Table of contents
Lab 10 - Side-Channel Pranking and Remote Mouse Handling
It’s the last lab of the semester. Since we’re talking about security lets have some fun with side-channel analysis. And by that we realize that our device isn’t up to snuff for 99% of the actual ‘sniffing’ that can be done, so let’s do some keyjacking instead. And by keyjacking I mean setting yourself up for annoying future coworkers.
Be nice with this!
Lab signoff
Before you leave for the day, (minimally) show me:
- Your mouse jiggling by itself
- Your computer unexpectedly showing a message popping up (as a result of your device)
Make your backup
We’re going to be “starting fresh” and then merging our two scripts. So, backup last week’s code and create a new code.py file.
Getting started
Ensure you have the adafruit_circuitplayground and adafruit_hid libraries installed.
First, the side-channel
What is side-channel analysis (or, attacks)? This wiki page should clear things up! Essentially, we’re using some sort of device to figure out how to break into a system. Could be by monitoring power, listening to keypresses from far away, or reading a device’s on-board cache (like Meltdown and Spectre.
One thing you could do is to listen in on mechanical keyboard presses using your on-board mic and try to figure out what keys were pressed, though that ends up being a lot of analysis (and, we just don’t have the RAM/space available and you probably don’t want to setup a local program on your computer to read in all that data and then analyze it…).
So, we’re going to use our devices, for now, to irritate others in your office. Seems like a reasonable tradeoff.
Comence the jigglin’
Let’s use the HID library to mess with the mouse. We’ll start with pressing the A button to make it jiggle. Later, you’ll change its behavior so don’t get too attached to this.
import usb_hid
import time
import math
from adafruit_hid.mouse import Mouse
from adafruit_circuitplayground import cp
mouse = Mouse(usb_hid.devices)
trigger_mouse = False
# Move mouse in a circle for a duration
def jiggle_mouse(duration=10, radius=5):
start = time.monotonic()
angle = 0
while time.monotonic() - start < duration:
dx = int(radius * math.cos(angle))
dy = int(radius * math.sin(angle))
mouse.move(x=dx, y=dy)
angle += 0.2
if angle > 2 * math.pi:
angle = 0
time.sleep(0.02)
cp.pixels.fill((0, 0, 0))
time.sleep(2)
while True:
if cp.button_a:
trigger_mouse = True
if trigger_mouse:
time.sleep(3) # wait for them to actually leave
jiggle_mouse(duration=8) # confuse them if they glance back
trigger_mouse = False
time.sleep(0.1)
If you run this you should the mouse sporadically moving in a circle on Button A press.
Write something to the user
Let’s mess with them a bit more. Now, we’ll pop open a text file and write them a message. First though, this one will depend on the operating system as Windows and Mac and Linux all are slightly different. You can manually set a variable at the top, but OS detection isn’t easy for CircuitPython (as far as I can tell).
At the top set your OS:
OS = "windows" # or "mac" or "linux"
Add a few more imports at the top as well:
from adafruit_hid.keyboard import Keyboard
from adafruit_hid.keyboard_layout_us import KeyboardLayoutUS
from adafruit_hid.keycode import Keycode
Create the variables to hold keyboard info near where you created your mouse variable:
kbd = Keyboard(usb_hid.devices)
layout = KeyboardLayoutUS(kbd)
And then add a function that takes a string to write:
# pop open a text editor and write a message to the user
def write_message(s):
if OS == "windows":
kbd.press(Keycode.WINDOWS, Keycode.R)
kbd.release_all()
time.sleep(0.5)
layout.write("notepad")
kbd.press(Keycode.ENTER)
kbd.release_all()
time.sleep(1.5)
elif OS == "linux": # assumes your terminal shortcut is Ctrl+Alt+t
kbd.press(Keycode.CONTROL, Keycode.ALT, Keycode.T)
kbd.release_all()
time.sleep(1.5)
layout.write("nano /tmp/busted.txt")
kbd.press(Keycode.ENTER)
kbd.release_all()
time.sleep(0.5)
else: # mac
kbd.press(Keycode.COMMAND, Keycode.SPACE)
kbd.release_all()
time.sleep(0.5)
layout.write("TextEdit")
kbd.press(Keycode.ENTER)
kbd.release_all()
time.sleep(1.5)
layout.write(s)
time.sleep(0.5)
In your while loop:
if cp.button_b:
write_message("You shouldn't leave your computer unlocked!")
I only tested this with Linux and Windows. If it doesn’t work on your Mac check the shortcuts and commands.
The homework
No homework - get your term projects done. Signoff only this week!
Want extra credit? Turn your device into a mouse
Follow this guide and make your device a mouse. Might be a neat intro to accessibile devices! Turn it in as part of your Blackboard signoff and tell me you did it.