Fuzzing USB devices using Frisbee Lite
This paper will discuss the format of device requests that are sent to USB devices in order to hopefully provide an insight into areas where software flaws may exist. It will also discuss a number of public vulnerabilities in USB devices and finally, the installation and usage of Frisbee Lite.
Frisbee Lite has been developed as a simple fuzzer to test USB devices rather than USB hosts. It has been written in wxPython for the Windows platform, although only relatively minor changes would be required to port it to Unix-based platforms. It is a “dumb” fuzzer in that it requires the user to understand the types of USB request packets that are likely to trigger security flaws, but just running it with minimal knowledge of the USB protocols would have discovered the two USB bugs that were used to jailbreak various Apple products in recent years. Although no inherent “intelligence” has been designed into Frisbee Lite, it still provides powerful capabilities to identify software flaws and potential security vulnerabilities.
Published date:  29 August 2013