Sensepost Q Division: Hardware tools for close quarter hacking

2 Day u_short 16 CPE Hour Training: August 2020 * AUG 1,2,3

Rogan Dawes, SensePost


"Q Division: Hardware tools for close quarter hacking" is a two day course bringing together the theory and practical operation of a bunch of cool hardware tools that can be used when you can gain physical access or nearby access to an environment. Things like Ethernet Person in the Middle techniques, HID attacks (from Rubber Duckies to WHIDP4wnP1 A.L.O.A and O.MG cable), RF peripheral hacks from MouseJacking to LOGITacker, and covert channel devices (like USaBUSe).


Course Contents

Close quarters attack surface, and the gadgets you need to exploit it:


  • Drop boxes
  • Avoiding detection
  • Transparent proxying of intercepted devices
  • Dealing with 802.1x
  • Connection interception and tampering
  • WiFi, GSM and other remote access techniques

USB Attacks

  • Class Driver basics
  • HID Attacks
    • Typed payload basics
      • Minimising on-screen time
      • Target runtimes: power shell, C#, more ...
    • Mouse jiggling
    • Payloads (traditional, advanced)
    • HID over RF
      • Targeting specific devices (MAC addresses, antennas)
      • Mouse Jacking
    • Covert channels
      • USaBUSe
      • LOGITacker
    • Other types of devices
      • Network interfaces
      • Mass storage
  • Disguising malicious devices
    • O.MG Cable
    • Implanting in innocent carriers

Students will be provided with

A bunch of neat hardware and the knowledge to use it.

Hardware Requirements

  • Laptop - powerful enough to run VMs
  • 8GB RAM minimum
  • 35GB free HDD space minimum
  • USB-A slot or dongle to copy VM

Software Requirements

  • Windows / Linux / macOS
  • One of the following virtualization suites:
  • VMWare Player
  • VMWare Workstation
  • VMWare Fusion
  • VirtualBox