How can I test for BadUSB vulnerability?
There are news that an unpatchable and unfixable USB firmware exploit is "out there".
This could seem unrelated to servers but since the affected hardware from Phison is not disclosed there is a possibility of devices that are connected to an internal network could be infected or potentially vulnerable. This could be the worst nightmare for a network & system administrator, an ICT consultant, etc.
Is there a way to check if a USB devices has the potential BadUSB vulnerability, so that USB devices can be "vetted by the IT departments"?
I've been researching the internet and since is hard to know if a device is vulnerable is better to be prepared at the other end of the USB socket and I found that actually there are some solutions:
For Windows:
There is a free program called G DATA USB Keyboard Guard which basically ask you to grant access when a new device is found:
G DATA has responded by developing USB KEYBOARD GUARD, an add-on that protects you from the most likely form of USB attack - USB devices pretending to be keyboards. If a new keyboard is detected by the system, access is initially denied and a pop-up is displayed. You can then check in your own time whether this really is a keyboard, and either grant or deny access permanently.
There is also a solution for Linux:
I completely agree that, as shipped, most computer systems will be susceptible to this attack, and assume that all of their attacks will work as advertised. What I don't agree with at all is their conclusion, which boils down that no effective defenses exist.
[...]
... you can easily turn off this automatic binding, at least on Linux, with one single command:
[root@optiplex ~]# echo 0 >/sys/bus/usb/drivers_autoprobe
Now, whenever you connect a USB device to your computer, it will not automatically connect...
... to manually bind this device, you first have to choose the appropriate USB configuration...
# echo 1 >/sys/bus/usb/devices/5-1/bConfigurationValue ...
(All dots[...] represent paragraphs edited out. Check the full article for more details)
Other solutions for Linux can be found here:
How to prevent BadUSB attacks on linux desktop
If you want to find more about BadUSB there is this article full of resources and links:
BadUSB News and Linkage