Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compatibility with usbip-attached devices #171

Open
clintoncampbell opened this issue Aug 11, 2024 · 1 comment
Open

Compatibility with usbip-attached devices #171

clintoncampbell opened this issue Aug 11, 2024 · 1 comment
Labels
enhancement potential new feature help wanted help from community wanted and appreciated

Comments

@clintoncampbell
Copy link

After applying the patch in #144, I'm able to proxy a local device (Yubikey 5) successfully to the target machine. I'm testing whether Cynthion could be useful for establishing an over-the-network USB proxy, and so I've extended this test to try proxying the same device when attached via usbip. While the initial results seem positive, the test ultimately fails with the Yubikey and all other devices I've tried.

Here's an outline of the desired state:

  1. Yubikey attaches to RPi A via USB
  2. RPi A runs usbip bind and usbipd to advertise the device
  3. RPi B runs usbip attach to mount the device.
  4. RPi B connects to cynthion via control and runs usbproxy.py
  5. macOS device connects to cynthion via target C in order to consume the proxied device

I'm currently able to complete all steps without error and can see the proxied device listed on the USB bus from system info on macOS, but I don't get any other signs of life from the device at this point.

From a troubleshooting perspective, I've observed the following:

  • Running the same test with a USB keyboard provides similar results. The keyboard appears in the macOS device list, but it doesn't transmit any keystrokes.
  • Following steps 1-3 above, the Yubikey (and keyboard) work properly over the usbip link when tested from RPi B
  • Moving the Yubikey to connect directly on RPi B, I am able to run usbproxy.py and perform a successful authentication (and type with the keyboard) exactly as though it was attached directly to the Mac.

Assuming that this setup should work, I'm happy to provide any logs or additional details to aide with troubleshooting and replication. The objective in this case is to be able to test and demonstrate phishing resistant authentication flows against a variety of end-user devices that the members of my mostly remote team would like to centralize and access via web-based KVM. If we can get this working, I'm eager to get my hands on a few more Cynthions in order to centralize our pool of test devices.
@mossmann
Copy link
Member

We've had greatscottgadgets/facedancer#25 open for a long time with nobody working on it. I think we assumed that we would need a new Facedancer backend, but I guess it ought to be possible with usbip attach on the Facedancer control host. (A special backend would be nice for cross-platform support.)

Can you show us the Facedancer console output?

@straithe straithe added enhancement potential new feature help wanted help from community wanted and appreciated labels Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement potential new feature help wanted help from community wanted and appreciated
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mossmann @straithe @clintoncampbell