moses_373 151 Posted October 9, 2014 I was just learning a little more about a new exploit that's been discovered in usb hardware called badusb. Apparently it's a pretty big security threat because a usb drive can masquerade as another device (say a keyboard, or a printer, or perhaps an Xbox 360 controller...). From what I understand it can be used to fake its way onto an otherwise locked down system and then use it's hidden programming to exploit said system, Trojan Horse style.It has nothing to do with the Xbox (at least not for now anyway) but, I'm wondering if those with more knowledge and expertise might have some input as to whether or not it could be useful in exploiting an Xbox system (I'm looking at you Swizzy). Quote Share this post Link to post Share on other sites
Swizzy 2084 Posted October 9, 2014 The thing about this exploit is that most usb devices cannot act as a completely different device... It is however a possible way in if the device you fake yourself to be is elevated enough, look at the PS3Jailbreak for instance, it was a USB hub that it was emulating and for some reason it was granted higher execution access then it should have... What the badUSB exploit is all about is however converting a keyboard into something else and so on... while the PS3Jailbreak thing was basically a development board (kinda like Teensy) these devices let you program any firmware onto it, it'll tell the console/computer/whatever device you put it in exactly what you told it to Microsoft isn't likely to have made the same mistake that Sony did with the USB thing which allowed PS3Jailbreak to exist in the first place... 1 Quote Share this post Link to post Share on other sites
Dr.Gonzo 392 Posted October 9, 2014 With the Dev Boards, you could send long descriptors to PS 3 via USB. In very long descriptors, the PS3 reacts with buffer overflows, which was used in the past, to smuggle Code onto the stack from the PS3 and start code. For the Bad Usb Exploit, in the first the exploit overwrite Stock Firmware on USB Controllers with Exploit Code. I am working in a high-performance computing Datacenter. We have computers whose USB and other Hardware controllers are accept only firmwares that are encrypted/keyed. I reckon, it will be the same on Xbox One. 2 Quote Share this post Link to post Share on other sites
