Project Description
USB devices can be dangerous to read directly from your PC. There are countless stories of PCs being infected (e-g: filesystem encrypted) because a USB device was read without first checking the USB content. But how do you check the device content without having a look at it first?!
If we could fire up a virtual machine on the PC that could read from the USB device first, we'd be able to protect our PC: if any malware ran on the device, it would only affect the virtual machine.
Goal for this Hackweek
Start up a virtual machine from the PC where the USB key is inserted to read from that USB key: - disable the USB port on the PC - enable PCI passthrough for this USB port to be read from the virtual machine - use QEMU + vfio to load the necessary driver/kernel modules in the virtual machine - read the USB key from the virtual machine - if time permits, automatically run the virtual machine as soon as a "USB inserted" event occurs.
Code
Resources
Looking for hackers with the skills:
This project is part of:
Hack Week 22
Comments
Be the first to comment!
Similar Projects
Model checking the BPF verifier by shunghsiyu
Project Description
BPF verifier plays a ...
Port NeuVector zero-trust security functions to host/VM by feih
Project Description
Today, NeuVector on...
Predefined app security policy template for NeuVector by feih
Project Description
Idea is to predefin...
mikrolite - a cli to create lighweight Kubernetes clusters using microvms by rcase
[comment]: # (Please use the project descriptio...
Plan 9 filesystem support in GRUB by ptesarik
[comment]: # (Please use the project descriptio...