rickmark

    private func getKeychainCopy() -> (URL, SecKeychain) {
        let tempDirectoryURL = NSURL.fileURL(withPath: NSTemporaryDirectory(), isDirectory: true)
        
        let tempKeychainFile = tempDirectoryURL.appendingPathComponent("\(UUID().uuidString)-demo.keychain")

        var keychain: SecKeychain?
        assert(SecKeychainCreate(tempKeychainFile.absoluteString.toUnixPath(), 0, "", false, nil, &keychain) == kOSReturnSuccess)
        
        var privateKey: SecKey!
        var publicKey: SecKey!

rickmark

//
//  Syscalls.c
//  InvalidSyscall
//
//  Created by Rick Mark on 1/15/19.
//  Copyright © 2019 Dropbox. All rights reserved.
//

#include <stdio.h>
#include "Bridge.h"

rickmark

<html>
<head>
<title>BadUSB on the Web</title>
</head>
<body>
  <form action="#">
  <a id="gesture" href="#">Click Me</a>
</form>
<script>

rickmark

AtiEnableCrtcInterface_V1
AMDRadeonX4000_AMDVIsDMAEngine
AMDRadeonX4000_AMDPitcairnHardware
IO80211RangingManager
AMDRadeonX4000_AMDHWVMM
IGHwCsStatsTracker
AppleDisplay
IOSharedInterruptController
IOUSBHubDevice
IOUSBMassStorageCBIDriverNub

rickmark

Process:               UpdaterStartupUtility [691]
Path:                  /Applications/Utilities/Adobe Application Manager/*/UpdaterStartupUtility
Identifier:            UpdaterStartupUtility
Version:               10.0.0.19 (10.0.0.19)
Code Type:             X86-64 (Native)
Parent Process:        ??? [1]
Responsible:           UpdaterStartupUtility [691]
User ID:               738244202

Date/Time:             2019-05-12 13:19:47.288 -0700

rickmark

From d7b0dd52f3b3b38126504b17d2d9c9ceaa572edf Mon Sep 17 00:00:00 2001
From: Rick Mark <[email protected]>
Date: Mon, 13 May 2019 19:06:46 -0700
Subject: [PATCH] Security checks in USB configurations

---
 drivers/usb/core/config.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)

diff --git a/drivers/usb/core/config.c b/drivers/usb/core/config.c

rickmark

diff --git a/drivers/usb/core/config.c b/drivers/usb/core/config.c
index 6a287c81a7be..331aacaa1dba 100644
--- a/drivers/usb/core/config.c
+++ b/drivers/usb/core/config.c
@@ -27,8 +27,16 @@ static int find_next_descriptor(unsigned char *buffer, int size,
 	unsigned char *buffer0 = buffer;
 
 	/* Find the next descriptor of type dt1 or dt2 */
-	while (size > 0) {
+	while (size >= sizeof(struct usb_descriptor_header)) {

rickmark

Sampling process 42433 for 3 seconds with 1 millisecond of run time between samples
Sampling completed, processing symbols...
Analysis of sampling qemu-system-ppc (pid 42433) every 1 millisecond
Process:         qemu-system-ppc [42433]
Path:            /Users/USER/*/qemu-system-ppc
Load Address:    0x107886000
Identifier:      qemu-system-ppc
Version:         0
Code Type:       X86-64
Parent Process:  bash [42432]

rickmark

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:79:a9:44:b0:8c:11:95:20:92:61:5f:e2:6b:1d:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
        Validity
            Not Before: Oct 22 12:00:00 2013 GMT
            Not After : Oct 22 12:00:00 2028 GMT

rickmark

Process:               1Password 7 [1361]
Path:                  /Applications/1Password 7.app/Contents/MacOS/1Password 7
Identifier:            1Password 7
Version:               7.3.2 (70302004)
Code Type:             X86-64 (Native)
Parent Process:        ??? [1]
Responsible:           1Password 7 [1361]
User ID:               501

Date/Time:             2019-11-05 20:15:46.658 -0800