Uncategorized

Usbsas : Tool And Framework For Securely Reading Untrusted USB Mass Storage Devices

usbsas is a free and open source (GPLv3) tool and framework for securely reading untrusted USB mass storage devices.

Description

Following the concept of defense in depth and the principle of least privilege, usbsas’s goal is to reduce the attack surface of the USB stack. To achieve this, most of the USB related tasks (parsing USB packets, SCSI commands, file systems etc.) usually executed in (privileged) kernel space has been moved to user space and separated in different processes (microkernel style), each being executed in its own restricted secure computing mode.

The main purpose of this project is to be deployed as a kiosk / sheep dip station to securely transfer files from an untrusted USB device to a trusted one.

It works on GNU/Linux and is written in Rust.

Features

usbsas can:

  • read files from an untrusted USB device (without using kernel modules like uas, usb_storage and the file system ones). Supported file systems are FAT, exFat, ext4, NTFS and ISO9660
  • analyze files with a remote antivirus
  • copy files on a new file system to a trusted USB device. Supported file systems are FAT, exFAT and NTFS
  • upload files to a remote server
  • make an image of a USB device
  • wipe a USB device

Applications

Applications built on top of usbsas:

  • Web client / server: This is the main application of usbsas, for deploying a secure USB to USB file transfer kiosk.
  • Fuse implementation: mount USB devices (read-only) with usbsas.
  • Python: usbsas can also be used with Python, a script that copies everything from a device to another is given as example.
R K

Recent Posts

Starship : Revolutionizing Terminal Experiences Across Shells

Starship is a powerful, minimal, and highly customizable cross-shell prompt designed to enhance the terminal…

7 hours ago

Lemmy : A Decentralized Link Aggregator And Forum For The Fediverse

Lemmy is an innovative, open-source platform designed for link aggregation and discussion, providing a decentralized…

7 hours ago

Massive UX Improvements, Custom Disassemblers, And MSVC Support In ImHex v1.37.0

The latest release of ImHex v1.37.0 introduces a host of exciting features and improvements, enhancing…

9 hours ago

Ghauri : A Powerful SQL Injection Detection And Exploitation Tool

Ghauri is a cutting-edge, cross-platform tool designed to automate the detection and exploitation of SQL…

11 hours ago

Writing Tools : Revolutionizing The Art Of Writing

Writing tools have become indispensable for individuals looking to enhance their writing efficiency, accuracy, and…

11 hours ago

PatchWerk : A Tool For Cleaning NTDLL Syscall Stubs

PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…

1 day ago