KeySweeper

Speaker : Erica

2019 / 12 / 22

Outline

  • Introduction of KeySweeper
  • Hardware
  • Decrypting keystrokes
  • KeySweeper Hack
  • Reference

Outline

Introduction of KeySweeper

Introduction

What is KeySweeper?

KeySweeper is a stealthy Arduino-based device, covered as a functioning USB wall charger.

It can wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any nearby Microsoft wireless keyboard.

What is GSM?

Global System for Mobile Communications, is currently the most widely used mobile phone standard.

Hardware

Hardware

Arduino / Teensy Microcontroller

NRF24L01+ 2.4GHz RF Chip

Adafruit FONA

AC USB Charger

Decrypting

Keystrokes

Decrypting

This is the decryption method, implemented in the KeySweeper source code:

// decrypt those keyboard packets!
void decrypt(uint8_t* pkt)
{
  for (int i = 4; i < 15; i++)
    pkt[i] ^= mac >> (((i - 4) % 5) * 8) & 0xFF;
}

KeySweeper

Hack

Attack

If KeySweeper is placed in an office or other places where people may use wireless devices, crackers can collect private information.

Crackers can use the vulnerabilities in various communication protocols to transform KeySweeper into a tool that can receive and decrypt content transmitted by other wireless devices.

Thanks for listening.

Reference

KeySweeper

By oneone

KeySweeper

  • 41