keyboard emulation. This to my knowledge has never been done and is pretty slick. How? …. Guess you’re going to have to come to this talk Let’s bypass autorun once and for all…

Joshua Kelley

Josh Kelley is a security engineer at a Fortune 1000 company where he specializes in penetration testing, exploit development, and hitting people with sticks. Josh has contributed to the Social-Engineer Toolkit Teensy payloads. Josh has presented at Defcon 18, Blackhat, BSIDES Las Vegas, and a number of other security related conferences.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats