KeySweeper
Speaker : Erica
2019 / 12 / 22
Outline
- Introduction of KeySweeper
- Hardware
- Decrypting keystrokes
- KeySweeper Hack
- Reference
Outline
Introduction of KeySweeper
Introduction
What is KeySweeper?
KeySweeper is a stealthy Arduino-based device, covered as a functioning USB wall charger.
It can wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any nearby Microsoft wireless keyboard.
What is GSM?
Global System for Mobile Communications, is currently the most widely used mobile phone standard.
Hardware
Hardware
Arduino / Teensy Microcontroller
NRF24L01+ 2.4GHz RF Chip
Adafruit FONA
AC USB Charger
Decrypting
Keystrokes
Decrypting
This is the decryption method, implemented in the KeySweeper source code:
// decrypt those keyboard packets!
void decrypt(uint8_t* pkt)
{
for (int i = 4; i < 15; i++)
pkt[i] ^= mac >> (((i - 4) % 5) * 8) & 0xFF;
}KeySweeper
Hack
Attack
If KeySweeper is placed in an office or other places where people may use wireless devices, crackers can collect private information.
Crackers can use the vulnerabilities in various communication protocols to transform KeySweeper into a tool that can receive and decrypt content transmitted by other wireless devices.
Thanks for listening.
Reference
- FBI:小心偽裝成USB充電器的盜錄裝置KeySweeper. Retrieved from: https://www.ithome.com.tw/news/106206
- KeySweeper - Samy Kamkar. Retrieved from: https://samy.pl/keysweeper/
- The KeySweeper Hack | Integrated Store Systems. Retrieved from: https://integratedstoresystems.com/the-keysweeper-hack/