Is it possible that I can modulate and craft a RF signal that, once demodulated by a WiFi card and turned back into electrical signals or binary data, can trick the CPU into thinking it's a command coming from an HID device like a keyboard? I have only been asking this to AI's like ChatGPT to see if it is actually possible, but to be really sure, i also ask in sites like this one. I'm sorry if this is off topic
3
- 1\$\begingroup\$ There are a great many misconceptions underlying this question, I am afraid. While the overall, external form (some broadcast signal in, behavioral function out) might be reasonable enough, it's a uselessly high level to answer with any kind of meaning. Example: WiFi means a very specific protocol, meaning the computer in question must be set up to use such a scheme. But then what meaning are we to make of the "tricking"? Likewise an HID device; but you don't ask to emulate an HID device, merely send a "command" as if from one? It's oddly specific. \$\endgroup\$Tim Williams– Tim Williams2023-10-21 17:07:11 +00:00Commented Oct 21, 2023 at 17:07
- \$\begingroup\$ OT: Chatbots consisting of an AI do not know anything. You abuse them as a replacement of a web search engine. Never trust any answer, you need to double-check all statements. So, your question here is fine. Save the time to ask ChatGPT the next time you have a question.. \$\endgroup\$the busybee– the busybee2023-10-21 17:29:29 +00:00Commented Oct 21, 2023 at 17:29
- \$\begingroup\$ If it were a wireless keyboard, then what you propose might have some validity although not with WiFi - more like Bluetooth if the keyboard uses this. \$\endgroup\$Kartman– Kartman2023-10-22 13:29:46 +00:00Commented Oct 22, 2023 at 13:29
Add a comment |
2 Answers
\$\begingroup\$ \$\endgroup\$
Of course that is not possible.
The WiFi adapter cannot suddendly show itself as a USB controller with a HID device attached.
\$\begingroup\$ \$\endgroup\$
6 The ‘demodulated by the WiFi card’ implies that the attack has to come from the WiFi network. So yes it’s perfectly possible to create a signal (an IP connection) and do such a thing if the victim device has a vulnerability that allows manipulating the USB driver stack.
It’s also possible to cause a device upset with a powerful RF signal that could possibly put it in a vulnerable state.
On the other hand, since WiFi and HID (USB) are separated physically, it is unlikely that an RF signal could be crafted that would make its way back to the HID device and spoof it.
What would be more likely is for an unconnected serial console or keyboard port to be attacked directly.
Back to the more likely scenario: compromising the network.
It’s possible to ‘sniff’ the device’s RF signature to reveal what’s going on inside it, and use that to develop an exploit for deployment over the wireless IP network later. For example, console messages being spewed out to the dangling serial port could reveal information that can be used t develop an IP attack.
That ‘sniffing’ is the methodology of TEMPEST. Read more about TEMPEST here: https://www.nsa.gov/portals/75/documents/news-features/declassified-documents/cryptologic-spectrum/tempest.pdf
- 1\$\begingroup\$ Even if possible like with infinitesimally small propability, how would suddenly something coming from WiFi interface would be understood as USB HID command? They are not even remotely compatible, not even if it were USB WiFi adapter. \$\endgroup\$Justme– Justme2023-10-21 17:02:25 +00:00Commented Oct 21, 2023 at 17:02
- \$\begingroup\$ The USB driver can suffer an injection attack, the box could be rooted and a bogus USB stack installed… any number of possibilities. \$\endgroup\$hacktastical– hacktastical2023-10-21 17:04:40 +00:00Commented Oct 21, 2023 at 17:04
- \$\begingroup\$ Yes but assuming it is not made possible with software to begin with, unintentionally or intentionally, something weird received through WiFi cannot turn into HID message by itself. \$\endgroup\$Justme– Justme2023-10-21 17:07:41 +00:00Commented Oct 21, 2023 at 17:07
- \$\begingroup\$ Not directly, no. But that’s not a realistic case - the exposed IP port (wireless or not) is where the real vulnerabilities lie. As for ‘suddenly’, a properly crafted exploit could be installed in a matter of seconds. The device may even have shipped with a vulnerability. \$\endgroup\$hacktastical– hacktastical2023-10-21 17:16:23 +00:00Commented Oct 21, 2023 at 17:16
- 2\$\begingroup\$ If you suspect for example "a bogus USB stack installed", you don't need to spoof a WiFi signal. Then you can trigger the malicious effect with any other measure. Therefore, I think your answer opens more questions than it answers this one. \$\endgroup\$the busybee– the busybee2023-10-21 17:34:34 +00:00Commented Oct 21, 2023 at 17:34